searchsecurity.techtarget.com Open in urlscan Pro
206.19.49.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.revue.email/mpss/c/6gA/ps1xAA/t.2nz/wJ8v_FmoTni5FxnfoGfxvg/h16/aWkXH8rlK1JlD3PKVTM-2BaDS8BC2X30wXNn3lWh-2Brc...
Effective URL:
https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20...
Submission: On January 04 via manual (January 4th 2019, 10:43:39 am UTC) from FR

Summary HTTP 158 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 34 domains to perform 158 HTTP transactions. The main IP is 206.19.49.153, located in United States and belongs to ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US. The main domain is searchsecurity.techtarget.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 1st 2017. Valid for: 2 years.

This is the only time searchsecurity.techtarget.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID - SendGrid)
1	206.19.49.153 206.19.49.153	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
17	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.20.14.210 52.20.14.210	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.204.36.156 54.204.36.156	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.83.23 147.75.83.23	54825 (PACKET) (PACKET - Packet Host)
1	206.19.49.139 206.19.49.139	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services)
1	54.230.202.128 54.230.202.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.192.94.27 54.192.94.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.81.98 147.75.81.98	54825 (PACKET) (PACKET - Packet Host)
1 19	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	185.33.223.200 185.33.223.200	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
10	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	107.23.87.2 107.23.87.2	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2	2a00:1450:400... 2a00:1450:4001:81f::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.231.50.10 54.231.50.10	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	198.47.127.32 198.47.127.32	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2	159.180.84.2 159.180.84.2	33047 (INSTART) (INSTART - Instart Logic)
1 2	104.109.83.115 104.109.83.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	206.19.49.191 206.19.49.191	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services)
1 1	206.19.49.186 206.19.49.186	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.205.43 147.75.205.43	54825 (PACKET) (PACKET - Packet Host)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	52.59.88.132 52.59.88.132	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.109.79.206 104.109.79.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.0.221.2 52.0.221.2	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY - Fastly)
1	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
1	3.122.36.177 3.122.36.177	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.22.232.46 52.22.232.46	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	35.156.14.155 35.156.14.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 6	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
2 2	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
158	53

1 167.89.118.52 (Denver, United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789118x52.outbound-mail.sendgrid.net

click.revue.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.153 (United States)

ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)
PTR: searchsites.techtarget.com

searchsecurity.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 163.171.132.119 (European Union)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

cdn.ttgtmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.14.210 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-14-210.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (European Union)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

cdn.ttgtmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.36.156 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-204-36-156.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.23 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-21

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.139 (United States)

ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)
PTR: media.techtarget.com

media.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.202.128 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-128.fra50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.94.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-27.fra2.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.81.98 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.16.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.200 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.87.2 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-87-2.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2006 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.50.10 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

sp-js-releases.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.32 (Redwood City, United States)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.180.84.2 (United States)

ASN33047 (INSTART - Instart Logic, Inc, US)

cdn.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.83.115 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-83-115.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.191 (United States)

ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)

users.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.186 (United States) 1 redirects

ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US)

go.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.43 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-31

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.88.132 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-88-132.eu-central-1.compute.amazonaws.com

consent.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.79.206 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-206.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.221.2 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-221-2.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.24 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

a248.e.akamai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.36.177 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-36-177.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.232.46 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-232-46.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.14.155 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-14-155.eu-central-1.compute.amazonaws.com

sourcepoint.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a05:f500:10:101::b93f:9105 (Ireland) 4 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

dc.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:109:c002::6cae:a0a (United States) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	285 KB
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	321 KB
18	ttgtmedia.com cdn.ttgtmedia.com	623 KB
12	pubmatic.com ads.pubmatic.com image6.pubmatic.com sshowads.pubmatic.com aktrack.pubmatic.com	35 KB
11	googletagservices.com www.googletagservices.com	142 KB
8	linkedin.com 6 redirects dc.ads.linkedin.com www.linkedin.com px.ads.linkedin.com	5 KB
8	techtarget.com 1 redirects searchsecurity.techtarget.com media.techtarget.com users.techtarget.com go.techtarget.com consent.techtarget.com	43 KB
6	facebook.com www.facebook.com	591 B
6	google-analytics.com www.google-analytics.com	18 KB
5	google.com adservice.google.com www.google.com	566 B
5	google.de adservice.google.de www.google.de	742 B
5	dpmsrv.com a.dpmsrv.com s.dpmsrv.com	52 KB
4	adnxs.com 3 redirects ib.adnxs.com	5 KB
4	optimizely.com cdn.optimizely.com cdn3.optimizely.com errors.client.optimizely.com	123 KB
3	facebook.net connect.facebook.net	102 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	82 KB
2	consensu.org sourcepoint.mgr.consensu.org	4 KB
2	bluekai.com 1 redirects stags.bluekai.com tags.bluekai.com	1 KB
2	digitru.st cdn.digitru.st	21 KB
2	2mdn.net s0.2mdn.net	39 KB
1	licdn.com snap.licdn.com	5 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	summerhamster.com www.summerhamster.com	181 B
1	nr-data.net bam.nr-data.net	261 B
1	akamai.net a248.e.akamai.net	14 KB
1	newrelic.com js-agent.newrelic.com	9 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	amazonaws.com sp-js-releases.s3.amazonaws.com	42 KB
1	rlcdn.com idsync.rlcdn.com	34 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	562 B
1	ipify.org api.ipify.org	269 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	revue.email 1 redirects click.revue.email	418 B
158	34

	Domain	Requested by
18	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com searchsecurity.techtarget.com securepubads.g.doubleclick.net
18	cdn.ttgtmedia.com	searchsecurity.techtarget.com ajax.googleapis.com pagead2.googlesyndication.com media.techtarget.com cdn.ttgtmedia.com
13	pagead2.googlesyndication.com	searchsecurity.techtarget.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
11	www.googletagservices.com	cdn.ttgtmedia.com securepubads.g.doubleclick.net www.googletagservices.com s0.2mdn.net sshowads.pubmatic.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net searchsecurity.techtarget.com tpc.googlesyndication.com
6	www.facebook.com	connect.facebook.net
6	ads.pubmatic.com	securepubads.g.doubleclick.net ads.pubmatic.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com searchsecurity.techtarget.com
4	px.ads.linkedin.com	2 redirects
4	consent.techtarget.com	searchsecurity.techtarget.com cdn.ttgtmedia.com
4	www.google.com	searchsecurity.techtarget.com
4	ib.adnxs.com	3 redirects
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
4	a.dpmsrv.com	ajax.googleapis.com searchsecurity.techtarget.com s.dpmsrv.com
3	connect.facebook.net	searchsecurity.techtarget.com connect.facebook.net
3	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
2	www.linkedin.com	2 redirects
2	dc.ads.linkedin.com	2 redirects
2	sourcepoint.mgr.consensu.org	searchsecurity.techtarget.com
2	errors.client.optimizely.com	searchsecurity.techtarget.com
2	www.google.de	searchsecurity.techtarget.com
2	aktrack.pubmatic.com	searchsecurity.techtarget.com
2	cdn.digitru.st	ads.pubmatic.com
2	sshowads.pubmatic.com	ads.pubmatic.com
2	s0.2mdn.net	searchsecurity.techtarget.com s0.2mdn.net
2	image6.pubmatic.com	ads.pubmatic.com
2	ad.doubleclick.net	www.googletagservices.com searchsecurity.techtarget.com
2	stats.g.doubleclick.net	searchsecurity.techtarget.com
1	ade.googlesyndication.com
1	snap.licdn.com	searchsecurity.techtarget.com
1	ping.chartbeat.net
1	www.summerhamster.com
1	bam.nr-data.net	js-agent.newrelic.com
1	a248.e.akamai.net	searchsecurity.techtarget.com
1	js-agent.newrelic.com	searchsecurity.techtarget.com
1	cdn3.optimizely.com	cdn.ttgtmedia.com
1	vars.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	go.techtarget.com	1 redirects
1	users.techtarget.com	ajax.googleapis.com
1	tags.bluekai.com	searchsecurity.techtarget.com
1	stags.bluekai.com	1 redirects
1	googleads4.g.doubleclick.net	searchsecurity.techtarget.com
1	sp-js-releases.s3.amazonaws.com	media.techtarget.com
1	idsync.rlcdn.com	searchsecurity.techtarget.com
1	cm.g.doubleclick.net	1 redirects
1	script.hotjar.com	static.hotjar.com
1	dnn506yrbagrg.cloudfront.net	searchsecurity.techtarget.com
1	s.dpmsrv.com	searchsecurity.techtarget.com
1	media.techtarget.com	www.googletagmanager.com
1	static.hotjar.com	searchsecurity.techtarget.com
1	api.ipify.org	searchsecurity.techtarget.com
1	adservice.google.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	searchsecurity.techtarget.com
1	cdn.optimizely.com	searchsecurity.techtarget.com
1	ajax.googleapis.com	searchsecurity.techtarget.com
1	searchsecurity.techtarget.com
1	click.revue.email	1 redirects
158	58

This site contains links to these domains. Also see Links.

Domain
www.techtarget.com
users.techtarget.com
whatis.techtarget.com
plus.google.com
www.facebook.com
twitter.com
www.linkedin.com
api.addthis.com
resources.malwarebytes.com
searchcloudcomputing.techtarget.com
www.computerweekly.com
www.google.com
searchcloudsecurity.techtarget.com
searchnetworking.techtarget.com
searchcio.techtarget.com
searchenterprisedesktop.techtarget.com
reprints.ygsgroup.com

Subject Issuer	Validity	Valid
*.techtarget.com COMODO RSA Domain Validation Secure Server CA	`2017-11-01` - `2019-11-16`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
ssl.cdngc.net DigiCert SHA2 High Assurance Server CA	`2018-09-14` - `2020-04-21`	2 years	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-23`	a year	crt.sh
*.dpmsrv.com Amazon	`2018-06-12` - `2019-07-12`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2018-12-13` - `2020-03-13`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
cdn.digitru.st DigiCert SHA2 Secure Server CA	`2018-05-17` - `2019-05-22`	a year	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
consent.techtarget.com Let's Encrypt Authority X3	`2018-11-14` - `2019-02-12`	3 months	crt.sh
*.optimizely.com DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-23`	a year	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-06` - `2019-04-14`	4 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2018-12-17` - `2019-03-17`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
*.sourcepoint.mgr.consensu.org Let's Encrypt Authority X3	`2018-11-09` - `2019-02-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2016-02-16` - `2019-04-17`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh

This page contains 22 frames:

Primary Page: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Frame ID: 2FFBCA4DDA95FD00FB78A5D0218634A7
Requests: 89 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: B4284D0514FF61CBFF4CC85F74EFA2F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html
Frame ID: E1DA3E6F5D19511D0CEE45B2C74A2EA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6050985421795229&output=html&h=90&slotname=8728364240&adk=160880208&adf=3884341496&w=1200&fwrn=4&fwrnh=100&lmt=1546598599&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1546598598357&bpp=66&bdt=284&fdt=728&idt=726&shv=r20181205&cbv=r20180604&saldr=aa&abxe=1&correlator=2817806031786&frm=20&pv=2&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&ga_fc=0&iag=0&icsg=8724316192&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=5432&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&jar=2019-01-04-10&osw_key=420287051&ifi=1&uci=1.e4skzhg25lz6&fsb=1&xpc=bXT7w068N6&p=https%3A//searchsecurity.techtarget.com&dtd=750
Frame ID: 7EF5B2BB18D07AE03A435634F42A7EA9
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2AF8652F2E6E6EF7F18010395D8EAA27
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C60AE9F7B128B71E7AD08A8C2B9043A8
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 87CC138675DB584A54D87A35C90AF274
Requests: 15 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: DA8FF3DEEF902B1AB5BE7223B1F53826
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/6uQTKQJz.html
Frame ID: 74F9D696DCF156471054D767E6EC1B5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2168CFD8E51CCC1740B6020B03B81D41
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1013C4AA7D6D91E7BCE298D1B16C6158
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/5809340/1541776689900/GLBL-DEU_nb-06_0_300x600_BAN-A_HTML5_TOFU-no-SDWAN-Anthem-NB_0_4/index.html
Frame ID: 2ADDACCDB02DF55405862A3A55AA6528
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B492453D442000B91F665D9B65398B5A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7C4F1D413B43389EAE56420B778A829B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: F76ECDF49A1807120F86E3B1B75BADF6
Requests: 6 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=82040&siteId=82696&adId=241699&adType=3&adServerId=1067&kefact=1.500000&kaxefact=1.500000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1546598599&indirectAdId=563271&adServerOptimizerId=1&ranreq=0.8658397066124859&kpbmtpfact=0.000000&dcId=3&tldId=34170518&passback=3&svr=ADS22421&ekefact=xzgvXK2_CgBJYtpOHsX_ok8vrZLrKo6rjWLprMs2bBSMv_jM&ekaxefact=xzgvXLy_CgD9QGGTmPlSfKej3JIXL0kWQyJrTmJsREDWVV41&ekpbmtpfact=xzgvXMm_CgCQE4f7kD3DJ6ONBcosXE5Vs44lMTBzsc1yX7LK&crID=0&campaignId=0&isRTB=0&imprId=5A92C070-94BE-461D-8E6D-DB5287D18662&oid=5A92C070-94BE-461D-8E6D-DB5287D18662&cntryId=58&domain=searchsecurity.techtarget.com&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&sec=1
Frame ID: 0FB7942A92A132FE8DFAD0DDC923A086
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 6C2CBE4717D7EC6997FE901C1694AACF
Requests: 6 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=82040&siteId=82696&adId=241772&adType=3&adServerId=1067&kefact=1.500000&kaxefact=1.500000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1546598599&indirectAdId=563273&adServerOptimizerId=1&ranreq=0.3432646485343025&kpbmtpfact=0.000000&dcId=3&tldId=34170518&passback=3&svr=MADS22101&ekefact=xzgvXAqdDACbNHVF4iLVLN_cAz4jDpjhT20jWuBy7uiiSiOC&ekaxefact=xzgvXCOdDADe87Gj2XAWUd03rn0yJ7dprYfjXTT8TK6X7m4e&ekpbmtpfact=xzgvXDSdDABfyN7ltwcfzfXIP_bq8bDdNf-YxMRzc8XX-ulh&crID=0&campaignId=0&isRTB=0&imprId=25FC7FDE-FCE8-470E-9D4E-00009B2D428D&oid=25FC7FDE-FCE8-470E-9D4E-00009B2D428D&cntryId=58&domain=searchsecurity.techtarget.com&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&sec=1
Frame ID: 8109D744237542F99E2BA54CB6315913
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: DCA7FFD597B7CEEE06DEF2C78F92DBC0
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1546598603121
Frame ID: 7A1BAD8C1AD46118601769879FDE90EF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CF9AD9E890ABF494B785A39602CB42A6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 84E758AA562DF9EF8D84A5B627C4C292
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.revue.email/mpss/c/6gA/ps1xAA/t.2nz/wJ8v_FmoTni5FxnfoGfxvg/h16/aWkXH8rlK1JlD3PKVTM-2BaDS... HTTP 302
https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?ut... Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^CE2$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Hammer$/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^moment$/i

New Relic (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^NREUM/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

158
Requests

100 %
HTTPS

34 %
IPv6

34
Domains

58
Subdomains

53
IPs

7
Countries

2041 kB
Transfer

6416 kB
Size

12
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techtarget.com/cookie-policy/?utm_source=cmp&utm_medium=banner&utm_campaign=consent&utm_term=cookie
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/privacy-policy-may25/?utm_source=cmp&utm_medium=banner&utm_campaign=consent&utm_term=privacy
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://users.techtarget.com/registration/searchSecurity/LoginRegister.page?fromURL=https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Title: Sign-up now. Start my free, unlimited access.

