securelist.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/LWIaD8F7md
Effective URL:
https://securelist.com/black-kingdom-ransomware/102873/
Submission: On December 26 via api (December 26th 2021, 2:08:34 am UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 163 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 26 domains to perform 123 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is securelist.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 22nd 2021. Valid for: a year.

This is the only time securelist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
33	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
18	18.66.112.87 18.66.112.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
21	2600:9000:223... 2600:9000:223c:6600:1b:d000:d280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.78.200.127 54.78.200.127	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.220.225.42 54.220.225.42	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b8::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
123	24

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

securelist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.66.112.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-87.fra56.r.cloudfront.net

assets.kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:223c:6600:1b:d000:d280:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.31 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.200.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-200-127.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

802-ijn-240.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

kaspersky.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.225.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-225-42.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b8::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	kasperskycontenthub.com assets.kasperskycontenthub.com media.kasperskycontenthub.com kasperskycontenthub.com	3 MB
31	securelist.com securelist.com	238 KB
8	google-analytics.com www.google-analytics.com	40 KB
4	facebook.net connect.facebook.net	253 KB
4	googletagmanager.com www.googletagmanager.com	339 KB
4	google.com www.google.com apis.google.com	22 KB
3	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	85 KB
3	facebook.com www.facebook.com	422 B
2	omtrdc.net kaspersky.d3.sc.omtrdc.net	560 B
2	gstatic.com www.gstatic.com	271 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	marketo.net munchkin.marketo.net	6 KB
2	t.co t.co	1007 B
1	twitter.com analytics.twitter.com	674 B
1	doubleclick.net stats.g.doubleclick.net	441 B
1	mktoresp.com 802-ijn-240.mktoresp.com	311 B
1	demdex.net dpm.demdex.net	1 KB
1	kaspersky.com media.kaspersky.com	48 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
0	usabilla.com Failed w.usabilla.com Failed
0	xg4ken.com Failed resources.xg4ken.com Failed
0	impactradius-event.com Failed d.impactradius-event.com Failed
0	myvisualiq.net Failed vt.myvisualiq.net Failed t.myvisualiq.net Failed
0	contentsquare.net Failed t.contentsquare.net Failed
0	google.de Failed www.google.de Failed
0	everesttech.net Failed cm.everesttech.net Failed
123	26

	Domain	Requested by
31	securelist.com	t.co securelist.com
21	media.kasperskycontenthub.com	securelist.com
18	assets.kasperskycontenthub.com	securelist.com assets.kasperskycontenthub.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com securelist.com
4	connect.facebook.net	securelist.com connect.facebook.net
4	www.googletagmanager.com	securelist.com www.googletagmanager.com
3	www.facebook.com	securelist.com connect.facebook.net
3	www.google.com	securelist.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	kaspersky.d3.sc.omtrdc.net	media.kaspersky.com
2	www.gstatic.com	www.google.com
2	munchkin.marketo.net	securelist.com munchkin.marketo.net
2	kasperskycontenthub.com	securelist.com
2	t.co	securelist.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	analytics.twitter.com	static.ads-twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	802-ijn-240.mktoresp.com	munchkin.marketo.net
1	dpm.demdex.net	media.kaspersky.com
1	apis.google.com	securelist.com
1	rum-static.pingdom.net	securelist.com
1	media.kaspersky.com	securelist.com
1	static.ads-twitter.com	securelist.com
0	w.usabilla.com Failed	securelist.com
0	t.myvisualiq.net Failed
0	resources.xg4ken.com Failed	t.co
0	d.impactradius-event.com Failed	t.co
0	vt.myvisualiq.net Failed	www.googletagmanager.com
0	t.contentsquare.net Failed	t.co
0	www.google.de Failed	securelist.com
0	cm.everesttech.net Failed	securelist.com
123	32