Search URL Search Domain Scan URL

URL: https://users.techtarget.com/registration/searchSecurity/Register.page
Title: Register

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/network
Title: Techtarget Network

Search URL Search Domain Scan URL

URL: https://whatis.techtarget.com/resources/Buyers-Guides
Title: Buyer's Guides

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/109997383634649408123

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SearchSecuritycom/178802708831989

Search URL Search Domain Scan URL

URL: https://twitter.com/searchsecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3084615?trk=tyah

Search URL Search Domain Scan URL

URL: https://api.addthis.com/oexchange/0.8/forward/email/offer?pubid=uxtechtarget&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&title=Malwarebytes%3A+Fileless+ransomware+an+emerging+threat+for+U.S.&email_template=TechTargetSearchSites&ct=1

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/contributor/Casey-Clark
Title: Casey Clark

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/files/2018/12/Malwarebytes-Labs-Under-The-Radar-US.pdf
Title: report stated

Search URL Search Domain Scan URL

URL: https://whatis.techtarget.com/definition/fileless-infection-fileless-malware
Title: fileless malware

Search URL Search Domain Scan URL

URL: https://searchcloudcomputing.techtarget.com/PaaS/Moving-to-PaaS-Security-Options-to-Look-For-in-a-Public-Kubernetes-Service
Title: Moving to PaaS: Security Options to Look For in a Public Kubernetes Service

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/news/252453986/Fileless-malware-surge-warns-Malwarebytes-report
Title: Fileless malware surge, warns Malwarebytes report

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/privacy-policy-may25/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/privacy-partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.google.com/adsense/support/bin/request.py?contact=abg_afc
Title: -ADS BY GOOGLE

Search URL Search Domain Scan URL

URL: https://searchcloudsecurity.techtarget.com/
Title: SearchCloudSecurity

Search URL Search Domain Scan URL

URL: https://searchcloudsecurity.techtarget.com/tip/The-pros-and-cons-of-proxy-based-security-in-the-cloud
Title: The pros and cons of proxy-based security in the cloud

Search URL Search Domain Scan URL

URL: https://searchcloudsecurity.techtarget.com/tip/How-to-apply-cloud-security-controls-in-the-network
Title: How to apply cloud security controls in the network

Search URL Search Domain Scan URL

URL: https://searchcloudsecurity.techtarget.com/tip/The-benefits-of-using-a-cloud-honeypot-for-threat-intelligence
Title: The benefits of using a cloud honeypot for threat intelligence

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/
Title: SearchNetworking

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/tip/Network-security-SD-WAN-suppliers-revamp-branch-security
Title: Network security, SD-WAN suppliers revamp branch security

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/tip/Telecom-trends-2019-Time-for-operator-5G-and-IoT-decisions
Title: Telecom trends 2019: Time for operator 5G and IoT decisions

Search URL Search Domain Scan URL

URL: https://searchnetworking.techtarget.com/opinion/6-emerging-trends-in-wireless-networking-technology-for-2019
Title: 6 emerging trends in wireless networking technology for 2019

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/
Title: SearchCIO

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/news/252455166/Top-drivers-of-digital-transformation-projects-have-inward-focus
Title: Top drivers of digital transformation projects have inward focus

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/feature/Learning-from-2018-cybersecurity-incidents-Perform-due-diligence
Title: Learning from 2018 cybersecurity incidents: Perform due diligence

Search URL Search Domain Scan URL

URL: https://searchcio.techtarget.com/feature/5-cloud-computing-predictions-trends-for-2019
Title: 5 cloud computing predictions, trends for 2019

Search URL Search Domain Scan URL

URL: https://searchenterprisedesktop.techtarget.com/
Title: SearchEnterpriseDesktop

Search URL Search Domain Scan URL

URL: https://searchenterprisedesktop.techtarget.com/quiz/Test-your-phishing-security-knowledge-with-this-quiz
Title: Test your phishing security knowledge with this quiz

Search URL Search Domain Scan URL

URL: https://searchenterprisedesktop.techtarget.com/feature/Windows-10-desktop-management-holiday-wish-list
Title: Windows 10 desktop management holiday wish list

Search URL Search Domain Scan URL

URL: https://searchenterprisedesktop.techtarget.com/tip/How-to-manage-Windows-10-device-drivers
Title: How to manage Windows 10 device drivers

Search URL Search Domain Scan URL

URL: https://searchcloudcomputing.techtarget.com/
Title: SearchCloudComputing

Search URL Search Domain Scan URL

URL: https://searchcloudcomputing.techtarget.com/opinion/Its-time-to-rethink-app-migration-strategies-for-cloud
Title: It's time to rethink app migration strategies for cloud

Search URL Search Domain Scan URL

URL: https://searchcloudcomputing.techtarget.com/feature/Cloud-predictions-for-2019-hone-in-on-containers-IT-skills
Title: Cloud predictions for 2019 hone in on containers, IT skills

Search URL Search Domain Scan URL

URL: https://searchcloudcomputing.techtarget.com/tip/Build-and-share-code-via-Azure-Notebooks
Title: Build and share code via Azure Notebooks

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/
Title: ComputerWeekly.com

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/news/252455274/ANZ-businesses-prefer-hybrid-cloud
Title: ANZ businesses prefer hybrid cloud

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/news/252455207/MA-in-action-How-Majestic-Wine-paired-with-Naked-Wines-to-fuel-cloud-led-digital-transformation
Title: M&A in action: How Majestic Wine paired with Naked Wines to fuel cloud-led digital transformation

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/ehandbook/Top-10-business-applications-stories-of-2018
Title: Top 10 business applications stories of 2018

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/solutions/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://www.techtarget.com/
Title: Corporate Site

Search URL Search Domain Scan URL

URL: http://reprints.ygsgroup.com/m/techtarget
Title: Reprints

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.revue.email/mpss/c/6gA/ps1xAA/t.2nz/wJ8v_FmoTni5FxnfoGfxvg/h16/aWkXH8rlK1JlD3PKVTM-2BaDS8BC2X30wXNn3lWh-2BrcbVAtmBD2oVzhFWc-2BQ88rcdr7QYH1tV3HQxMTg6YLhzdxfzyME-2FjS9q2xEa1tItmLSjtNeeWLGIHOsaeeMsYxxrxajupxCj7ifw-2FHkgIPfdzN1CkRVdqKxqWpUHdZv8tiiR9Wy9KzzjuSFBS396VswhikK6fnzpy3igsSjh5H6okILWB-2F4OhwT4eIf3xwD8hn4AJTstrYmZ96nbttWNJ8QNyIiBsC3CVG4ng1dRsPZs9fw-3D-3D HTTP 302
https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&sw%3D252455018https%253A%252F%252Fsearchsecurity.techtarget.com%252Fnews%252F252455018%252FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%253Futm_campaign%253DWeekly%252520Newsletter%252520of%252520CERT-SSG%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter%26q%3DxImp%26v%3D1.x%26cl%3D68%26pixelIndex%3D0%26r%3D949405%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fsearchsecurity.techtarget.com%252Fnews%252F252455018%252FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%253Futm_campaign%253DWeekly%252520Newsletter%252520of%252520CERT-SSG%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter&_=1546598599155 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26sw%253D252455018https%25253A%25252F%25252Fsearchsecurity.techtarget.com%25252Fnews%25252F252455018%25252FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%25253Futm_campaign%25253DWeekly%25252520Newsletter%25252520of%25252520CERT-SSG%252526utm_medium%25253Demail%252526utm_source%25253DRevue%25252520newsletter%2526q%253DxImp%2526v%253D1.x%2526cl%253D68%2526pixelIndex%253D0%2526r%253D949405%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fsearchsecurity.techtarget.com%25252Fnews%25252F252455018%25252FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%25253Futm_campaign%25253DWeekly%25252520Newsletter%25252520of%25252520CERT-SSG%252526utm_medium%25253Demail%252526utm_source%25253DRevue%25252520newsletter%26_%3D1546598599155 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1998507995125339361&sw=252455018https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&q=xImp&v=1.x&cl=68&pixelIndex=0&r=949405&tzOffset=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&_=1546598599155

Request Chain 48

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTJKMZzh8DRrC6Exnq8kbiG1zCKMva_97hVguqkJhOB_NfyDS-Q8P6tLEZzw93TZzeNM_gHLLrYlFAX9Gm7ArewzETvcn0Ffjb13qAwV5LIRQItO2dIihMOhePUtWJoU7DKA3NORWrAel7xy0hJbquGgzvXqPy5DQu1xBs83bwBVXcNPlEEFr4ZzzlVyJhFWL3T4NmQ-8AHQKYVZzskVLjTxjijiMLVvvb8uwZXBLicZuTXkkXkLj52CfKK-ueg9a0pK33oaI8S-kz25ajGxTRemg&sai=AMfl-YQ93cj1S-IBAfJtoY2RtCs72HSYSLD5hOyBu-l53NMQHi0FwNSGHvT8cWtpQl9XAKHwk8KvWknJWoIiIuZCi9ryw-F7BZcE7Yo2GJdSzg&sig=Cg0ArKJSzMu309_QQQjJEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDT-6DAfBABGAEyCOgqAsspsvMN HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDT-6DAfBABGAEyCOgqAsspsvMN

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156&google_gid=CAESENLyZ9_AdFZIa6nVMSzknAo&google_cver=1

Request Chain 76

https://stags.bluekai.com/site/27119?phint=event%3Dimp&phint=aid%3D5809340&phint=pid%3D233733618&phint=cid%3D21952995&phint=crid%3D108516244 HTTP 302
https://tags.bluekai.com/site/27119?dt=0&r=1702885364&sig=330965018&bkca=KJyN0eWmQY9191eUbWhoiIlQ8AK1ALQQSxphdj3vT865oqR8lfZt9j50tZQIS2k4LyHaYFl1n0Jmi9ZAfdR+vW5PdFw0Cu91vH/2gg9K89==

Request Chain 117

https://go.techtarget.com/clicktrack-r/activity/activity.gif?activityTypeId=16&t=299978&t2=299926&t3=2240163309&a=2019-01-04%2005:43:17&g=252455018&c=normal&r=805106 HTTP 302
https://cdn.ttgtmedia.com/images/spacer.gif

Request Chain 149

https://ib.adnxs.com/seg?member=827&add=2378844,7838491,7838492,7838563,7844583,7844585,7844587,8380284,2609968,2365326,2433138,1010674,2053107,5648811,565952,10856540,11527225,1624243,14793258,12013010 HTTP 302
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C2433138%2C1010674%2C2053107%2C5648811%2C565952%2C10856540%2C11527225%2C1624243%2C14793258%2C12013010

Request Chain 150

https://dc.ads.linkedin.com/collect/?pid=228428&fmt=gif HTTP 302
https://dc.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D228428%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true&liSync=true

Request Chain 152

https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1546598607821%26pid%3D38436%26url%3Dhttps%253A%252F%252Fsearchsecurity.techtarget.com%252Fnews%252F252455018%252FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%253Futm_campaign%253DWeekly%252520Newsletter%252520of%252520CERT-SSG%2526utm_medium%253Demail%2526utm_source%253DRevue%252520newsletter%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&fmt=js&s=1&cookiesTest=true&liSync=true

158 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US Show response
searchsecurity.techtarget.com/news/252455018/
Redirect Chain

http://click.revue.email/mpss/c/6gA/ps1xAA/t.2nz/wJ8v_FmoTni5FxnfoGfxvg/h16/aWkXH8rlK1JlD3PKVTM-2BaDS8BC2X30wXNn3lWh-2BrcbVAtmBD2oVzhFWc-2BQ88rcdr7QYH1tV3HQxMTg6YLhzdxfzyME-2FjS9q2xEa1tItmLSjtNeeWL...
https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20...

85 KB
34 KB

1464ms
766ms

Document
text/html

206.19.49.153
AT&T Enhanced Net...

General

Check archive.org

Show headers Download Go to

Full URL

https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

206.19.49.153 , United States, ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),

Reverse DNS

searchsites.techtarget.com

Software

Resource Hash

b5d523812cbf25a9ac4b51fdb6a45296e0e6dd5648854e8ea6974572296d46d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: searchsecurity.techtarget.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:17 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Content-Language: en
Set-Cookie: JSESSIONID=8D93A8535049A4475C578F65F7248D92; Path=/; HttpOnly tt_src="Revue newsletter"; Version=1; Domain=.techtarget.com; Path=/ cc=1; Path=/ f5_cspm=1234; TS017b6b21=012c664659cf0165f903da7644df2d018a840733bf940e4d904763005530bf3d3918b0a6975c3d9452487ceaa28b87a35a0959e977e16eb71f5a37c2c4449e7d99ff9d4cf804b1a2702ff4cc2d7348bfc1531652f2a4b17dac89d8d50a629430c4069e6a7f; Path=/; Secure; HTTPOnly TS01ba0046=012c664659a8d33dbb959fe4fc9be1c10dd5d688ff940e4d904763005530bf3d3918b0a6970ff2a50992c64176382af90d60ed11ff6d89fe769f28fb013118b27f3ff0ebc1; path=/; domain=.techtarget.com; HTTPonly; Secure
Cache-Control: max-age=600
Expires: Fri, 04 Jan 2019 10:53:17 GMT
P3P: CP="CAO DSP COR NID CURa ADMa TAIa IVAo IVDo CONo TELo OTPo OUR IND PHY ONL UNI NAV DEM"
Keep-Alive: timeout=5
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Server: nginx
Date: Fri, 04 Jan 2019 10:43:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
X-Robots-Tag: noindex, nofollow

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Dec 2018 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225407
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 32954
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 06:19:51 GMT

GET
H/1.1 200
OK main.css
cdn.ttgtmedia.com/rms/ux/responsive/css/ 849 KB
170 KB 80ms
12ms Stylesheet
text/css 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 120bc63b8c45438fc8d5c1d0fee99a253d86a8d87b073f418cc158633694872e

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 02 Jan 2019 20:58:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 20:40:07 GMT
Server: PWS/8.3.1.0.8
Age: 135874
Transfer-Encoding: chunked
Content-Type: text/css
Via: 1.1 PSmgnyNY2er187:7 (W), 1.1 VMfgblPAR1tl41:3 (W), 1.1 PSdgflkfFRA2lp71:3 (W)
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2lp71
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 09 Jan 2019 20:58:44 GMT

GET
H/1.1 200
OK responsive.min.js Show response
cdn.ttgtmedia.com/rms/ux/responsive/js/ 111 KB
44 KB 77ms
9ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.24
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 0b0a05eb8a20a29379eae6880f4a60577364834efaef822d2342b85877c5cf94

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 02 Jan 2019 20:58:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 20:38:43 GMT
Server: PWS/8.3.1.0.8
Age: 135874
Transfer-Encoding: chunked
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2er187:7 (W), 1.1 VMfgblPAR1wa59:3 (W), 1.1 PSdgflkfFRA2so76:5 (W)
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2so76
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 09 Jan 2019 20:58:44 GMT

GET
H2 200 148927072.js Show response
cdn.optimizely.com/js/ 447 KB
121 KB 80ms
28ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/148927072.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691fc5c88fe70d5d8ad951d53abdb8169516d14f9334a3974d57e776cbcaf6e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 32z3aGmgP614UkvlVir6bUgZR2daKao2
content-encoding: gzip
x-amz-request-id: 80F6E288A6633A2E
status: 200
access-control-max-age: 86400
date: Fri, 04 Jan 2019 10:43:18 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="8";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 123322
x-amz-id-2: QwX7XiK6z5AjMaH5vDOqRcnzmI9I/hMw/faqBEa3k1TM+SH9qpmP2gUHuZRNGcziGd9CsUFtAeQ=
last-modified: Thu, 03 Jan 2019 20:28:12 GMT
server: AmazonS3
etag: "5b575fbd6929fc5191f24d4ae693de48"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 30564
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK nav_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 850 B
1 KB 177ms
109ms Image
image/png 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/nav_logo.png
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 089aca69c964aa0d24bd619f1182ff5a5f2dc40f5a5e19d738b1f00c8bee4177

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:49:45 GMT
Via: 1.1 PSmgnyNY2er187:2 (W), 1.1 VMygldLON2tx53:0 (W), 1.1 PSdgflkfFRA2gb73:9 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:51 GMT
Server: PWS/8.3.1.0.8
Age: 50013
Content-Type: image/png
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2gb73
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 850
Expires: Thu, 10 Jan 2019 20:49:45 GMT

GET
H/1.1 200
OK cloudcomputing_article_014.jpg
cdn.ttgtmedia.com/visuals/searchCloudComputing/security/ 62 KB
62 KB 77ms
10ms Image
image/jpeg 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/visuals/searchCloudComputing/security/cloudcomputing_article_014.jpg
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 571d50e822ce6770d1e63b8bb1ae0cfdfdcf78107ab875565c0a8cc68feae52b