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
policies.google.com
www.kaspersky.com
www.linkedin.com
documents.marketo.com
www.solarwinds.com
twitter.com
www.adobe.com
business.brighttalk.com
www.facebook.com
de.securelist.com
securelist.fr
securelist.lat
securelist.it
www.kaspersky.de
kaspersky.com
companyaccount.kaspersky.com
securelist.ru
support.kaspersky.com
my.kaspersky.com
ksos.kaspersky.com
apt.securelist.com
statistics.securelist.com
encyclopedia.kaspersky.com
threats.kaspersky.com
www.kasperskypartners.com
press.kaspersky.com
blog.cyberint.com
proxylogon.com
media.kasperskycontenthub.com
github.com
xtraining.kaspersky.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
securelist.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-22` - `2022-07-23`	a year	crt.sh
media.kasperskycontenthub.com Amazon	`2021-02-01` - `2022-03-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
kasperskycontenthub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-07-03`	a year	crt.sh
media.kaspersky.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-23` - `2022-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2021-12-14` - `2022-12-13`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.pingdom.net Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://securelist.com/black-kingdom-ransomware/102873/
Frame ID: 07FEE546B49DA0ED577EBF85927FC33B
Requests: 121 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 02F13A368F2915ED8D17AC0F7D7E7446
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/1649d5fbb67c.js?lv=1
Frame ID: 87632A19ACFF33E805B532AB41C9641A
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: D070858D01C117E64121899978BC2964
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Black Kingdom ransomware | SecurelistLogo

Page URL History Show full URLs

https://t.co/LWIaD8F7md Page URL
https://securelist.com/black-kingdom-ransomware/102873/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

123
Requests

93 %
HTTPS

52 %
IPv6

26
Domains

32
Subdomains

24
IPs

6
Countries

4820 kB
Transfer

10046 kB
Size

17
Cookies

163 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Logo

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/web-privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://documents.marketo.com/legal/privacy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/legal/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.adobe.com/uk/privacy.html
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://business.brighttalk.com/company/privacy-policy/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://documents.marketo.com/legal/cookies/
Title: Erfahren Sie mehr über diesen Anbieter

Search URL Search Domain Scan URL

URL: https://de.securelist.com/
Title: de.securelist.com

Search URL Search Domain Scan URL

URL: https://securelist.fr/
Title: securelist.fr

Search URL Search Domain Scan URL

URL: https://securelist.lat/
Title: securelist.lat

Search URL Search Domain Scan URL

URL: https://securelist.it/
Title: securelist.it

Search URL Search Domain Scan URL

URL: https://www.kaspersky.de/web-privacy-policy
Title: Datenschutzrichtlinie

Search URL Search Domain Scan URL

URL: https://kaspersky.com/home-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Home Products

Search URL Search Domain Scan URL

URL: https://kaspersky.com/small-business-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Small Business 1-50 employees

Search URL Search Domain Scan URL

URL: https://kaspersky.com/small-to-medium-business-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Medium Business 51-999 employees

Search URL Search Domain Scan URL

URL: https://kaspersky.com/enterprise-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Enterprise 1000+ employees

Search URL Search Domain Scan URL

URL: https://companyaccount.kaspersky.com/account/login?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: CompanyAccount

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/contact?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Get In Touch

Search URL Search Domain Scan URL

URL: https://securelist.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Solutions

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/endpoint?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/cloud-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/embedded-security-internet-of-things?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/threat-management-defense-solution?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/industrial-solution?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/fraud-prevention?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/industries?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Industries

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/national-cybersecurity?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/industrial?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/finance?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/healthcare?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/transportation-cybersecurity-it-infrastructure?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/retail-cybersecurity?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/telecom?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Telecom Cybersecurity

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/products?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Products

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/anti-targeted-attack-platform?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/private-security-network?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/embedded-systems?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/mail-server-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Security for Mail Server

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/ddos-protection?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky DDoS Protection

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/mobile?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Mobile Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/storage-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Security for Storage

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/services?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Services

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/cybersecurity-services?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/security-awareness?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/premium-support?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/threat-intelligence?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/targeted-attack-discovery?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/incident-response?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/professional-services?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Professional Services

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/security-assessment?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Security Assessment

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/cyber-security-training?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Security Training

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/cyber-incident-response-communication?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Kaspersky Advanced Cyber Incident Communications

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/resources?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/resources/case-studies?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/resources/white-papers?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: White Papers

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/resources/data-sheets?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Datasheets

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/wiki-section/home?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Technologies

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/contact?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/gdpr?icid=gl_securelisheader_acq_ona_smm__onl_b2b_securelist_prodmen_______
Title: GDPR