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 08:51:48 GMT
Via: 1.1 PSmgnyNY2er187:0 (W), 1.1 VMfgblPAR1wa59:3 (W), 1.1 PSdgflkfFRA2mu72:8 (W)
Last-Modified: Tue, 01 May 2018 14:38:05 GMT
Server: PWS/8.3.1.0.8
Age: 93090
Content-Type: image/jpeg
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63036
Expires: Thu, 10 Jan 2019 08:51:48 GMT

GET
H/1.1 200
OK clark_casey.jpg
cdn.ttgtmedia.com/rms/onlineImages/ 5 KB
6 KB 10ms
10ms Image
image/jpeg 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/onlineImages/clark_casey.jpg
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1193901b4de9a38ac03222bcd4f945773e2b147601d0806f95abc26f13a8c726

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 07:49:42 GMT
Via: 1.1 PSmgnyNY2er187:3 (W), 1.1 VMfgblPAR1wa59:3 (W), 1.1 PSdgflkfFRA2mu72:11 (W)
Last-Modified: Tue, 01 May 2018 21:59:55 GMT
Server: PWS/8.3.1.0.8
Age: 10416
Content-Type: image/jpeg
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5598
Expires: Fri, 11 Jan 2019 07:49:42 GMT

GET
H/1.1 200
OK ttCmpApi.min.js Show response
cdn.ttgtmedia.com/cmp/ 2 KB
2 KB 110ms
109ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/ttCmpApi.min.js?_=1546598598104
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 9465d5f89c411d83b7e7f73d1770a327062c9ee121a823d6183b1d3392352801

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 16:31:36 GMT
Server: PWS/8.3.1.0.8
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2no188:1 (W), 1.1 VMygldLON2ct41:6 (W), 1.1 PSdgflkfFRA2so76:15 (W)
Cache-Control: max-age=604800
X-Px: ms PSdgflkfFRA2so76,ms VMygldLON2ct41,ms PSmgnyNY2no188(origin)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1338
Expires: Fri, 11 Jan 2019 10:43:18 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 21 B
647 B 479ms
110ms Script
text/javascript 52.20.14.210
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSegList&cl=68&_=1546598598105
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.14.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-14-210.compute-1.amazonaws.com
Software: /
Resource Hash: 35ef9ac2d40057982eda09d60724c474cd8c211a24e682d310b68cc47edd9f7d

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 47
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
37 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

948cb0878cdcdc43dd5cdb18be3143440067b7c98a4241eefcef5beccdfea1f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 37682
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:18 GMT

GET
H/1.1 200
OK default_avatar.gif
cdn.ttgtmedia.com/ITKE/images/ 885 B
1 KB 10ms
9ms Image
image/gif 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/ITKE/images/default_avatar.gif
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 0ddab4a499baf8917710dd9018d2fbb3acfd1a53812f015de78002b2f625edcc

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:31:57 GMT
Via: 1.1 PSmgnyNY2no188:9 (W), 1.1 ml64:7 (W), 1.1 PSdgflkfFRA2mu72:15 (W)
Last-Modified: Wed, 07 Aug 2013 18:54:06 GMT
Server: PWS/8.3.1.0.8
Age: 51081
Content-Type: image/gif
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 885
Expires: Thu, 10 Jan 2019 20:31:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 75 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e51b0c9757550b77ba2ad700cf8762c14c22fa41713a2f157be4b9a911353659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28223
x-xss-protection: 1; mode=block
server: cafe
etag: 14547531099785892568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 10:43:18 GMT

GET
H/1.1 200
OK responsive-ui.min.js Show response
cdn.ttgtmedia.com/rms/ux/responsive/js/ 591 KB
188 KB 133ms
133ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive-ui.min.js?v=7.24
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 45765c81a6dab849e569ec37d9d2d2306f065f5a6d9c6e9f614ca161364b3673

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 02 Jan 2019 20:58:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 20:38:41 GMT
Server: PWS/8.3.1.0.8
Age: 135873
Transfer-Encoding: chunked
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2er187:7 (W), 1.1 VMfgblPAR1wa59:0 (W), 1.1 PSdgflkfFRA2gb73:1 (W)
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2gb73
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 09 Jan 2019 20:58:45 GMT

GET
H/1.1 200
OK border_diagonal.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 108 B
520 B 9ms
9ms Image
image/png 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/border_diagonal.png
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 68f4a6009b77ef6b5cc867f57d0095ff7db697d95821fc747e5dae6cecdf79b9

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:49:47 GMT
Via: 1.1 PSmgnyNY2er187:5 (W), 1.1 VMfgblPAR1wa59:3 (W), 1.1 PSdgflkfFRA2po75:0 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:50 GMT
Server: PWS/8.3.1.0.8
Age: 50011
Content-Type: image/png
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2po75
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108
Expires: Thu, 10 Jan 2019 20:49:47 GMT

GET
H/1.1 200
OK TechTarget-Icon.woff
cdn.ttgtmedia.com/rms/ux/responsive/fonts/ 32 KB
32 KB 79ms
12ms Font
application/x-woff 163.171.128.148
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/fonts/TechTarget-Icon.woff
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: c275f7e66caa9f1b97b48543efa01929121cec4fd0ff47fc1f84a2b7a78edc2d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
Origin: https://searchsecurity.techtarget.com

Response headers

Date: Thu, 03 Jan 2019 20:49:40 GMT
Via: 1.1 PSmgnyNY2no188:7 (W), 1.1 VMfgblPAR1tl41:6 (W), 1.1 PSdgflkfFRA1yq93:11 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:30 GMT
Server: PWS/8.3.1.0.8
Age: 50018
Content-Type: application/x-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA1yq93
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32332
Expires: Thu, 10 Jan 2019 20:49:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=searchsecurity.techtarget.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 122 B
189 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=searchsecurity.techtarget.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c4935e2029ddd59a64c81aae8587289b762e8bcf283dee0d88c1e30f62715b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 119
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ 200 KB
74 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

89a5d1fe07ea14ef0266b81df043545368fe9d363c90bb520bfdb1e34e276a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75629
x-xss-protection: 1; mode=block
server: cafe
etag: 897670129480175801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 10:43:18 GMT

GET
H/1.1 200
OK footer_logo.png
cdn.ttgtmedia.com/rms/ux/responsive/img/ 2 KB
2 KB 10ms
9ms Image
image/png 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/footer_logo.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 9805cd8364c8039be102b2a24b2095eeed846301e212b5b40b3fa2e659d80eba

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:51:10 GMT
Via: 1.1 PSmgnyNY2no188:7 (W), 1.1 VMfgblPAR1xo50:0 (W), 1.1 PSdgflkfFRA2mu72:12 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:55 GMT
Server: PWS/8.3.1.0.8
Age: 49928
Content-Type: image/png
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2141
Expires: Thu, 10 Jan 2019 20:51:10 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame B428 200 KB
74 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

89a5d1fe07ea14ef0266b81df043545368fe9d363c90bb520bfdb1e34e276a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 75629
x-xss-protection: 1; mode=block
server: cafe
etag: 897670129480175801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 10:43:18 GMT

GET
H2 200 ca-pub-6050985421795229.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
236 B 9ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-6050985421795229.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 02:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Jan 2019 22:21:27 GMT
server: sffe
age: 31322
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 14:01:16 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/ Frame E1DA 0
0 8ms
6ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181205/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 03 Jan 2019 09:48:30 GMT
expires: Thu, 17 Jan 2019 09:48:30 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 89688
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK / Show response
api.ipify.org/ 23 B
269 B 492ms
100ms XHR
application/json 54.204.36.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.36.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-204-36-156.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 16a93af1775e73fe37b346533adc187e25cfedec1d9e6d17373740c2d09cfecf

Request headers

Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:18 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://searchsecurity.techtarget.com
Connection: keep-alive
Content-Length: 23

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 6852
date: Fri, 04 Jan 2019 08:49:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Fri, 04 Jan 2019 10:49:06 GMT

GET
H/1.1 200
OK advertisement.js Show response
cdn.ttgtmedia.com/rms/ux/javascript/ 32 B
447 B 11ms
10ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/rms/ux/javascript/advertisement.js
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 6b79a0e2ee012ec44afb4ae22c62245df15412aff1012948287d6ef71e4dbfd5

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 31 Dec 2018 06:46:59 GMT
Via: 1.1 VMygldLON2tx53:2 (W), 1.1 PSdgflkfFRA2po75:8 (W)
Last-Modified: Mon, 26 Mar 2018 18:35:52 GMT
Server: PWS/8.3.1.0.8
Age: 359779
Content-Type: text/javascript
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2po75
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32
X-Via: 1.1 ny93:6 (W)
Expires: Mon, 07 Jan 2019 06:46:59 GMT

GET
H2 200 hotjar-21537.js Show response
static.hotjar.com/c/ 2 KB
1 KB 84ms
27ms Script
application/javascript 147.75.83.23
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-21537.js?sv=5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.23 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-21

Software

Resource Hash

19e440e68a42111c897e8542dcb3e7c4cc9da0ee89eae66c2c94b022e9b89a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
etag: W/b4a1f64c3aa0f6b3df4dd0eea3360da3
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=60
section-io-origin-time-seconds: 0.050
section-io-origin-status: 304
accept-ranges: bytes
section-io-id: a4b0c7ada3f6bc13778beea4e73e0dc4
content-length: 1031

GET
H/1.1 200
OK Cookie set sp-config.min.js Show response
media.techtarget.com/cmp/sourcepoint/ 2 KB
2 KB 566ms
109ms Script
text/javascript 206.19.49.139
AT&T Enhanced Net...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.techtarget.com/cmp/sourcepoint/sp-config.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 206.19.49.139 , United States, ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS: media.techtarget.com
Software: /
Resource Hash: 4bc047a9a0e8f0705b3f1a52688f80ec9ec170c6554e32dbe2e5a38c823624f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Sep 2018 18:07:49 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Set-Cookie: BIGipServermedia-pool=2214709258.20480.0000; path=/; Httponly; Secure TS018246fb=012c664659adefea9ce3c5dede750f2957b67b39e671b2ec6e63921d91d584b3a17b88d27f9dba5533f330011b8b099df0a8682250b90188304419b57559b97d26e7c8df38; Path=/; Secure; HTTPOnly
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1109

GET
H/1.1 200
OK dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js Show response
s.dpmsrv.com/ 229 KB
49 KB 71ms
17ms Script
application/x-javascript 54.230.202.128
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.202.128 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-202-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e124015a204052c2fe73df648b0aa6e35d811fd41618d8be5b1a4953a787255

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 21:42:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Dec 2018 21:30:15 GMT
Server: AmazonS3
Age: 47269
ETag: "bdb3dbc3096f5b466405bc6aa6e9e7f1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 d6fa2e1de8f392301c10fd5bb7b263c3.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49535
X-Amz-Cf-Id: Idp6NZmAiSa1P60-cb8Nq10xEnY4nrEJF113fW0mVnrcusOvRZvHnA==

GET
H/1.1 200
OK 7034.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0012/ 81 B
562 B 60ms
13ms Script
application/x-javascript 54.192.94.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0012/7034.js?429610
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.94.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-27.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69d029e725cb27d33c3f2d9ada4c835d9625a8acf19153e865877bda03724c92

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 26 Oct 2018 00:30:47 GMT
Via: 1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
Last-Modified: Fri, 26 Oct 2018 00:19:08 GMT
Server: AmazonS3
Age: 7132
ETag: "94f2ea4ac9d7e78133ba6c7b2e38176c"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81
X-Amz-Cf-Id: CuhAWwNpVGdsxGgltSs4HTpcHB7MVhShdK3EZTf1MZJJ_g71G9cMjw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 27 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.24

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a58f1cf6feb13779ee09699b7f1c8acf71734ff64e16fe9f604a1cf5e23e9298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "41 / 903 of 1000 / last-modified: 1546544601"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9565
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
920 B 8ms
8ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 09:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 3123
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:51:16 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 8ms
8ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j72&aip=1&a=1120491109&t=pageview&_s=1&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&ul=en-us&de=UTF-8&dt=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAj~&jid=47848995&gjid=525693118&cid=737900102.1546598599&uid=0&tid=UA-19046353-12&_gid=1535510217.1546598599&gtm=2wgbc0PWWZSH&cg1=NEWS%20content&cg2=Information%20security%20threats-299811&cg3=20181227&cg4=Anti-malware-1358306&cg5=%2Fpage%2Fetpk_Information%20security%20threats-299811%2Fptpk_Malware%2C%20virus%2C%20Trojan%20and%20spyware%20protection%20and%20removal-299978%2Ftrue%2FNEWS%2Fcontent%2Fcid_252455018%2Fdate_20181227%2Fmem_0%2Fclst_Malware-2240031134%2Frtpk_Anti-malware-1358306%2Fidx_0%2Furl_https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&cd1=Information%20security%20threats-299811&cd2=Malware%2C%20virus%2C%20Trojan%20and%20spyware%20protection%20and%20removal-299978&cd3=NEWS%20content&cd4=252455018&cd5=20181227&cd6=0&cd7=Malware&cd8=Anti-malware-1358306&cd9=NOT_MEMBER&cd10=185.220.70.0&cd11=false&cd12=0&cd13=&z=1837956533

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Dec 2018 08:11:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1305124
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
136 B 16ms
15ms Image
image/gif 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j72&tid=UA-19046353-12&cid=737900102.1546598599&jid=47848995&uid=0&gjid=525693118&_gid=1535510217.1546598599&_u=YGBAgEAj~&z=1781667823

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 04 Jan 2019 10:43:19 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules-ad9166f7698af4859cd97b149665c1f8.js Show response
script.hotjar.com/ 399 KB
81 KB 81ms
24ms Script
application/javascript 147.75.81.98
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-ad9166f7698af4859cd97b149665c1f8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-21537.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.81.98 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-30

Software

Resource Hash

909ae1785f3faac88ca7236bcd06d703e57b60855999d3d194d967fcb82b738a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jan 2019 11:41:43 GMT
access-control-allow-origin: *
etag: W/"ad9166f7698af4859cd97b149665c1f8"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.100
content-length: 82179
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 0bebec4cd975758b2c334ef87589b629
x-amz-version-id: 4ut48jdL3uWePW6o9eJCWuU.YiddN.1W

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1120491109&t=pageview&_s=1&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&ul=en-us&de=UTF-8&dt=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAj~&jid=1289014899&gjid=718227480&cid=737900102.1546598599&uid=0&tid=UA-19047342-11&_gid=1535510217.1546598599&_r=1&gtm=2wgbc0PWWZSH&z=1105743728

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j72&aip=1&a=1120491109&t=pageview&_s=1&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&ul=en-us&de=UTF-8&dt=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGHAgEAj~&jid=1842247191&gjid=590870472&cid=737900102.1546598599&uid=0&tid=UA-19047342-17&_gid=1535510217.1546598599&gtm=2wgbc0PWWZSH&cg1=NEWS%20content&cg2=Information%20security%20threats-299811&cg3=20181227&cg4=Anti-malware-1358306&cg5=%2Fpage%2Fetpk_Information%20security%20threats-299811%2Fptpk_Malware%2C%20virus%2C%20Trojan%20and%20spyware%20protection%20and%20removal-299978%2Ftrue%2FNEWS%2Fcontent%2Fcid_252455018%2Fdate_20181227%2Fmem_0%2Fclst_Malware-2240031134%2Frtpk_Anti-malware-1358306%2Fidx_0%2Furl_https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&cd1=Information%20security%20threats-299811&cd2=Malware%2C%20virus%2C%20Trojan%20and%20spyware%20protection%20and%20removal-299978&cd3=NEWS%20content&cd4=252455018&cd5=20181227&cd6=0&cd7=Malware&cd8=Anti-malware-1358306&cd9=NOT_MEMBER&cd10=185.220.70.0&cd11=false&cd12=0&cd13=&z=1946720353

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Dec 2018 08:11:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1305124
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 16ms
15ms Image
image/gif 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j72&tid=UA-19047342-17&cid=737900102.1546598599&jid=1842247191&uid=0&gjid=590870472&_gid=1535510217.1546598599&_u=aGHAgEAj~&z=256064387

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 04 Jan 2019 10:43:19 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7EF5 0
0 254ms
252ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6050985421795229&output=html&h=90&slotname=8728364240&adk=160880208&adf=3884341496&w=1200&fwrn=4&fwrnh=100&lmt=1546598599&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1546598598357&bpp=66&bdt=284&fdt=728&idt=726&shv=r20181205&cbv=r20180604&saldr=aa&abxe=1&correlator=2817806031786&frm=20&pv=2&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&ga_fc=0&iag=0&icsg=8724316192&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=5432&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&jar=2019-01-04-10&osw_key=420287051&ifi=1&uci=1.e4skzhg25lz6&fsb=1&xpc=bXT7w068N6&p=https%3A//searchsecurity.techtarget.com&dtd=750

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6050985421795229&output=html&h=90&slotname=8728364240&adk=160880208&adf=3884341496&w=1200&fwrn=4&fwrnh=100&lmt=1546598599&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1546598598357&bpp=66&bdt=284&fdt=728&idt=726&shv=r20181205&cbv=r20180604&saldr=aa&abxe=1&correlator=2817806031786&frm=20&pv=2&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&ga_fc=0&iag=0&icsg=8724316192&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=5432&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&jar=2019-01-04-10&osw_key=420287051&ifi=1&uci=1.e4skzhg25lz6&fsb=1&xpc=bXT7w068N6&p=https%3A//searchsecurity.techtarget.com&dtd=750
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Jan 2019 10:43:19 GMT
server: cafe
content-length: 17414
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Jan-2019 10:58:19 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 04 Jan 2019 10:43:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ 71 KB
26 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 02 Jan 2019 07:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jan 2019 07:26:16 GMT

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 96ms
40ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&sw%3D252455018https%253A%252F%252Fsearchsecurity.techtarget.com%252Fnews%252F252455018%252FMalwarebytes-Fileless-ransomware...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26sw%253D252455018https%25253A%25252F%25252Fsearchsecurity.techtarget.com%25252Fnews%25252F2524...
https://a.dpmsrv.com/dpmpxl/index.php?id=1998507995125339361&sw=252455018https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%...