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/home-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Products

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/total-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: KasperskyTotal Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/internet-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: KasperskyInternet Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/antivirus?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: KasperskyAnti-Virus

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/mac-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: KasperskyInternet Security for Mac

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/android-security?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Kaspersky Internet Security for Android

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/secure-connection?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: KasperskySecure Connection

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/safe-kids?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Kaspersky Safe Kids

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/password-manager?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Kaspersky Password Manager

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/free-software-updater?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Kaspersky Software Updater

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/downloads?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: View more

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/renewal-center/home?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Renew

Search URL Search Domain Scan URL

URL: https://support.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______#s_tab2
Title: Support

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/resource-center?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://my.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: My Kaspersky

Search URL Search Domain Scan URL

URL: https://my.kaspersky.com/MyDevices?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: My Devices

Search URL Search Domain Scan URL

URL: https://my.kaspersky.com/MyLicenses?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: My Products / Subscriptions

Search URL Search Domain Scan URL

URL: https://my.kaspersky.com/MyAccount/OrdersHistory?icid=gl_securelisheader_acq_ona_smm__onl_b2c_securelist_prodmen_______
Title: My Orders

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Products

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/small-office-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskySmall Office Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/cloud?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskyEndpoint Security Cloud

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/endpoint-select?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskyEndpoint Security for Business Select

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/endpoint-advanced?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskyEndpoint Security for Business Advanced

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/renewal-center/vsb?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Renew

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/downloads?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Downloads

Search URL Search Domain Scan URL

URL: https://support.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______#s_tab3
Title: Support

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources/insights?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources/products?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Products & Solutions

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources/customers?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources/industry-awards-and-recognition?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Awards & Recognition

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-business-security/resources/technology?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Technology

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/gdpr?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: GDPR

Search URL Search Domain Scan URL

URL: https://ksos.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KSOS Portal

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Products

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/microsoft-office-365-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskySecurity for Office 365

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/total?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskySecurity for Business Total

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/virtualization-hybrid-cloud?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: KasperskyPhysical, Virtual & Cloud Workloads Security

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/mail-server?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Mail Server

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/file-server?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: File Server

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/mobile?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/internet-gateway?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Internet Gateway

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/collaboration?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Collaboration

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/systems-management?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Vulnerability and Patch Management

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/storage?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Storage

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/targeted-solutions?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: View More

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/services?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Services

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/downloads?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources/insights?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Insights

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources/products?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Products & Solutions

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources/customers?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources/industry-awards-and-recognition?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Awards & Recognition

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/small-to-medium-business-security/resources/technology?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Technology

Search URL Search Domain Scan URL

URL: https://companyaccount.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: CompanyAccount

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Solutions

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/products?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: View all

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/enterprise-security/resources?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://apt.securelist.com/
Title: APT Logbook

Search URL Search Domain Scan URL

URL: https://statistics.securelist.com/
Title: Statistics

Search URL Search Domain Scan URL

URL: https://encyclopedia.kaspersky.com/
Title: Encyclopedia

Search URL Search Domain Scan URL

URL: https://threats.kaspersky.com/
Title: Threats descriptions

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/partners?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.kasperskypartners.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/partners/affiliate?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Affiliate

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/partners/technology?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Technology

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/partners/whitelist-program?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Whitelist Program

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/company?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Company

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/team?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Team

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/transparency?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Transparency Center

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/policy-blog?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Policy Blog

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/press-releases?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Corporate News

Search URL Search Domain Scan URL

URL: https://press.kaspersky.com/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Press Center

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/careers?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/incubator?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Incubator

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/about/sponsorships/?icid=gl_securelisheader_acq_ona_smm__onl_b2b__prodmen_______
Title: Sponsorships

Search URL Search Domain Scan URL

URL: https://blog.cyberint.com/black-kingdom-ransomware
Title: provided a script

Search URL Search Domain Scan URL

URL: https://proxylogon.com/
Title: ProxyLogon

Search URL Search Domain Scan URL

URL: https://twitter.com/vikas891/status/1373282066603859969
Title: publicly reported

Search URL Search Domain Scan URL

URL: https://twitter.com/malwaretechblog/status/1373648027609657345
Title: Public reports

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141438/BlackKingdom_ransomware_01.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141523/BlackKingdom_ransomware_02.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141650/BlackKingdom_ransomware_03.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141733/BlackKingdom_ransomware_04.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141817/BlackKingdom_ransomware_05.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143025/BlackKingdom_ransomware_06.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143102/BlackKingdom_ransomware_07.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143137/BlackKingdom_ransomware_08.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143222/BlackKingdom_ransomware_09.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143256/BlackKingdom_ransomware_10.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143334/BlackKingdom_ransomware_11.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143409/BlackKingdom_ransomware_12.png

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16143451/BlackKingdom_ransomware_13.png

Search URL Search Domain Scan URL

URL: https://github.com/BuchiDen/Ransomware_RAASNet/blob/master/RAASNet.py
Title: available on Github

Search URL Search Domain Scan URL

URL: https://xtraining.kaspersky.com/courses/hunt-apts-with-yara-like-a-great-ninja?utm_source=securelist&utm_medium=blog&utm_campaign=gl_yara-launch_ay0073&utm_content=banner&utm_term=gl_securelist_organic_tz7324ysk6dxzt5&redef=1&THRU&reseller=gl_xtr-we-are-open_acq_ona_smm__onl_b2b_securelist_banner_______

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/end-user-license-agreement
Title: License Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/LWIaD8F7md Page URL
https://securelist.com/black-kingdom-ransomware/102873/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 LWIaD8F7md
t.co/ 322 B
642 B 140ms
119ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/LWIaD8F7md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 26 Dec 2021 02:08:25 GMT
vary: Origin
server: tsa_o
expires: Sun, 26 Dec 2021 02:13:26 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 207
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 8b1dd5f98581af60fbaeb0039b8a79febab619305617ab7ee3fec32c664c143b

GET
H/1.1 200
OK Primary Request / Show response
securelist.com/black-kingdom-ransomware/102873/ 232 KB
49 KB 489ms
188ms Document
text/html 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://securelist.com/black-kingdom-ransomware/102873/

Requested by

Host: t.co
URL: https://t.co/LWIaD8F7md

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a94bde9aaf3c2226749ef3728c4c4daf78ea99c067f6dafc419b63fb374b3585

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://.clicktale.net https://.demdex.net https://.doubleclick.net https://.everesttech.net https://.facebook.com https://.facebook.net https://.google-analytics.com https://.google.com https://.mktoresp.com https://.optimizely.com https://.pingdom.net https://.reddit.com https://.securelist.com https://.youtube.com https://box.kaspersky.com https://cdn.securelist.com https://consentcdn.cookiebot.com https://e.infogram.com https://hn.algolia.com https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.google-analytics.com; default-src 'self' https://.securelist.com https://box.kaspersky.com https://cdn.securelist.com https://kasperskycontenthub.com https://kasperskycontenthub.com/securelist https://securelist.com https://tpc.googlesyndication.com; font-src 'self' data: https://.gstatic.com https://.securelist.com https://.wp.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://kasperskycontenthub.com https://securelist.com https://tpc.googlesyndication.com; frame-src 'self' http://.slideshare.net https://.addthis.com https://.doubleclick.net https://.facebook.com https://.google.com https://.infogram.com https://.instagram.com https://.libsyn.com https://.marketo.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.slideshare.net https://.twitter.com https://.wp.com https://.youtube.com https://box.kaspersky.com https://cdn.securelist.com https://consentcdn.cookiebot.com https://go.kaspersky.com https://infogram.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.brighttalk.com; img-src 'self' data: http://.netdna-cdn.com http://.wordpress.com http://.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://.addthis.com https://.cdninstagram.com https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.com https://.google.ru https://.gravatar.com https://.gstatic.com https://.infogram.com https://.instagram.com https://.netdna-cdn.com https://.netdna-ssl.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.staticflickr.com https://.twimg.com https://.twitter.com https://.wordpress.com https://.wp.com https://.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com; object-src 'self' https://.securelist.com https://box.kaspersky.com https://kasperskycontenthub.com https://player.vimeo.com https://polldaddy.com https://securelist.com https://tpc.googlesyndication.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com; style-src 'self' 'unsafe-inline' http://.googleapis.com http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.googleapis.com https://.gravatar.com https://.kaspersky.com https://.marketo.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://*.wp.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.securelist.com https://fonts.googleapis.com https://kasperskycontenthub.com https://s0.wp.com https://secure.gravatar.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/