262 B
962 B

110ms
109ms

Script
text/javascript

52.20.14.210
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1998507995125339361&sw=252455018https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&q=xImp&v=1.x&cl=68&pixelIndex=0&r=949405&tzOffset=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&_=1546598599155
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.14.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-14-210.compute-1.amazonaws.com
Software: /
Resource Hash: 2078315dbfa221e674b5fc698a3dca126cd82e10e128fec0867d917adc428210

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 229
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jan 2019 10:43:21 GMT
AN-X-Request-Uuid: c64b5983-1952-42b4-8b81-e1bd0d4a32f6
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1998507995125339361&sw=252455018https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&q=xImp&v=1.x&cl=68&pixelIndex=0&r=949405&tzOffset=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&_=1546598599155
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.4:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
2 KB 52ms
52ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3530976423589245&correlator=3652953492821527&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&jar=2019-01-04-10&eid=21062722%2C21062752%2C21062860&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2Fssec%2FNEWS&sz=1x1&ists=1&scp=type%3Doop&cookie_enabled=1&bc=15&abxe=1&lmt=1546598599&dt=1546598599284&dlt=1546598598073&idt=1184&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3558680245&uci=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=41&icsg=1684164706464&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x6429&msz=1x17&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&fws=128

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ea98a97affa282813064564d48e2ad9e16391a44d5e75fb859e804acaf1958e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1427
x-xss-protection: 1; mode=block
google-lineitem-id: 143272177
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 48913903177
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
22 KB 41ms
41ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 51ms
51ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3530976423589245&correlator=3652953492821527&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&jar=2019-01-04-10&eid=21062722%2C21062752%2C21062860&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2Fssec%2FNEWS&sz=728x90&cookie_enabled=1&bc=15&abxe=1&lmt=1546598599&dt=1546598599305&dlt=1546598598073&idt=1184&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=160&adk=2498577436&uci=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=42&icsg=10480257728672&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x110&msz=728x110&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&fws=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

51f360700a861397d74b2a94077bcc23f22119407f35e76b762a830e1d330c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1960
x-xss-protection: 1; mode=block
google-lineitem-id: 125983417
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138222733842
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 54ms
53ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3530976423589245&correlator=3652953492821527&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&jar=2019-01-04-10&eid=21062722%2C21062752%2C21062860&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2Fssec%2FNEWS&sz=300x250&scp=pos%3Dtop&cookie_enabled=1&bc=15&abxe=1&lmt=1546598599&dt=1546598599311&dlt=1546598598073&idt=1184&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=670&adk=1074394543&uci=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=42&icsg=10480257728672&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&fws=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

14dbb3ee1a1e1b3bf54efbfba0e2bf82b85fc43c218f957a2198b2c6bbe5ba1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1982
x-xss-protection: 1; mode=block
google-lineitem-id: 125983417
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138222733329
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 54ms
54ms XHR
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3530976423589245&correlator=3652953492821527&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&jar=2019-01-04-10&eid=21062722%2C21062752%2C21062860&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2Fssec%2FNEWS&sz=300x600%7C300x251&scp=pos%3Dbottom&cookie_enabled=1&bc=15&abxe=1&lmt=1546598599&dt=1546598599327&dlt=1546598598073&idt=1184&frm=20&biw=1585&bih=1200&oid=3&adx=713&ady=881&adk=1986160857&uci=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=42&icsg=10480257728672&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x600&msz=300x600&ga_vid=737900102.1546598599&ga_sid=1546598599&ga_hid=1120491109&fws=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

cabe1693a5caaf15b1a6e77911a21612f171621d124e3c2785d038f2a06c3918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2288
x-xss-protection: 1; mode=block
google-lineitem-id: 4900747093
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138255272586
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2AF8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4523c1b5c994fd95c4a28ef9cb7ef27d7f0ba1430299f8a633c034ed12afff

Request headers

Response headers

Content-Type: image/png

GET
H2

200

imgad
tpc.googlesyndication.com/pagead/ Frame 2AF8
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTJKMZzh8DRrC6Exnq8kbiG1zCKMva_97hVguqkJhOB_NfyDS-Q8P6tLEZzw93TZzeNM_gHLLrYlFAX9Gm7ArewzETvcn0Ffjb13qAwV5LIRQItO2dIihMOhePUtWJoU7DKA3NORWrA...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDT-6DAfBABGAEyCOgqAsspsvMN

807 B
923 B

8ms
6ms

Image
image/gif

2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDT-6DAfBABGAEyCOgqAsspsvMN

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

422a091638244aad484b505d0e4318f2dd5a2f6ce1c6cfd6e349f55d8a2465c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jan 2019 07:31:29 GMT
x-content-type-options: nosniff
server: cafe
age: 184310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 807
x-xss-protection: 1; mode=block
expires: Wed, 09 Jan 2019 07:31:29 GMT

Redirect headers

date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
content-type: text/html; charset=UTF-8
server: cafe
location: https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDT-6DAfBABGAEyCOgqAsspsvMN
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C60A 40 KB
16 KB 86ms
19ms Script
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-9ed1-57aacd5c8da70"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=107587
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 15271
Expires: Sat, 05 Jan 2019 16:36:26 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C60A 75 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28237
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C60A 0
261 B 34ms
33ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC17GuI5dreFY6gCI9dE3sEPgBM8k51pwvRof2KECwySf-LjTk1OZABhnd5F3NzSXSOQ4gaKa5fo00PsOKnr1j_MqKFXdywNLSv3SCzg1go4jbZDWjVuFkFx4aAWu3hl_yRi1luu6CMojfWjI_GhKAEuZVg7HLzmuA8H6rKPbOBy2vua4Ooug9wxLH7nu9liOQAOZWJ4S_z8JQnmh7bxKcyUHyNskPK1Vo9iMAe0h1f3SYdn1tn_xGi73B9QmtFK3VeiU&sai=AMfl-YRISK9MsridTpPVdyuHPJN6EdrXNm8piJoh6VUcG27sbVXq1LXDTdt9IIHeqYbJyl1Mb0RSDLAKzGCt4LqRNRc8-ls3ZC7z9sYWhzOwtg&sig=Cg0ArKJSzFMGBhxigCeHEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 87CC 40 KB
16 KB 76ms
18ms Script
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-9ed1-57aacd5c8da70"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=107587
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 15271
Expires: Sat, 05 Jan 2019 16:36:26 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87CC 75 KB
28 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28237
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87CC 0
254 B 31ms
30ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL3bEngwlJWgWpjP_nQqHtRBR8ynLlDYhqOCz5Soao9dzjxkzhyhTEyhPUPB4jn2l5E8hJSKVQEt5OCyWPMZxnf6kvGiMMhZFFQrVNdAxuq4Xy-VfSAyrDHcjpf0T0lo83MrcjrQrDDaozbL227Wvf8t8DxgDuI56_ytUnoon8O7LqK_MwqH2_SqFISSQdEZGkPEy-4YVOnN-QKasknw1-GiL5_UGxSuAMCv1B-DJL1Jtol8iYy3EA2nNbVVNz4GKlzGM&sai=AMfl-YSK_Iwu9GW9PvpK3OB-HZ_Y1OS96y2__Z4HBDFxEEBegt0axyveFldUESAu5jY_gAXDqrpVO4d7btHJUifrQvQxmz0JyaKYFRrKxHQbEg&sig=Cg0ArKJSzKGPJZWqhF0hEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DA8F 4 KB
2 KB 11ms
0ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7b00ff65bbf13f8b40cda140ebf89b8311574b3e964612e7aff25b6fdf2fc0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Oct 2018 14:58:20 GMT
server: sffe
age: 48
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2008
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 11:42:31 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA8F 75 KB
28 KB 44ms
33ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28237
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA8F 0
245 B 41ms
30ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqWJyRfYLa6osCX0G1uLxoPTrzyPufijOPCSN_pz2InW8mQ-2MPIubHFjiLR9l81e_0htbERATIZYSXehCHWFH4kiwNSMZoJ98u958kVB1XBGTKgvQbWtn7z_KWqM88N1NzDwoyDDWeKu8ACiPrMjj-WsA-MTRHkseRbOBUImnkrosGQAlacz3F5JOMeG9pcYO7Lq4luoEcAmFQvyeeDsVgP2cfWcOAcHM5zW6uytSi92NOwHEYXYKbtbFr6YlGIFc1HVn&sai=AMfl-YTuTV6vzlKrYQagP1fJCYTnSlTHZuRCBbf928xqTzZwpX6BDk1A3jtL7cUfjo7rjBEhRAGaX6jJuZ-dKtvrHHnXU2vNS-2edPQ8wRoR&sig=Cg0ArKJSzAff9mCj2aaGEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 impl_v45.js Show response
www.googletagservices.com/dcm/ Frame DA8F 21 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v45.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1b68d338555fda70d3bc0680e6775949bcaaa22bfa6680a388f0c57355a06669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 03 Jan 2019 03:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Sep 2018 17:12:33 GMT
server: sffe
age: 111249
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9067
x-xss-protection: 1; mode=block
expires: Fri, 03 Jan 2020 03:49:10 GMT

GET
H2 200 B21952995.233733618;dc_ver=45.119;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=2026141505;ord=wy9nqk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsva3JUojNN9eyp4z-DS5UXsi5nd... Show response
ad.doubleclick.net/ddm/adj/N7442.138668.TECHTARGET/ Frame DA8F 24 KB
11 KB 63ms
37ms Script
text/javascript 172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.138668.TECHTARGET/B21952995.233733618;dc_ver=45.119;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=2026141505;ord=wy9nqk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsva3JUojNN9eyp4z-DS5UXsi5ndUm30O2_jO-FLtid4TfA8rQnGg21hafzryBFey79aSQSTUN86jcqA05BRhIAisxBEfgt5WVMFiCi88UXfFYzpdux-5Tf_BV0Y3YBGJ0_0wIS5cEv1uM6g8bjFRy_Ghsr3T7DO1WhBDasFa6WEUi2bO5bnT4ln2iTyuykn7khqdwYH3rw8q-svKnTWKdWebuSltxHs9CnoheUwHdR-npZzFKAm-v63exNfhUX2QhDR%26sai%3DAMfl-YScd_i9lYmSu53vfYt2qyFUS0_gTOepdcOuLtecqkozsm7v3OmMS5618yrV2mf_H4hEH3XvNQp6FIKOX3qacO5t9GrgdQZQmKSp_5ZR%26sig%3DCg0ArKJSzHhHu005EetsEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter$0;xdt=0;crlt=sXr_81XGN*;osda=2;sttr=24;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

c1e1533f4846370e3a374c734b344b371b96d45918fd754438d38b388ca21c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 11042
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156&google_gid=CAESENLyZ9_AdFZIa6nVMSzknAo&google_cver=1

0
575 B

108ms
107ms

Script
text/javascript

52.20.14.210
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156&google_gid=CAESENLyZ9_AdFZIa6nVMSzknAo&google_cver=1
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.14.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-14-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:19 GMT
server: HTTP server (unknown)
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1998507995125339361&pixelIndex=0&_=1546598599156&google_gid=CAESENLyZ9_AdFZIa6nVMSzknAo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 368
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 423396.gif
idsync.rlcdn.com/ 0
34 B 346ms
111ms Image
text/plain 107.23.87.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1998507995125339361
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.87.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-107-23-87-2.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Fri, 04 Jan 2019 10:43:19 GMT

GET
H/1.1 200
OK UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 87CC 24 B
329 B 88ms
86ms Script
text/html 185.64.189.115
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Cache-Control: private
Content-Type: text/html; charset=UTF-8
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 24
Expires: Mon, 14 Jan 2019 02:09:13 GMT

GET
H/1.1 200
OK UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame C60A 24 B
329 B 126ms
83ms Script
text/html 185.64.189.115
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Cache-Control: private
Content-Type: text/html; charset=UTF-8
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 24
Expires: Mon, 14 Jan 2019 02:09:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_245.js Show response
s0.2mdn.net/879366/ Frame DA8F 113 KB
39 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_245.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1c999e7307e4887901ffd5329d0f243a84b00e845c3188ca6dea280ff28421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Thu, 03 Jan 2019 19:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55401
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 39702
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Oct 2018 18:15:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jan 2019 19:19:58 GMT

GET
H2 200 V6zvOIoD.js Show response
tpc.googlesyndication.com/sodar/ Frame DA8F 40 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/V6zvOIoD.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 03 Jan 2019 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Jan 2018 21:45:00 GMT
server: sffe
age: 99351
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 15146
x-xss-protection: 1; mode=block
expires: Fri, 03 Jan 2020 07:07:28 GMT

GET
DATA 200
OK truncated
/ Frame DA8F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87afe9e2a41fae48b23b017c8fda56252d511e3fc760c2e87a55b90029cd7b7b

Request headers

Response headers

Content-Type: image/png

GET
H2 200 6uQTKQJz.html
tpc.googlesyndication.com/sodar/ Frame 74F9 0
0 8ms
6ms Document
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/6uQTKQJz.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/V6zvOIoD.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/6uQTKQJz.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 7233
date: Tue, 18 Dec 2018 20:59:06 GMT
expires: Wed, 18 Dec 2019 20:59:06 GMT
last-modified: Tue, 02 Jan 2018 21:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1431853
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK auto_opt_in-v2.0.1083.js Show response
sp-js-releases.s3.amazonaws.com/0/2.0.1083/ 41 KB
42 KB 432ms
108ms Script
application/javascript 54.231.50.10
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-js-releases.s3.amazonaws.com/0/2.0.1083/auto_opt_in-v2.0.1083.js
Requested by: Host: media.techtarget.com
URL: https://media.techtarget.com/cmp/sourcepoint/sp-config.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.50.10 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 675e55c6e17480e86b0edfb65a5b62a68e3fb9ab955103b841887c52312f25d3

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:20 GMT
Last-Modified: Wed, 05 Sep 2018 06:20:18 GMT
Server: AmazonS3
x-amz-request-id: 854623A5516F393B
ETag: "008d8488be915ad04ffefe0ef2b56450"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 42369
x-amz-id-2: OBbG59ihqff4hoM3y6jVvnb4gSyOwAxeNnWT1kVfxn/E7UQ3sVljD+N4Hu2M+j136gSRWqKH6Ps=

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 2168 0
0 30ms
19ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
ETag: "13006b6-9ed1-57aacd5c8da70"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15271
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=107587
Expires: Sat, 05 Jan 2019 16:36:26 GMT
Date: Fri, 04 Jan 2019 10:43:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 1013 0
0 29ms
18ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
ETag: "13006b6-9ed1-57aacd5c8da70"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15271
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=107587
Expires: Sat, 05 Jan 2019 16:36:26 GMT
Date: Fri, 04 Jan 2019 10:43:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 87CC 2 KB
2 KB 197ms
102ms Script
text/html 198.47.127.32
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=82040&siteId=82696&adId=241699&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&inIframe=1&operId=3&sec=1&kltstamp=2019-1-4%2010%3A43%3A19&timezone=0&screenResolution=1600x1200&ranreq=0.8658397066124859&pmUniAdId=0&adVisibility=1&adPosition=670x1052&gdpr=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.32 Redwood City, United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b566d3837d7f5c27210cbe31859c2ca2a960511d847bd88b3bc3803bb7b43a09

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1/ Frame 87CC 42 KB
10 KB 95ms
8ms Script
application/javascript 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash: dc0b8bd5655ae560bf511f99b516d7c0a424a38138b1d7ece61d9562b7364c83

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 05:05:32 GMT
content-encoding: gzip
age: 20267
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
x-instart-cache-id: 5:225906062530529735::1546578331
content-length: 10180
last-modified: Wed, 21 Nov 2018 00:22:47 GMT
server: DTOrigin
etag: "beb96ad006d0f40cc15e408b0388db9f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-instart-request-id: 8954796519210435206:SEN01-CPVNPPRY12:1546598599:0
accept-ranges: bytes
expires: Sat, 05 Jan 2019 05:05:32 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA8F 78 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_245.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d01829e2120cb521d453546f186bed3c94bcf24b5089890cfd8750e771d00452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28664
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 index.html
s0.2mdn.net/5809340/1541776689900/GLBL-DEU_nb-06_0_300x600_BAN-A_HTML5_TOFU-no-SDWAN-Anthem-NB_0_4/ Frame 2ADD 0
0 40ms
6ms Document
text/html 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5809340/1541776689900/GLBL-DEU_nb-06_0_300x600_BAN-A_HTML5_TOFU-no-SDWAN-Anthem-NB_0_4/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_245.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /5809340/1541776689900/GLBL-DEU_nb-06_0_300x600_BAN-A_HTML5_TOFU-no-SDWAN-Anthem-NB_0_4/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
content-length: 3398
date: Fri, 04 Jan 2019 08:50:29 GMT
expires: Sat, 05 Jan 2019 08:50:29 GMT
last-modified: Fri, 09 Nov 2018 15:18:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
age: 6770
cache-control: public, max-age=86400
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DA8F 0
135 B 78ms
41ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxAlYSls4dtO4IP76x7ftID98BTtMjmJzOWR7DPJlZ39uQR2M8upGBKFLblsQ3syDT8cEPaKo555lxI8zEvyGMvQFJ_sNaZurnK5OOyD0VV6TELWoufROVletLUGJOGDPQQiHq6LEI2MxmFyHU6apmwnpoVIgc1YNa2IbzqSQ4S-iKTw&sig=Cg0ArKJSzEneKui-14uAEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

27119
tags.bluekai.com/site/ Frame DA8F
Redirect Chain

https://stags.bluekai.com/site/27119?phint=event%3Dimp&phint=aid%3D5809340&phint=pid%3D233733618&phint=cid%3D21952995&phint=crid%3D108516244
https://tags.bluekai.com/site/27119?dt=0&r=1702885364&sig=330965018&bkca=KJyN0eWmQY9191eUbWhoiIlQ8AK1ALQQSxphdj3vT865oqR8lfZt9j50tZQIS2k4LyHaYFl1n0Jmi9ZAfdR+vW5PdFw0Cu91vH/2gg9K89==

62 B
527 B

107ms
106ms

Image
image/gif

104.109.83.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27119?dt=0&r=1702885364&sig=330965018&bkca=KJyN0eWmQY9191eUbWhoiIlQ8AK1ALQQSxphdj3vT865oqR8lfZt9j50tZQIS2k4LyHaYFl1n0Jmi9ZAfdR+vW5PdFw0Cu91vH/2gg9K89==
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.83.115 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jan 2019 10:43:19 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 4b9b
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://tags.bluekai.com/site/27119?dt=0&r=1702885364&sig=330965018&bkca=KJyN0eWmQY9191eUbWhoiIlQ8AK1ALQQSxphdj3vT865oqR8lfZt9j50tZQIS2k4LyHaYFl1n0Jmi9ZAfdR+vW5PdFw0Cu91vH/2gg9K89==
Date: Fri, 04 Jan 2019 10:43:19 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: e571
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame B492 0
0 27ms
25ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
ETag: "13006b6-9ed1-57aacd5c8da70"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15271
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=107587
Expires: Sat, 05 Jan 2019 16:36:26 GMT
Date: Fri, 04 Jan 2019 10:43:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C4F 0
0 24ms
21ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Last-Modified: Thu, 15 Nov 2018 04:53:43 GMT
ETag: "13006b6-9ed1-57aacd5c8da70"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15271
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=107587
Expires: Sat, 05 Jan 2019 16:36:26 GMT
Date: Fri, 04 Jan 2019 10:43:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame C60A 2 KB
2 KB 210ms
133ms Script
text/html 198.47.127.32
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=82040&siteId=82696&adId=241772&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&inIframe=1&operId=3&sec=1&kltstamp=2019-1-4%2010%3A43%3A19&timezone=0&screenResolution=1600x1200&ranreq=0.3432646485343025&pmUniAdId=0&adVisibility=1&adPosition=160x428&gdpr=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.32 Redwood City, United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 700b19acc314bf7890fdf677d026842f05e7276479d68f8e219cf336313ac910

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:19 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1/ Frame C60A 42 KB
10 KB 45ms
22ms Script
application/javascript 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash: dc0b8bd5655ae560bf511f99b516d7c0a424a38138b1d7ece61d9562b7364c83

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 05:05:32 GMT
content-encoding: gzip
age: 20267
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
x-instart-cache-id: 5:225906062530529735::1546578331
content-length: 10180
last-modified: Wed, 21 Nov 2018 00:22:47 GMT
server: DTOrigin
etag: "beb96ad006d0f40cc15e408b0388db9f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-instart-request-id: 3691066109677559169:SEN01-CPVNPPRY12:1546598599:0
accept-ranges: bytes
expires: Sat, 05 Jan 2019 05:05:32 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 87CC 36 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=82040&siteId=82696&adId=241699&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&inIframe=1&operId=3&sec=1&kltstamp=2019-1-4%2010%3A43%3A19&timezone=0&screenResolution=1600x1200&ranreq=0.8658397066124859&pmUniAdId=0&adVisibility=1&adPosition=670x1052&gdpr=0&dspids=%7B%7D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f64b7869be95fca2fc31b0178e47ca38edab8373423329deb0a6ff2a6cf22f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "41 / 206 of 1000 / last-modified: 1546544603"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10274
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 pubads_impl_201812061.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87CC 183 KB
62 KB 42ms
41ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

c8ae2a095dd9264db23d5b5b47e27d4989c09064960b93613578c7fcd1ba5303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 14:50:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 63688
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 87CC 113 B
178 B 16ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=searchsecurity.techtarget.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C60A 36 KB
0 40ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=82040&siteId=82696&adId=241772&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&inIframe=1&operId=3&sec=1&kltstamp=2019-1-4%2010%3A43%3A19&timezone=0&screenResolution=1600x1200&ranreq=0.3432646485343025&pmUniAdId=0&adVisibility=1&adPosition=160x428&gdpr=0&dspids=%7B%7D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f64b7869be95fca2fc31b0178e47ca38edab8373423329deb0a6ff2a6cf22f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "41 / 206 of 1000 / last-modified: 1546544603"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10274
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 pubads_impl_201812061.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C60A 183 KB
62 KB 72ms
39ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

c8ae2a095dd9264db23d5b5b47e27d4989c09064960b93613578c7fcd1ba5303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 14:50:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 63688
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame C60A 113 B
175 B 54ms
20ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=searchsecurity.techtarget.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 87CC 9 KB
4 KB 66ms
61ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=52503044516522&correlator=171160387339285&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21060637%2C21062473%2C21062749&vrg=201812061&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2FPassback-sSecurity&sz=300x250&eri=2&cookie=ID%3D0785da60275ce86e%3AT%3D1546598599%3AS%3DALNI_MZqufkvqd2izpjaClG4HecFlKMSqQ&cdm=searchsecurity.techtarget.com&bc=15&lmt=1546598599&dt=1546598599953&dlt=1546598599335&idt=575&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adk=3182411285&uci=7v8ukpn2hqhd&ifi=1&ifk=3907045923&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&top=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=11&icsg=1370&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=737900102.1546598599&ga_sid=1546598600&ga_hid=366553429&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e336ee59ce0834d614f1ef0c0da0148c1fe1e3539c5469c839a4a724c3ddc082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4219
x-xss-protection: 1; mode=block
google-lineitem-id: 154075297
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238674255
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_201812061.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87CC 57 KB
21 KB 60ms
55ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

3e784931954856122e3c247836d48ae183463eeb115a2a76d4e103a77bc6767f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 14:50:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21802
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 87CC 0
0 12ms
8ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C60A 9 KB
4 KB 66ms
64ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2913470269157088&correlator=3302652192396804&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062473%2C21062378%2C21062854&vrg=201812061&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F3618%2FPassback-sSecurity&sz=728x90&eri=2&cookie=ID%3D0785da60275ce86e%3AT%3D1546598599%3AS%3DALNI_MZqufkvqd2izpjaClG4HecFlKMSqQ&cdm=searchsecurity.techtarget.com&bc=15&lmt=1546598599&dt=1546598599999&dlt=1546598599334&idt=655&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adk=2732185456&uci=lfemhydsmv1m&ifi=1&ifk=3129280663&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&top=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&dssz=11&icsg=1370&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=737900102.1546598599&ga_sid=1546598600&ga_hid=997420558&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a5a6de19e1f93a470e488faeb516b88712914c7b6433183a23863e60276a5a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4227
x-xss-protection: 1; mode=block
google-lineitem-id: 154075297
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238687388
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_201812061.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C60A 57 KB
21 KB 65ms
64ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

3e784931954856122e3c247836d48ae183463eeb115a2a76d4e103a77bc6767f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 14:50:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21802
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:20 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame C60A 0
0 7ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/ Frame F76E 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 02 Jan 2019 16:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1255
x-xss-protection: 1; mode=block
server: cafe
etag: 5672849149211090809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jan 2019 16:01:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F76E 75 KB
0 44ms
33ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28237
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 87CC 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 11:42:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F76E 0
56 B 35ms
33ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnKRziWbcid0qKgO4G39lNPXvPIBv9rdugtUyxbd0VPHu_FYh4yBiR0aWsOu9x614Et4hyX6L8H2lPyqpz0Z68-bgd1mMCRtmEx0gChznhQ0Wyb4QfyziofWHBP2hdJmWH6Cuxmt18mEZquwRXEReMTXu-G_kz2yjaN9m8SHTJIL2THErsKIXTGf819bxiQEULNM_l0wE0BAHaWvRNROA2zq0v6_gS7ZYUSTFXaP2197xt4NCCA73il-t-7P9ZP9NeR6jQNebTBBriN7QMQA&sai=AMfl-YR5S6BbpZRf5aBrJznVkhybdrENet9d1ZyM9cR0CcvtyWLt5GqfaC4dVs6q6CpqENLi6My67L7H9PexX0RwixGCYaleWAAS9W49H7LbSKnEIlwHtsNfaycpdks&sig=Cg0ArKJSzEhZkNiNa98SEAE&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 15013435589051305466
tpc.googlesyndication.com/simgad/ Frame F76E 23 KB
23 KB 7ms
7ms Image
image/gif 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15013435589051305466

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1c1ad9b177cb324086883a23710e38150ace1f1df47a80e7dde0c9e43708e281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 08:44:54 GMT
x-content-type-options: nosniff
age: 1389506
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23782
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Jul 2018 13:36:52 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 08:44:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F76E 0
77 B 14ms
14ms Image
text/html 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNo8Cg5iH70KQXSfKYdno5h0bQnVsnP0fl75xTqDS0xE9wjGGoh2-plqU9GkxjFsGnc2Np7k9ZDqdAnaUGW6rGiS2bUA
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 0FB7 0
0 68ms
11ms Document
text/html 23.210.249.92
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=82040&siteId=82696&adId=241699&adType=3&adServerId=1067&kefact=1.500000&kaxefact=1.500000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1546598599&indirectAdId=563271&adServerOptimizerId=1&ranreq=0.8658397066124859&kpbmtpfact=0.000000&dcId=3&tldId=34170518&passback=3&svr=ADS22421&ekefact=xzgvXK2_CgBJYtpOHsX_ok8vrZLrKo6rjWLprMs2bBSMv_jM&ekaxefact=xzgvXLy_CgD9QGGTmPlSfKej3JIXL0kWQyJrTmJsREDWVV41&ekpbmtpfact=xzgvXMm_CgCQE4f7kD3DJ6ONBcosXE5Vs44lMTBzsc1yX7LK&crID=0&campaignId=0&isRTB=0&imprId=5A92C070-94BE-461D-8E6D-DB5287D18662&oid=5A92C070-94BE-461D-8E6D-DB5287D18662&cntryId=58&domain=searchsecurity.techtarget.com&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&sec=1
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; pi=82040:2; PUBMDCID=3; pp=82040; PMDTSHR=cat:; KADUSERCOOKIE=3D139102-25BE-42AE-9093-8AA8DC559C37; DPSync2=1547769600%3A201_197%7C1546646400%3A174; SyncRTB2=1547769600%3A7_54_3_81_21_46_56_161%7C1547424000%3A63%7C1547164800%3A2; KRTBCOOKIE_80=16514-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&22987-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&22995-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&23025-CAESEHjkfs-3rIzPzDuk3e-DKts; PugT=1546598600; KRTBCOOKIE_27=16735-uid:6c555c2f-2f88-4700-9c7d-3cf3436aa64b&KRTB&16736-uid:6c555c2f-2f88-4700-9c7d-3cf3436aa64b; KRTBCOOKIE_18=22947-1041527791336899309; SPugT=1546598600; KRTBCOOKIE_391=22924-3638094344472660509; KRTBCOOKIE_377=6810-d9a6e814-50eb-433d-9e9a-c0e95e1e614d&KRTB&22918-d9a6e814-50eb-433d-9e9a-c0e95e1e614d&KRTB&23031-d9a6e814-50eb-433d-9e9a-c0e95e1e614d; KRTBCOOKIE_336=5844-8099459054391971339
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Content-Type: text/html
Content-Length: 0
Date: Fri, 04 Jan 2019 10:43:20 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 87CC 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a7a4f805121a8a73391a5b2612245225ada7409c4728ea9147d1de662c6fec5

Request headers

Response headers

Content-Type: image/png

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/ Frame 6C2C 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 02 Jan 2019 16:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1255
x-xss-protection: 1; mode=block
server: cafe
etag: 5672849149211090809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jan 2019 16:01:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C2C 75 KB
0 44ms
33ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 04 Jan 2019 10:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jan 2019 12:14:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28237
x-xss-protection: 1; mode=block
expires: Fri, 04 Jan 2019 10:43:19 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame C60A 71 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_201812061.js?21062473