Response headers

Server: nginx
Date: Sun, 26 Dec 2021 02:08:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: connect-src 'self' https://*.clicktale.net https://*.demdex.net https://*.doubleclick.net https://*.everesttech.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.mktoresp.com https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.securelist.com https://*.youtube.com https://box.kaspersky.com https://cdn.securelist.com https://consentcdn.cookiebot.com https://e.infogram.com https://hn.algolia.com https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.google-analytics.com; default-src 'self' https://*.securelist.com https://box.kaspersky.com https://cdn.securelist.com https://kasperskycontenthub.com https://kasperskycontenthub.com/securelist https://securelist.com https://tpc.googlesyndication.com; font-src 'self' data: https://*.gstatic.com https://*.securelist.com https://*.wp.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://kasperskycontenthub.com https://securelist.com https://tpc.googlesyndication.com; frame-src 'self' http://*.slideshare.net https://*.addthis.com https://*.doubleclick.net https://*.facebook.com https://*.google.com https://*.infogram.com https://*.instagram.com https://*.libsyn.com https://*.marketo.com https://*.securelist.com https://*.sekindo.com https://*.sharethis.com https://*.slideshare.net https://*.twitter.com https://*.wp.com https://*.youtube.com https://box.kaspersky.com https://cdn.securelist.com https://consentcdn.cookiebot.com https://go.kaspersky.com https://infogram.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.brighttalk.com; img-src 'self' data: http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://*.addthis.com https://*.cdninstagram.com https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.google.ru https://*.gravatar.com https://*.gstatic.com https://*.infogram.com https://*.instagram.com https://*.netdna-cdn.com https://*.netdna-ssl.com https://*.securelist.com https://*.sekindo.com https://*.sharethis.com https://*.staticflickr.com https://*.twimg.com https://*.twitter.com https://*.wordpress.com https://*.wp.com https://*.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com; object-src 'self' https://*.securelist.com https://box.kaspersky.com https://kasperskycontenthub.com https://player.vimeo.com https://polldaddy.com https://securelist.com https://tpc.googlesyndication.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://*.addevent.com https://*.addthis.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.googlesyndication.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.kaspersky.com https://*.marketo.com https://*.marketo.net https://*.optimizely.com https://*.polldaddy.com https://*.securelist.com https://*.sekindo.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.woopra.com https://*.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com; style-src 'self' 'unsafe-inline' http://*.googleapis.com http://assets.kasperskycontenthub.com http://assets.threatpost.com https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.securelist.com https://*.sekindo.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.securelist.com https://fonts.googleapis.com https://kasperskycontenthub.com https://s0.wp.com https://secure.gravatar.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Pingback: https://securelist.com/xmlrpc.php
Link: <https://securelist.com/wp-json/>; rel="https://api.w.org/" <https://securelist.com/wp-json/wp/v2/posts/102873>; rel="alternate"; type="application/json" <https://securelist.com/?p=102873>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: securelist.com
x-cache-hit: HIT
Content-Encoding: gzip

GET
H2 200 /
assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/ 2 MB
159 KB 81ms
11ms Stylesheet
text/css 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-87.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

52b99878d87ee25a91e4986ab6522156eba4c51d6a4d65c91d812d83f4a6fcd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 12:06:51 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 50495
x-cache: Hit from cloudfront
content-length: 162318
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-cache-hit: HIT
x-debug-auth: off
x-amz-cf-pop: FRA56-P5
x-request-host: kasperskycontenthub.com
x-amz-cf-id: exhuHc0YdxJprCVTRU3jsMewpIUEIHYUtcPMkqJaQO1g-nKa0AfjiA==
expires: Sun, 26 Dec 2021 11:16:26 GMT

GET
H2 200 /
assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/ 387 B
645 B 97ms
28ms Stylesheet
text/css 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/taxonomy-images/css/style.css&ver=4f063e4c

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-87.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