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 11:42:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C2C 0
47 B 34ms
34ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7LpZf75nUF2LtxnGVH1XTgishBrF3DqgYfl7qvAxjH6exotAtcQ2tcFNcpz1X2Z5_d8lxs-y_U3u_EH7Qjlq85_jOi3TdWrHmsF5Xj0V_pfGutxCugvpDj2GyEMoU2LTr4JZEcvRnQCxY2Qrw0pUCKPJMTD81n4pDnWD8jh8TZ-L9CqmgHivYjQMfwpI8GP1eRWpKhbQjxvnaedGLeN3wiaJP5fh8cQwJ5f5_eHMxeaps5aF4G8AhM9RTm7m1L-IVWQwmkHxYSQzo48xdBg&sai=AMfl-YQB-yKh9ZxECuKOvwpOsP7LNqCEoQ5q77Zct7kEBr2Qqi4xy_tGaMBfRmszY6n8j9tboARNDDSbGCNkUTj_TTzPu-ZPmyW-z0cLZvgJv2jBfcCa99f4qfO5yeI&sig=Cg0ArKJSzAUomSH1jqPZEAE&adurl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 2412359913424840880
tpc.googlesyndication.com/simgad/ Frame 6C2C 24 KB
24 KB 8ms
7ms Image
image/gif 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2412359913424840880

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed98bccc6ac6b099e10969861a9db69be6d082841911a333d58b674506d3395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 03 Jan 2019 18:02:54 GMT
x-content-type-options: nosniff
age: 60026
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 24370
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Jul 2018 13:43:29 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2020 18:02:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6C2C 0
60 B 15ms
14ms Image
text/html 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRF2a-l5Ky7T_bKy4JIRV6IxbpMcfirVi5FttwWkSEb9iMZeKlsDBHp3qsL9_14g9bjdeJAgBva4Bifm9UAuXHUfRFM2w
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 8109 0
0 54ms
7ms Document
text/html 23.210.249.92
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=82040&siteId=82696&adId=241772&adType=3&adServerId=1067&kefact=1.500000&kaxefact=1.500000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1546598599&indirectAdId=563273&adServerOptimizerId=1&ranreq=0.3432646485343025&kpbmtpfact=0.000000&dcId=3&tldId=34170518&passback=3&svr=MADS22101&ekefact=xzgvXAqdDACbNHVF4iLVLN_cAz4jDpjhT20jWuBy7uiiSiOC&ekaxefact=xzgvXCOdDADe87Gj2XAWUd03rn0yJ7dprYfjXTT8TK6X7m4e&ekpbmtpfact=xzgvXDSdDABfyN7ltwcfzfXIP_bq8bDdNf-YxMRzc8XX-ulh&crID=0&campaignId=0&isRTB=0&imprId=25FC7FDE-FCE8-470E-9D4E-00009B2D428D&oid=25FC7FDE-FCE8-470E-9D4E-00009B2D428D&cntryId=58&domain=searchsecurity.techtarget.com&pageURL=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&sec=1
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; pi=82040:2; PUBMDCID=3; pp=82040; PMDTSHR=cat:; KADUSERCOOKIE=3D139102-25BE-42AE-9093-8AA8DC559C37; DPSync2=1547769600%3A201_197%7C1546646400%3A174; SyncRTB2=1547769600%3A7_54_3_81_21_46_56_161%7C1547424000%3A63%7C1547164800%3A2; KRTBCOOKIE_80=16514-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&22987-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&22995-CAESEHjkfs-3rIzPzDuk3e-DKts&KRTB&23025-CAESEHjkfs-3rIzPzDuk3e-DKts; PugT=1546598600; KRTBCOOKIE_27=16735-uid:6c555c2f-2f88-4700-9c7d-3cf3436aa64b&KRTB&16736-uid:6c555c2f-2f88-4700-9c7d-3cf3436aa64b; KRTBCOOKIE_18=22947-1041527791336899309; SPugT=1546598600; KRTBCOOKIE_391=22924-3638094344472660509; KRTBCOOKIE_377=6810-d9a6e814-50eb-433d-9e9a-c0e95e1e614d&KRTB&22918-d9a6e814-50eb-433d-9e9a-c0e95e1e614d&KRTB&23031-d9a6e814-50eb-433d-9e9a-c0e95e1e614d; KRTBCOOKIE_336=5844-8099459054391971339
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

Content-Type: text/html
Content-Length: 0
Date: Fri, 04 Jan 2019 10:43:20 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame C60A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a82dcd10bc3b1f681f6b87c3ac1e92f6a77710802d1df275695931642ac9667

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sp-bootstrap.js Show response
cdn.ttgtmedia.com/cmp/sourcepoint/ 7 KB
3 KB 12ms
12ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/sp-bootstrap.js
Requested by: Host: media.techtarget.com
URL: https://media.techtarget.com/cmp/sourcepoint/sp-config.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 3fbf514b2907f4a58bcd75de7e6e3940301fdf116ae41bb25b4f2030e84a40dc

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 01 Jan 2019 17:17:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 16:31:36 GMT
Server: PWS/8.3.1.0.8
Age: 235550
Content-Type: text/javascript
Via: 1.1 ny92:4 (W), 1.1 VMygldLON2tx53:0 (W), 1.1 PSdgflkfFRA2mu72:7 (W)
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2926
Expires: Tue, 08 Jan 2019 17:17:30 GMT

GET
H/1.1 200
OK sp-msg.js Show response
cdn.ttgtmedia.com/cmp/sourcepoint/ 324 KB
105 KB 235ms
235ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/sp-msg.js
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/sp-bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1f11526358061a090ffafb8b142a921d546bd9b575f0baf9cc64582bf73221d3

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 10:00:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Oct 2018 13:17:49 GMT
Server: PWS/8.3.1.0.8
Age: 520978
Transfer-Encoding: chunked
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2er187:4 (W), 1.1 VMfgblPAR1tl41:3 (W), 1.1 PSdgflkfFRA2mu72:6 (W)
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2mu72
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 05 Jan 2019 10:00:22 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DA8F 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRneNVrRnCo6unJrZluO87XcqR9i7gnwx3GkOBpMf2so0ijkIC4wbLEq2T4ycBeCVHnCWfCvl2WysO0AVl-q2IMvPRWxnkEHlgqnw&sig=Cg0ArKJSzJpETo1p4_XbEAE&adk=1986160857&tt=-1&bs=1585%2C1200&mtos=0,0,1059,1059,1059&tos=0,0,1059,0,0&p=881,713,1481,1013&mcvt=1059&rs=3&ht=0&tfs=320&tls=1379&mc=0.53&lte=0.53&bas=0&bac=0&avms=geo&rst=1546598599387&rpt=137&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C6430&ss=1600%2C1200&pt=-1&deb=1-1-5-14-15-12-45-9&tvt=1371&r=v&id=osdim&uc=9&upc=1&tgt=INS&cl=1&lop=1&tslp=427&cec=5&clc=1&cac=0&cd=300x600&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DA8F 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj8m9OK29XT0r7gwi2WgqVyHh1Hc4iTVsZelIl9UTJlsnxNKPlQpwOOX-nf7cnlqm6YQIHhP04RGvRHrIo7Gs&sig=Cg0ArKJSzF1MV9fhKM9hEAE&adk=1986160857&tt=-1&bs=1585%2C1200&mtos=0,0,1059,1059,1059&tos=0,0,1059,0,0&p=881,713,1481,1013&mcvt=1059&rs=3&ht=0&tfs=320&tls=1379&mc=0.53&lte=0.53&bas=0&bac=0&avms=geo&rst=1546598599387&rpt=137&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C6430&ss=1600%2C1200&pt=-1&deb=1-1-5-14-15-12-45-9&tvt=1371&r=v&id=osdim&uc=9&upc=1&tgt=INS&cl=1&lop=1&tslp=429&cec=5&clc=1&cac=0&cd=300x600&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cle_toolbar.gif
cdn.ttgtmedia.com/rms/ux/responsive/img/ 68 B
479 B 10ms
9ms Image
image/gif 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cle_toolbar.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 2160a63f0c7e46c31551cfba0862153756107739bdd3b3caa0bdfd5f09fb9dc3

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:49:47 GMT
Via: 1.1 PSmgnyNY2no188:7 (W), 1.1 VMfgblPAR1wa59:1 (W), 1.1 PSdgflkfFRA2so76:5 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:48 GMT
Server: PWS/8.3.1.0.8
Age: 50014
Content-Type: image/gif
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2so76
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
Expires: Thu, 10 Jan 2019 20:49:47 GMT

GET
H/1.1 200
OK cle_buttons.gif
cdn.ttgtmedia.com/rms/ux/responsive/img/ 3 KB
3 KB 9ms
8ms Image
image/gif 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cle_buttons.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 47400eaeeee9e42b6ff93b70ae1cd345aef952f56bdff6350760bea146432c9e

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 03 Jan 2019 20:49:48 GMT
Via: 1.1 PSmgnyNY2no188:7 (W), 1.1 VMfgblPAR1wa59:3 (W), 1.1 PSdgflkfFRA2po75:5 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:48 GMT
Server: PWS/8.3.1.0.8
Age: 50013
Content-Type: image/gif
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2po75
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3064
Expires: Thu, 10 Jan 2019 20:49:48 GMT

GET
H/1.1 200
OK cle_codebutton.gif
cdn.ttgtmedia.com/rms/ux/responsive/img/ 194 B
606 B 9ms
9ms Image
image/gif 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/rms/ux/responsive/img/cle_codebutton.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 1fae3d21b09d0f4dc0726679d549722befc2a4e976d9020dce595264c94d30f7

Request headers

Referer: https://cdn.ttgtmedia.com/rms/ux/responsive/css/main.css?v=7.24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 06:43:08 GMT
Via: 1.1 PSmgnyNY2er187:2 (W), 1.1 VMfgblPAR1xo50:4 (W), 1.1 PSdgflkfFRA2sg74:0 (W)
Last-Modified: Thu, 13 Dec 2018 20:38:45 GMT
Server: PWS/8.3.1.0.8
Age: 14413
Content-Type: image/gif
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2sg74
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194
Expires: Fri, 11 Jan 2019 06:43:08 GMT

GET
H/1.1 200
OK Cookie set GetUserFromCookies Show response
users.techtarget.com/registration/rest/RegistrationService/ 111 B
427 B 542ms
102ms Script
application/x-javascript 206.19.49.191
AT&T Enhanced Net...

General

Check archive.org

Show headers Download Go to

Full URL: https://users.techtarget.com/registration/rest/RegistrationService/GetUserFromCookies?callback=jQuery1102018877592717351077_1546598598106&_=1546598598107
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 206.19.49.191 , United States, ASN17225 (ATT-CERFNET-BLOCK - AT&T Enhanced Network Services, US),
Reverse DNS
Software: /
Resource Hash: ba141a649f3c0882ffe91c5a5c48626e0c7dc4081b4529bc581431b27342de59

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: users.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:21 GMT
Cache-Control: private
Set-Cookie: TS01da9a2e=012c6646598fffe8db7d7a6c38ac9ca62a83b1fa7d1dd0cabd5ba9fa705867dcba49e43fb68e7ed572356c7eb78ac0fe114cd7a048; Path=/; Secure; HTTPOnly
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1

200
OK

spacer.gif
cdn.ttgtmedia.com/images/
Redirect Chain

https://go.techtarget.com/clicktrack-r/activity/activity.gif?activityTypeId=16&t=299978&t2=299926&t3=2240163309&a=2019-01-04%2005:43:17&g=252455018&c=normal&r=805106
https://cdn.ttgtmedia.com/images/spacer.gif

43 B
442 B

9ms
8ms

Image
image/gif

163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttgtmedia.com/images/spacer.gif
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: cdn.ttgtmedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 31 Dec 2018 06:45:27 GMT
Via: 1.1 ml62:2 (W), 1.1 PSdgflkfFRA2sg74:3 (W)
Last-Modified: Fri, 20 Jan 2012 13:30:40 GMT
Server: PWS/8.3.1.0.8
Age: 359874
Content-Type: image/gif
Cache-Control: max-age=604800
X-Px: ht PSdgflkfFRA2sg74
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Via: 1.1 ny93:3 (W)
Expires: Mon, 07 Jan 2019 06:45:27 GMT

Redirect headers

Location: https://cdn.ttgtmedia.com/images/spacer.gif
Date: Fri, 04 Jan 2019 10:43:21 GMT
Set-Cookie: bk=9a014599-d19c-47a5-a0cb-bbb10ac5e62a; domain=.techtarget.com; path=/; expires=Thu, 04-Apr-2019 10:43:21 GMT co=%7B%22ipAddress%22%3A%22185.220.70.202%22%2C%22industry%22%3A%22UNKNOWN%22%2C%22countryId%22%3A%22UNKNOWN%22%2C%22empSize%22%3A%22UNKNOWN%22%2C%22empSizeId%22%3A%22UNKNOWN%22%2C%22name%22%3A%22UNKNOWN%22%2C%22id%22%3A%22UNKNOWN%22%2C%22state%22%3A%22UNKNOWN%22%2C%22countryName%22%3A%22UNKNOWN%22%7D; domain=.techtarget.com; path=/; expires=Thu, 04-Apr-2019 10:43:21 GMT TS01c54b6d=012c664659c6ad721dbb3457109eb49864ddbe4e57b3a46a39a5788e637c1c88073012bb26c1bd523df5d235c74aea0796b55838da; Path=/; Secure; HTTPOnly TS014200a8=012c664659d60e0e815e095623907be836466ed2b6b3a46a39a5788e637c1c88073012bb26c44237ebb0e5794bf3cde71ef155f7ec12350169e41506caac35ea00b158704a838ed3c36091b3fa035a9c30e1d6d8aa; path=/; domain=.techtarget.com; HTTPonly; Secure
Content-Type: text/html; charset=utf-8
Content-Length: 81
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 71ms
17ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWWZSH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 10:43:21 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6C2C 42 B
110 B 18ms
18ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwAc5fmp8Xe7kFUreQJiW858bwAMC6G33WnikwwT93sWbJfRCCVP9nQG-QYGifnIwdP8-x9F1UdSkdzkGVcYWAXlS2JZJtgvG-Dbk&sig=Cg0ArKJSzNJ6XP5yI-PbEAE&adk=2732185456&tt=981&bs=1585%2C1200&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&p=160,429,250,1157&mcvt=1099&rs=3&ht=0&tfs=21&tls=1120&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1546598600139&rpt=136&isd=0&lm=2&oseid=3&ps=1585%2C6580&ss=1600%2C1200&pt=140&deb=1-1-1-6-10-19-9-8&tvt=1105&is=728%2C90&iframe_loc=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&r=v&id=osdim&uc=8&upc=11&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C60A 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9MMjlgU4T9HdV2Fmbjq4i2hfjXHj4Ipe9H8lwgjuE8sNO0_mk_ypRMkWHP5c1-yt1hrdblVR8init5wv7OenpttOct6vsqf-Tnbs&sig=Cg0ArKJSzOU3LIVxBETJEAE&adk=2498577436&tt=-1&bs=1585%2C1200&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&p=160,429,250,1157&mcvt=1081&rs=3&ht=0&tfs=1090&tls=2171&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1546598599363&rpt=931&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C6430&ss=1600%2C1200&pt=-1&deb=1-1-5-22-20-12-65-14&tvt=2162&r=v&id=osdim&uc=8&upc=10&tgt=BODY&cl=1&cec=12&clc=0&cac=0&cd=728x90&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame DCA7 0
0 96ms
33ms Document
text/html 147.75.205.43
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-21537.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.205.43 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-31
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
date: Fri, 04 Jan 2019 10:43:21 GMT
content-type: text/html
content-length: 857
cache-control: max-age=31536000
last-modified: Wed, 26 Dec 2018 17:42:40 GMT
x-amz-version-id: r21unyjRaeSnpbfdAFfXa49OG_A_M8ik
section-io-origin-status: 200
section-io-origin-time-seconds: 0.038
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding: gzip
accept-ranges: bytes
section-io-id: aba2381c5354c9d998fc5347a6ffdb84

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F76E 42 B
110 B 18ms
17ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYZ_h26NKmP_I7FF0xKJIGJq2LCNLhQdtxU_P-DHsw-cW318sUC3WL0YMElVk5CFYXmuwQSrgc-AqqfuPoRuiWbfkxugSAebPfmNc&sig=Cg0ArKJSzJGaISsjn0C8EAE&adk=3182411285&tt=804&bs=1585%2C1200&mtos=1152,1152,1152,1152,1152&tos=1152,0,0,0,0&p=670,1053,920,1353&mcvt=1152&rs=3&ht=0&tfs=40&tls=1192&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1546598600109&rpt=124&isd=0&lm=2&oseid=3&ps=1585%2C6580&ss=1600%2C1200&pt=388&deb=1-1-1-8-11-37-10-9&tvt=1163&is=300%2C250&iframe_loc=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&r=v&id=osdim&uc=9&upc=11&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x250&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070110249/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070110249/?random=1546598601463&cv=9&fst=1546598601463&num=1&label=RRsgCOW4tgMQqayi_gM&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

102a6a6cf9e5359077acf7516dcb3e64d926b034a6dbcd6d246dd83d84ff2649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1134
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072226410/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072226410/?random=1546598601477&cv=9&fst=1546598601463&num=2&label=x3P_CIql1gMQ6sCj_wM&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8b79300ff9ea97753eef0ced0cb25238732317781435a446145c622e0651970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1135
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 87CC 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYKsx4V9MimhS2MhMHKVHfJS4RznZaEv0xi404LRKhRs1kuNzFBigUiITE62p2WgnntLtedQcafu46_OUSS8ckiLR5B4cQRdsijd4&sig=Cg0ArKJSzFSJdJPC8P4zEAE&adk=1074394543&tt=-1&bs=1585%2C1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&p=670,1053,920,1353&mcvt=1000&rs=3&ht=0&tfs=1278&tls=2278&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1546598599373&rpt=1108&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C6430&ss=1600%2C1200&pt=-1&deb=1-1-5-22-21-12-69-15&tvt=2268&r=v&id=osdim&uc=7&upc=11&tgt=BODY&cl=1&cec=12&clc=0&cac=0&cd=300x250&v=20190102

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070110249/ 42 B
120 B 27ms
26ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070110249/?random=1546598601463&cv=9&fst=1546596000000&num=1&label=RRsgCOW4tgMQqayi_gM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1378262865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070110249/ 42 B
109 B 24ms
23ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070110249/?random=1546598601463&cv=9&fst=1546596000000&num=1&label=RRsgCOW4tgMQqayi_gM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1378262865&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072226410/ 42 B
120 B 25ms
24ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072226410/?random=1546598601477&cv=9&fst=1546596000000&num=2&label=x3P_CIql1gMQ6sCj_wM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3126104401&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072226410/ 42 B
109 B 29ms
28ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072226410/?random=1546598601477&cv=9&fst=1546596000000&num=2&label=x3P_CIql1gMQ6sCj_wM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&tiba=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3126104401&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK get_loaders Show response
consent.techtarget.com/mms/ 2 B
410 B 52ms
10ms XHR
application/json 52.59.88.132
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.techtarget.com/mms/get_loaders?href=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&account_id=370
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.88.132 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-88-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma: no-cache
Origin: https://searchsecurity.techtarget.com
Accept-Encoding: gzip, deflate, br
Host: consent.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Cookie: bk=9a014599-d19c-47a5-a0cb-bbb10ac5e62a; co=%7B%22ipAddress%22%3A%22185.220.70.202%22%2C%22industry%22%3A%22UNKNOWN%22%2C%22countryId%22%3A%22UNKNOWN%22%2C%22empSize%22%3A%22UNKNOWN%22%2C%22empSizeId%22%3A%22UNKNOWN%22%2C%22name%22%3A%22UNKNOWN%22%2C%22id%22%3A%22UNKNOWN%22%2C%22state%22%3A%22UNKNOWN%22%2C%22countryName%22%3A%22UNKNOWN%22%7D; TS014200a8=012c664659d60e0e815e095623907be836466ed2b6b3a46a39a5788e637c1c88073012bb26c44237ebb0e5794bf3cde71ef155f7ec12350169e41506caac35ea00b158704a838ed3c36091b3fa035a9c30e1d6d8aa
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

Date: Fri, 04 Jan 2019 10:43:23 GMT
Content-Encoding: gzip
X-Sp-Mms-Node: mms-ax8.node.fra.consul
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://searchsecurity.techtarget.com
Cache-Control: max-age=10800
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ Frame 7A1B 294 B
701 B 76ms
9ms Script
application/javascript 104.109.79.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js?cb=1546598603121
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/sp-msg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.79.206 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-79-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 81848be40229acb209d411752a6e55982e0912eb3ade455bdbb2ca5805886834

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 9B167673CE6B2C75
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=27065
Date: Fri, 04 Jan 2019 10:43:23 GMT
Connection: keep-alive
Content-Length: 294
x-amz-id-2: qxpqxpQGrLIxXByHL1GmNWrDAfpEbI7TPv5SEs/clqBgl7pwwI7xy8CJz9uFvRgFlFO9LEnVtuU=

GET
H2 200 ;ord=1546598603121
ad.doubleclick.net/ddm/ad/ddtus/ 43 B
130 B 17ms
17ms Image
image/gif 172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/ddtus/;ord=1546598603121?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK get_site_data Show response
consent.techtarget.com/ 19 B
387 B 31ms
10ms XHR
text/plain 52.59.88.132
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.techtarget.com/get_site_data?account_id=370&href=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.88.132 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-88-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4680c565a5d7088fd0b5545d4e904c73f0b89eb3a4ffeb05984833f89ae69f41

Request headers

Pragma: no-cache
Origin: https://searchsecurity.techtarget.com
Accept-Encoding: gzip, deflate, br
Host: consent.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

Date: Fri, 04 Jan 2019 10:43:23 GMT
Content-Encoding: gzip
X-Sp-Mms-Node: mms-ax2.node.fra.consul
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
421 B 429ms
100ms XHR
text/plain 52.0.221.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.221.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-221-2.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://searchsecurity.techtarget.com
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Fri, 04 Jan 2019 10:43:24 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://searchsecurity.techtarget.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 nr-1099.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 92ms
7ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1099.min.js
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:24 GMT
content-encoding: gzip
x-amz-request-id: 721001A39CB7D50B
x-cache: HIT
status: 200
content-length: 9139
x-amz-id-2: NxMxfptyk7m72ZRtwDBFrYLt42q+zxYhs3n9RkXhwCypFX0QIhKQ++L2sfAGR6WMd083eZI9VXw=
x-served-by: cache-hhn1527-HHN
last-modified: Tue, 02 Oct 2018 02:58:53 GMT
server: AmazonS3
x-timer: S1546598604.233482,VS0,VE0
etag: "eed931ffe2a555a310715cf8678d32f5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 69301

GET
H/1.1 200
OK chartbeat.js Show response
a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/ 35 KB
14 KB 112ms
18ms Script
application/x-javascript 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/chartbeat.js
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c46f8698db452aca7eccf43baf4f36c6c3a61b6fe2918029c62e76a357e55365

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 02:34:26 GMT
Server: Apache
ETag: "6331f6204f3f22afa008480b710c3f7a:1538620467"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14020

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1120491109&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&ul=en-us&de=UTF-8&dt=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=AdBlock&ea=false&_u=aGnAAEAj~&jid=876974303&gjid=1290457078&cid=737900102.1546598599&tid=UA-19047342-11&_gid=154114717.1546598604&_r=1&gtm=2wgbc0PWWZSH&z=1106513148

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1068cf12f6 Show response
bam.nr-data.net/1/ 57 B
261 B 467ms
113ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1068cf12f6?a=313780&v=1099.d27c17c&to=ZQMAYxdYXUBSAkFbClxJLFgXVFJfWhtQVjBAD01EAFhBUFsyUFEQQA8WTkpXVkRATh8dKFMKFVYXXFFKRwRGHyNbCgdbAEpAHkEAW0EKXxEDRQAUUl0eBFhXF1UPDFBITVtBVgBBHwNdFE9iNg%3D%3D&rst=7989&ref=https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US&ap=185&be=2006&fe=7884&dc=5073&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1546598596259,%22n%22:0,%22f%22:347,%22dn%22:349,%22dne%22:386,%22c%22:386,%22s%22:550,%22ce%22:1045,%22rq%22:1046,%22rp%22:1811,%22rpe%22:1978,%22dl%22:1814,%22di%22:4955,%22ds%22:4955,%22de%22:5086,%22dc%22:7861,%22l%22:7861,%22le%22:7886%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1099.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set abfLDkzKTpZKCY1fjQqNSZ-KzReN1xQRSIkJDA2LzV-KiVcUlZPRSIjMVwnIi00JkUzJicmMzMmM1xFNCY0NCowL34zJicmMzMmM1xFNCY0NCowL34uJjQ0IigmfiQwNi81XE9FKzdcUU1PTVBPWFNFJCUkXDgqLyUwOE1-NDF-TS40KE1-Ki81JjMvIi1NJCUkUE... Show response
consent.techtarget.com/ 14 KB
5 KB 9ms
9ms Script
application/javascript 52.59.88.132
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.techtarget.com/abfLDkzKTpZKCY1fjQqNSZ-KzReN1xQRSIkJDA2LzV-KiVcUlZPRSIjMVwnIi00JkUzJicmMzMmM1xFNCY0NCowL34zJicmMzMmM1xFNCY0NCowL34uJjQ0IigmfiQwNi81XE9FKzdcUU1PTVBPWFNFJCUkXDgqLyUwOE1-NDF-TS40KE1-Ki81JjMvIi1NJCUkUEUpMyYnXCk1NTE0RFJgRFFlRFFlNCYiMyQpNCYkNjMqNTpNNSYkKTUiMygmNU0kMC5EUWUvJjg0RFFlUVRRU1RUT1BXRFFlbCItOCIzJiM6NSY0TGUqLSYtJjQ0TDMiLzQwLjgiMyZMIi9MJi4mMygqLyhMNSkzJiI1TCcwM0x0ckRSZTY1Ln4kIi4xIiooL0RSY3YmJiwtOkRRVFFPbSY4NC0mNTUmM0RRVFFPMCdEUVRRT2JkcXNMcnJmRFFVNjUufi4mJSo2LkRSYyYuIiotRFFVNjUufjQwNjMkJkRSY3EmNzYmRFFUUU8vJjg0LSY1NSYz
Requested by: Host: cdn.ttgtmedia.com
URL: https://cdn.ttgtmedia.com/cmp/sourcepoint/sp-msg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.88.132 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-88-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 626496b173f686c3b37f7d46dcb800ce57e331ea1106a5a89f4c4d659cbfe916

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: consent.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jan 2019 10:43:24 GMT
Content-Encoding: gzip
X-Sp-Mms-Node: mms-ayd.node.fra.consul
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Sp-Mms-Env: 1
Set-Cookie: _sp_v1_uid=1:801:54cafb67-dabe-424c-a697-e6859b843e29;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT _sp_v1_data=2:19415:1546598604:0:1:0:1:0:0:1bc380c9-13ef-40c5-a872-3d6502475867:27306;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbKKRmbkgRgGtbE6MUqpIGZeaU4OkF0CVlBdi1tCKRYAmuD4I1IAAAA%3D;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT _sp_v1_opt=1:;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT _sp_v1_stage=1;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT _sp_v1_csv=2.0.1094;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT _sp_v1_lt=1:msg|true:;Path=/;Expires=Sun, 03-Feb-2019 10:43:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
181 B 52ms
8ms Image
image/gif 3.122.36.177
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1546598604259&y=2.0.1094&elg=891553303&flg=370&x=vhdufkvhfxulwb.whfkwdujhw.frp%2Fqhzv%2F252455018%2FPdozduhebwhv-Ilohohvv-udqvrpzduh-dq-hphujlqj-wkuhdw-iru-XV&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Clq%3A%3Adm%2Clqi%2Cqh%2Cvf%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Ffgq3.rswlplchob.frp%2Fmv%2Fjhr2.mv%3Ffe%3D1546598603121%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fggwxv%2F%3Brug%3D1546598603121%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Aquiv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.36.177 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-122-36-177.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 04 Jan 2019 10:43:24 GMT
server: Jetty(9.2.10.v20150310)
access-control-allow-origin: *
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 334ms
108ms Image
image/gif 52.22.232.46
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=techtargetnetwork.com&p=%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US&u=hVwRWtc4U8Cev-o&d=searchsecurity.techtarget.com&g=41935&g0=ssec%2C%20ssec%20-%20Information%20security%20threats&g1=Casey%20Clark%2C%20NEWS%2C%20ssec%20-%20NEWS&n=1&f=00001&c=0&x=0&m=0&y=5406&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=7861&_c=Weekly%20Newsletter%20of%20CERT-SSG&_m=email&_x=Revue%20newsletter&t=Dke8VzCiLyJsNeKQRCxsRvRKhSD1&V=109&i=Malwarebytes%3A%20Fileless%20ransomware%20an%20emerging%20threat%20for%20U.S.&tz=0&sn=1&sv=_oZ2HBNXgErCNLbLgDxgaJWDyD1Gs&sd=1&im=061b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.232.46 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-22-232-46.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 04 Jan 2019 10:43:24 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK get_site_data Show response
consent.techtarget.com/ 19 B
387 B 8ms
8ms XHR
text/plain 52.59.88.132
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.techtarget.com/get_site_data?account_id=370&href=https%3A%2F%2Fsearchsecurity.techtarget.com
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.88.132 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-88-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4680c565a5d7088fd0b5545d4e904c73f0b89eb3a4ffeb05984833f89ae69f41

Request headers

Pragma: no-cache
Origin: https://searchsecurity.techtarget.com
Accept-Encoding: gzip, deflate, br
Host: consent.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

Date: Fri, 04 Jan 2019 10:43:24 GMT
Content-Encoding: gzip
X-Sp-Mms-Node: mms-ax2.node.fra.consul
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1088 Show response
sourcepoint.mgr.consensu.org/consent/v2/ 0
251 B 53ms
11ms XHR
text/plain 35.156.14.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.mgr.consensu.org/consent/v2/1088
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.14.155 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-14-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com

Response headers

date: Fri, 04 Jan 2019 10:43:24 GMT
status: 200
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 0

POST
H2 200 consent-all Show response
sourcepoint.mgr.consensu.org/consent/v2/1088/ 3 KB
3 KB 19ms
19ms XHR
application/json 35.156.14.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.mgr.consensu.org/consent/v2/1088/consent-all?withSiteActions=true
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.14.155 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-14-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5472f68320a7440e31bee2553d6bc85001216287f2e34ef9e13472de2df11f60

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Jan 2019 10:43:24 GMT
status: 200
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://searchsecurity.techtarget.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3063

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
255 B 100ms
100ms XHR
text/plain 52.0.221.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.221.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-221-2.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Origin: https://searchsecurity.techtarget.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://searchsecurity.techtarget.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 04 Jan 2019 10:43:24 GMT
Content-Type: text/plain

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 109ms
107ms Script
text/javascript 52.20.14.210
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?sw=252455018https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&q=xSeg&v=1.x&ep%5Bids%5D=2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C2433138%2C1010674%2C2053107%2C5648811%2C565952%2C10856540%2C11527225%2C1624243%2C14793258%2C12013010&cl=68&pixelIndex=0&r=102783&tzOffset=0&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&id=1998507995125339361&_=1546598599157
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_b4c96d80854dd27e76d8cc9e21960eebda52e962.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.14.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-14-210.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 38ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: 1CemPgKsIw6CLCTPmdtrcpS1J6WUxf/AbSubLrWtLkT5ET4Wqy7KJt/2VYmh+A5AQr6clnpW7pchd01yDACKPw==
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Jan 2019 10:43:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 14861
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 48ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: searchsecurity.techtarget.com
URL: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 04 Jan 2019 10:43:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72774
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=827&add=2378844,7838491,7838492,7838563,7844583,7844585,7844587,8380284,2609968,2365326,2433138,1010674,2053107,5648811,565952,10856540,11527225,1624243,14793258,120...
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C2433138%2C1010674%2C2053107%2C5648811%2...