484aee1b81286040100dad5243407bd64be9aa7fc389b87ef2acd03451bc6888

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 10:54:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 54830
x-cache: Hit from cloudfront
content-length: 201
last-modified: Tue, 10 Nov 2015 19:28:10 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-cache-hit: HIT
x-debug-auth: off
x-amz-cf-pop: FRA56-P5
x-request-host: kasperskycontenthub.com
x-amz-cf-id: WhAZHPFY-iBc_cx1BJQfF7C2zUs7nvi0pHp0Embc4nnKxnR3gBn0YA==
expires: Sun, 26 Dec 2021 10:54:36 GMT

GET
H/1.1 200
OK jquery-1.12.4-wp.js Show response
securelist.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 95 KB
37 KB 384ms
189ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securelist.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: W/"61c45502-17a56"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Sun, 02 Jan 2022 02:08:26 GMT

GET
H2 200 / Show response
assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/ 15 KB
5 KB 98ms
28ms Script
application/x-javascript 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-sso-integration/assets/js/main.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=4f063e4c

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-87.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f8ec69086f49812bda0cf94eb9c412c591c62e4c2f8d1136f74ad12c11fd14db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:37:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 66654
x-cache: Hit from cloudfront
content-length: 4752
last-modified: Thu, 23 Dec 2021 10:52:50 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-amz-cf-pop: FRA56-P5
x-request-host: kasperskycontenthub.com
x-amz-cf-id: 1zKW7zBVp3CE4skq3dLUo9fWl1Ic-KVAXau985DuCeSxR1PXAZk27g==
expires: Sat, 25 Dec 2021 10:54:07 GMT

GET
H/1.1 200
OK endpoint-security_solutions.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 1 KB
2 KB 1263ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/endpoint-security_solutions.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 29b8fef5edea5b3d8c7671a3365f3a48d73922364b763eabf05e46623a09a7c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-547"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1351
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK hybrid-cloud-security_solutions.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 1 KB
1 KB 1264ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/hybrid-cloud-security_solutions.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 634450e226178e563fcb407aeca195aa27f4fbd1efcb7415b1c8614f6d660dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-44e"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1102
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK iot-embed-security.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 4 KB
4 KB 1352ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/iot-embed-security.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ecd5e8012dc2a87ac3ec0707a4d4b2617858985f41333d920645c7c904690462

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-f8a"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 3978
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK threat-management.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
3 KB 1546ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-management.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2d5e0c040ebb46abb12a18ae1687e565f0839ef457eb3afe76e970bb6e4ce49b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-986"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2438
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK transportation-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
3 KB 1551ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/transportation-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4f53b9c893261cf1692f633c38b6b046efbef5b522fb826186f18346569a78e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-8e4"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2276
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK fraud-prevention.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 1017 B
1 KB 537ms
98ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/fraud-prevention.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1c960c480714e7a7e4360e3485b1c121fce15da0714e5fa53fd442ec6e7c8d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-3f9"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1017
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK national-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 210ms
122ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/national-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9f7e0e10123ea3e492d4debb89938f3629b518326da0f269a241fd8691ce0a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-792"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1938
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK industrial-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 5 KB
5 KB 839ms
101ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/industrial-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d49dc45ccc495169c52b1a9d0f0fbcc26d3a54023ba219e3fdde91a9121b2ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-13cc"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 5068
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK financial-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 838ms
98ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/financial-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 98bd3afd3f47082426a89330cbff29e5ed773e6a2b9e5f7f3e25289e8eacad40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-775"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1909
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK healthcare-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 1 KB
2 KB 828ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/healthcare-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ff7e51d6ccb31da2a4099dbc1f3eb62ee3aec7ae5d83fe3d73b664c1b73427e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-552"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1362
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK retail-cybersecurity.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 213ms
125ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/retail-cybersecurity.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ff83be5282c14284f873eac8098bd9bad2039604a70eba5aea8b221996535139