43 B
990 B

20ms
19ms

Image
image/gif

185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C2433138%2C1010674%2C2053107%2C5648811%2C565952%2C10856540%2C11527225%2C1624243%2C14793258%2C12013010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jan 2019 10:43:29 GMT
AN-X-Request-Uuid: df62f0cc-ebd5-417e-a500-8e40b9b7a943
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.26:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jan 2019 10:43:29 GMT
AN-X-Request-Uuid: cd443cc7-4f29-4877-986c-8842ad7beae2
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D2378844%2C7838491%2C7838492%2C7838563%2C7844583%2C7844585%2C7844587%2C8380284%2C2609968%2C2365326%2C2433138%2C1010674%2C2053107%2C5648811%2C565952%2C10856540%2C11527225%2C1624243%2C14793258%2C12013010
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
px.ads.linkedin.com/collect/
Redirect Chain

https://dc.ads.linkedin.com/collect/?pid=228428&fmt=gif
https://dc.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D228428%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true&liSync=true

43 B
119 B

115ms
114ms

Image
image/gif

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:28 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: image/gif
content-length: 58
x-li-uuid: y8ZJdj2fdhUgwgUYgisAAA==

Redirect headers

date: Fri, 04 Jan 2019 10:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2
content-length: 20
x-li-uuid: 6YuOcj2fdhWggXeLbysAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?pid=228428&fmt=gif&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 477332472703193 Show response
connect.facebook.net/signals/config/ 181 KB
44 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/477332472703193?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d1c6588792b9b56591e68b6c5529b272ec482548097739d8865d5f34a78b5101

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44257
x-xss-protection: 0
pragma: public
x-fb-debug: d2rQ8UKyQ8qBFGkad1ZBR9DzO+lsgQmRkJRT7Eaq/g6Xnz9rPulAtfT/x8TgrCVndrG5D90Kc29oIfNgpWkvvQ==
date: Fri, 04 Jan 2019 10:43:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Fu...
https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Fu...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1546598607821%26pid%3D38436%26url%3Dhttps%253A%252F%252Fsearchsecurity.techtarget.com%252Fnews%2...
https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Fu...

0
87 B

122ms
122ms

Script
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:28 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: iEOddj2fdhVgsjxLgisAAA==

Redirect headers

date: Fri, 04 Jan 2019 10:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2
content-length: 20
x-li-uuid: KGKucj2fdhVA1aDFbysAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?time=1546598607821&pid=38436&url=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1714262845527569 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1714262845527569?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

58da8f4126466b87a2b9e8e2630f1f9fe9a0a152b1bf4829ac8308782242646a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44258
x-xss-protection: 0
pragma: public
x-fb-debug: NRXq2o/2myWvvK6xiJWukGApyVoMMlXGtcVm8hEK9uynXs6U19yeffIVndwcKk8Y0FMcqs66ss7W18hHKgH2Tw==
date: Fri, 04 Jan 2019 10:43:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 45ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=477332472703193&ev=PageView&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&rl=&if=false&ts=1546598607909&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1546598607906.2127148283&it=1546598607815&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 04 Jan 2019 10:43:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
98 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1714262845527569&ev=PageView&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&rl=&if=false&ts=1546598607959&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1546598607906.2127148283&it=1546598607815&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 04 Jan 2019 10:43:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
98 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=477332472703193&ev=TechTarget-CouchbaseTargetAudience&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&rl=&if=false&ts=1546598607960&cd[custom_param]=TechTarget-CouchbaseTargetAudience&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1546598607906.2127148283&it=1546598607815&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 04 Jan 2019 10:43:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
98 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1714262845527569&ev=TechTarget-CouchbaseTargetAudience&dl=https%3A%2F%2Fsearchsecurity.techtarget.com%2Fnews%2F252455018%2FMalwarebytes-Fileless-ransomware-an-emerging-threat-for-US%3Futm_campaign%3DWeekly%2520Newsletter%2520of%2520CERT-SSG%26utm_medium%3Demail%26utm_source%3DRevue%2520newsletter&rl=&if=false&ts=1546598607961&cd[custom_param]=TechTarget-CouchbaseTargetAudience&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1546598607906.2127148283&it=1546598607815&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 04 Jan 2019 10:43:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 04 Jan 2019 10:43:27 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame CF9A 0
0 8ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2231
pragma: no-cache
cache-control: no-cache
origin: https://searchsecurity.techtarget.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
cookie: fr=0ydjTaOwklY5YghRQ..BcLzjP...1.0.BcLzjP.
Origin: https://searchsecurity.techtarget.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://searchsecurity.techtarget.com
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Fri, 04 Jan 2019 10:43:28 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 84E7 0
0 7ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2232
pragma: no-cache
cache-control: no-cache
origin: https://searchsecurity.techtarget.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
accept-encoding: gzip, deflate, br
Origin: https://searchsecurity.techtarget.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://searchsecurity.techtarget.com
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Fri, 04 Jan 2019 10:43:28 GMT

GET
H2 200 dc_oe=ChMI8fKG4fjT3wIVbYCDBx1mGgU-EAAYACCUp98z;met=1;&timestamp=1546598609994;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DA8F 42 B
431 B 84ms
28ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8fKG4fjT3wIVbYCDBx1mGgU-EAAYACCUp98z;met=1;&timestamp=1546598609994;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://searchsecurity.techtarget.com/news/252455018/Malwarebytes-Fileless-ransomware-an-emerging-threat-for-US?utm_campaign=Weekly%20Newsletter%20of%20CERT-SSG&utm_medium=email&utm_source=Revue%20newsletter
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jan 2019 10:43:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-18 22:19:50	Name: PugT Value: 1546598604
.pubmatic.com/	1970-01-18 23:46:14	Name: PUBMDCID Value: 3
searchsecurity.techtarget.com/	1970-01-18 21:36:40	Name: _cb_svref Value: null
searchsecurity.techtarget.com/	1970-01-19 07:05:26	Name: _cb Value: hVwRWtc4U8Cev-o
.searchsecurity.techtarget.com/	1970-01-18 21:36:38	Name: _gat_UA-19047342-11 Value: 1
searchsecurity.techtarget.com/	1970-01-19 07:05:26	Name: _cb_ls Value: 1
searchsecurity.techtarget.com/	1970-01-19 07:05:26	Name: _chartbeat2 Value: .1546598604271.1546598604271.1._oZ2HBNXgErCNLbLgDxgaJWDyD1Gs.1
.pubmatic.com/	1970-01-18 22:19:50	Name: KRTBCOOKIE_466 Value: 16530-ebcc2dc2-ad83-496e-9624-07547e224f07&KRTB&16532-ebcc2dc2-ad83-496e-9624-07547e224f07
.pubmatic.com/	1970-01-18 22:19:50	Name: KRTBCOOKIE_336 Value: 5844-2401160571541478302
searchsecurity.techtarget.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 5.008
.searchsecurity.techtarget.com/	1970-01-18 21:38:05	Name: _gid Value: GA1.3.154114717.1546598604
.searchsecurity.techtarget.com/	1970-01-19 15:07:50	Name: _ga Value: GA1.3.737900102.1546598599

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js(Line 1) Message: Exception in queued GPT command
console-api	log	URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.24(Line 3) Message: UX ERROR-CHECK STARTING
console-api	log	URL: https://cdn.ttgtmedia.com/rms/ux/responsive/js/responsive.min.js?v=7.24(Line 93) Message: UX ERROR-CHECK COMPLETE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
a248.e.akamai.net
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aktrack.pubmatic.com
api.ipify.org
bam.nr-data.net
cdn.digitru.st
cdn.optimizely.com
cdn.ttgtmedia.com
cdn3.optimizely.com
click.revue.email
cm.g.doubleclick.net
connect.facebook.net
consent.techtarget.com
dc.ads.linkedin.com
dnn506yrbagrg.cloudfront.net
errors.client.optimizely.com
go.techtarget.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
js-agent.newrelic.com
media.techtarget.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
s.dpmsrv.com
s0.2mdn.net
script.hotjar.com
searchsecurity.techtarget.com
securepubads.g.doubleclick.net
snap.licdn.com
sourcepoint.mgr.consensu.org
sp-js-releases.s3.amazonaws.com
sshowads.pubmatic.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
tags.bluekai.com
tpc.googlesyndication.com
users.techtarget.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.summerhamster.com
104.109.79.206
104.109.83.115
107.23.87.2
147.75.205.43
147.75.81.98
147.75.83.23
151.101.2.110
159.180.84.2
162.247.242.20
163.171.128.148
163.171.132.119
167.89.118.52
172.217.16.130
172.217.22.6
172.217.22.98
185.33.223.200
185.64.189.115
198.47.127.32
2.16.186.24
2.18.233.180
206.19.49.139
206.19.49.153
206.19.49.186
206.19.49.191
216.58.205.226
216.58.206.2
23.210.249.92
2620:109:c002::6cae:a0a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2002
2a00:1450:4001:818::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::2006
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
2a00:1450:4001:824::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c08::9a
2a02:26f0:6c00:183::13b8
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
3.122.36.177
35.156.14.155
52.0.221.2
52.20.14.210
52.22.232.46
52.59.88.132
54.192.94.27
54.204.36.156
54.230.202.128
54.231.50.10
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
089aca69c964aa0d24bd619f1182ff5a5f2dc40f5a5e19d738b1f00c8bee4177
0a1c999e7307e4887901ffd5329d0f243a84b00e845c3188ca6dea280ff28421
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a05eb8a20a29379eae6880f4a60577364834efaef822d2342b85877c5cf94
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
0ddab4a499baf8917710dd9018d2fbb3acfd1a53812f015de78002b2f625edcc
102a6a6cf9e5359077acf7516dcb3e64d926b034a6dbcd6d246dd83d84ff2649
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193901b4de9a38ac03222bcd4f945773e2b147601d0806f95abc26f13a8c726
120bc63b8c45438fc8d5c1d0fee99a253d86a8d87b073f418cc158633694872e
14dbb3ee1a1e1b3bf54efbfba0e2bf82b85fc43c218f957a2198b2c6bbe5ba1f
16a93af1775e73fe37b346533adc187e25cfedec1d9e6d17373740c2d09cfecf
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
19e440e68a42111c897e8542dcb3e7c4cc9da0ee89eae66c2c94b022e9b89a2b
1a7a4f805121a8a73391a5b2612245225ada7409c4728ea9147d1de662c6fec5
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
1b68d338555fda70d3bc0680e6775949bcaaa22bfa6680a388f0c57355a06669
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1c1ad9b177cb324086883a23710e38150ace1f1df47a80e7dde0c9e43708e281
1f11526358061a090ffafb8b142a921d546bd9b575f0baf9cc64582bf73221d3
1fae3d21b09d0f4dc0726679d549722befc2a4e976d9020dce595264c94d30f7
2078315dbfa221e674b5fc698a3dca126cd82e10e128fec0867d917adc428210
2160a63f0c7e46c31551cfba0862153756107739bdd3b3caa0bdfd5f09fb9dc3
2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c
2a82dcd10bc3b1f681f6b87c3ac1e92f6a77710802d1df275695931642ac9667
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31e766234975fc978fa01785054c632235eb8f73f9cc5517e663327a99b03eb3
35ef9ac2d40057982eda09d60724c474cd8c211a24e682d310b68cc47edd9f7d
3e784931954856122e3c247836d48ae183463eeb115a2a76d4e103a77bc6767f
3fbf514b2907f4a58bcd75de7e6e3940301fdf116ae41bb25b4f2030e84a40dc
422a091638244aad484b505d0e4318f2dd5a2f6ce1c6cfd6e349f55d8a2465c4
44a3b4335a2838d5f1e3da151d72565c434518a9eddcc796ca8d081d328384a9
45765c81a6dab849e569ec37d9d2d2306f065f5a6d9c6e9f614ca161364b3673
4680c565a5d7088fd0b5545d4e904c73f0b89eb3a4ffeb05984833f89ae69f41
47400eaeeee9e42b6ff93b70ae1cd345aef952f56bdff6350760bea146432c9e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc047a9a0e8f0705b3f1a52688f80ec9ec170c6554e32dbe2e5a38c823624f1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
51f360700a861397d74b2a94077bcc23f22119407f35e76b762a830e1d330c53
5472f68320a7440e31bee2553d6bc85001216287f2e34ef9e13472de2df11f60
571d50e822ce6770d1e63b8bb1ae0cfdfdcf78107ab875565c0a8cc68feae52b
57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd
58da8f4126466b87a2b9e8e2630f1f9fe9a0a152b1bf4829ac8308782242646a
5e124015a204052c2fe73df648b0aa6e35d811fd41618d8be5b1a4953a787255
626496b173f686c3b37f7d46dcb800ce57e331ea1106a5a89f4c4d659cbfe916
675e55c6e17480e86b0edfb65a5b62a68e3fb9ab955103b841887c52312f25d3
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
68f4a6009b77ef6b5cc867f57d0095ff7db697d95821fc747e5dae6cecdf79b9
691fc5c88fe70d5d8ad951d53abdb8169516d14f9334a3974d57e776cbcaf6e3
69d029e725cb27d33c3f2d9ada4c835d9625a8acf19153e865877bda03724c92
6b4523c1b5c994fd95c4a28ef9cb7ef27d7f0ba1430299f8a633c034ed12afff
6b79a0e2ee012ec44afb4ae22c62245df15412aff1012948287d6ef71e4dbfd5
700b19acc314bf7890fdf677d026842f05e7276479d68f8e219cf336313ac910
7b00ff65bbf13f8b40cda140ebf89b8311574b3e964612e7aff25b6fdf2fc0f7
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
81848be40229acb209d411752a6e55982e0912eb3ade455bdbb2ca5805886834
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87afe9e2a41fae48b23b017c8fda56252d511e3fc760c2e87a55b90029cd7b7b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89a5d1fe07ea14ef0266b81df043545368fe9d363c90bb520bfdb1e34e276a70
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b79300ff9ea97753eef0ced0cb25238732317781435a446145c622e0651970d
8ed98bccc6ac6b099e10969861a9db69be6d082841911a333d58b674506d3395
909ae1785f3faac88ca7236bcd06d703e57b60855999d3d194d967fcb82b738a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9465d5f89c411d83b7e7f73d1770a327062c9ee121a823d6183b1d3392352801
948cb0878cdcdc43dd5cdb18be3143440067b7c98a4241eefcef5beccdfea1f3
9805cd8364c8039be102b2a24b2095eeed846301e212b5b40b3fa2e659d80eba
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a58f1cf6feb13779ee09699b7f1c8acf71734ff64e16fe9f604a1cf5e23e9298
a5a6de19e1f93a470e488faeb516b88712914c7b6433183a23863e60276a5a9b
b566d3837d7f5c27210cbe31859c2ca2a960511d847bd88b3bc3803bb7b43a09
b5d523812cbf25a9ac4b51fdb6a45296e0e6dd5648854e8ea6974572296d46d4
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
ba141a649f3c0882ffe91c5a5c48626e0c7dc4081b4529bc581431b27342de59
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c1e1533f4846370e3a374c734b344b371b96d45918fd754438d38b388ca21c8a
c275f7e66caa9f1b97b48543efa01929121cec4fd0ff47fc1f84a2b7a78edc2d
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c46f8698db452aca7eccf43baf4f36c6c3a61b6fe2918029c62e76a357e55365
c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9
c8ae2a095dd9264db23d5b5b47e27d4989c09064960b93613578c7fcd1ba5303
cabe1693a5caaf15b1a6e77911a21612f171621d124e3c2785d038f2a06c3918
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01829e2120cb521d453546f186bed3c94bcf24b5089890cfd8750e771d00452
d0c4935e2029ddd59a64c81aae8587289b762e8bcf283dee0d88c1e30f62715b
d1c6588792b9b56591e68b6c5529b272ec482548097739d8865d5f34a78b5101
dc0b8bd5655ae560bf511f99b516d7c0a424a38138b1d7ece61d9562b7364c83
e336ee59ce0834d614f1ef0c0da0148c1fe1e3539c5469c839a4a724c3ddc082
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b0c9757550b77ba2ad700cf8762c14c22fa41713a2f157be4b9a911353659
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea98a97affa282813064564d48e2ad9e16391a44d5e75fb859e804acaf1958e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64b7869be95fca2fc31b0178e47ca38edab8373423329deb0a6ff2a6cf22f0f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

searchsecurity.techtarget.com Open in urlscan Pro 206.19.49.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

100 %HTTPS

34 %IPv6

34 Domains

58 Subdomains

53 IPs

7 Countries

2041 kBTransfer

6416 kBSize

12 Cookies

47 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

searchsecurity.techtarget.com Open in urlscan Pro
206.19.49.153 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

100 %
HTTPS

34 %
IPv6

34
Domains

58
Subdomains

53
IPs

7
Countries

2041 kB
Transfer

6416 kB
Size

12
Cookies

158 HTTP transactions
4 data transactions