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-60b"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1547
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK endpoint-security_products.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 7 KB
7 KB 544ms
103ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/endpoint-security_products.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 36175c07afaffa0777295d540fe4ee1b82d9c4414228e4551994728a2c88ad7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-1bf2"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 7154
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK endpoint-detection-and-response.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 3 KB
3 KB 536ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/endpoint-detection-and-response.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e98940cfe1288b874d977842ccaeb08cd169caa4173c3b86b8e188927e8578ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-a42"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2626
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK hybrid-cloud-security_products.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 833ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/hybrid-cloud-security_products.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b378d22c726917d39df915cf46f85c2a88776f5463ad0b2f2bf4107e208c5fc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-7ec"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2028
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK anti-targeted-attack-platform.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 532ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/anti-targeted-attack-platform.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3ef18948ff01c7b94a3ba7a291c1f632faa83da95570b77d0dd003a53a2a0855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-69d"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1693
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK private-security-network.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 929ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/private-security-network.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 211b1eb870f412eeb313da14d50d29c1702ed1ba5fd360d0a30b179d4008e520

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-63c"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1596
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK embedded-systems-security.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 4 KB
4 KB 540ms
102ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/embedded-systems-security.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 00e2a621d21f27807c82af5d0ae72ba394d49cadb66eabdbeda8df15035dd00c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-1032"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 4146
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK cybersecurity-services.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 832ms
100ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/cybersecurity-services.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3511b363a05be1ba4471c10307c80144f57110e642deb01da0e4f561886a13d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-88f"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2191
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK security-awareness.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 213ms
123ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/security-awareness.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9a3d21319a4660d217fc8e36ee6715d9d11328105c60bf6103a7763d4393ca93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-8a5"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2213
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK premium-support.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 2 KB
2 KB 215ms
125ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/premium-support.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a5a74efd53eb2a7c097f816021c53f567e766cc3d3346bc9c322c247ef4f7c08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-867"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2151
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK threat-intelligence.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 3 KB
3 KB 1122ms
98ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-intelligence.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2c24b916160dc4962ba77c6f85b04c5f4831e2d71b549c0695d61154b1f32d49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-c3e"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 3134
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H/1.1 200
OK threat-hunting.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 3 KB
3 KB 215ms
125ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/threat-hunting.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 528bbd11d6966cc5106f4ecf60da4f7096cd0b3c951f79a2d12c1f0bad33faa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-a85"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2693
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK incident-response.png
securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/ 3 KB
3 KB 212ms
124ms Image
image/png 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/enterprise-menu-icons/incident-response.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c771fce0ba519a6fa28085f4ab1172fa52b71b26ec71bfd11955e2a743825dea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-af3"
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2803
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H/1.1 200
OK icon-categories.svg
securelist.com/wp-content/themes/securelist2020/assets/images/icon/ 1 KB
1 KB 1106ms
99ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories.svg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8f799a34a68e6a09ed2f0afe3d9ef2bd456680fbc778766ab515feeed4b9cc81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-476"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1142

GET
H/1.1 200
OK icon-categories--invert.svg
securelist.com/wp-content/themes/securelist2020/assets/images/icon/ 1 KB
1 KB 293ms
97ms Image
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/icon/icon-categories--invert.svg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e6bb226afa82eb9fcf6dc25592c6a7cd979ba4d795dfe6e0a31720de6ecd0af2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: "61c45502-45b"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1115

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
625 B 24ms
22ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb64b458d21f550c6577ddb2d1bb7a055e029c0a85df128fb3b610052c430e0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H2 200 370x500-YARA-EN-370x500.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/12/12155219/ 27 KB
27 KB 75ms
16ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/12/12155219/370x500-YARA-EN-370x500.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50cd0d5ec965b0c3d7578f4963510454cf80c5f4da4ab1720700fbac33eed6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:13:20 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 15:52:23 GMT
server: AmazonS3
age: 5810108
etag: "b2eafa0b49fcb272715a1e6a0b06a656"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 27358
x-amz-cf-id: 1l1DFmC0ImtYyKSJLleFy6Nu0xJ7gOJyhpa1_YxiWAi_HjZ0wjBygw==
expires: Sat, 12 Mar 2022 15:52:22 GMT

GET
H2 200 370x370-Hunt-APT-YARA-EN-370x370.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/12/17122833/ 23 KB
23 KB 71ms
11ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/12/17122833/370x370-Hunt-APT-YARA-EN-370x370.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea8a6a7bc92c0a67e127611f44ba2943f2fcd4ef0cb7ae17405b4a495507e26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 19:15:53 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Dec 2020 12:28:37 GMT
server: AmazonS3
age: 6418355
etag: "93804a72f1d86dff5463b9a50c072368"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 23565
x-amz-cf-id: aeUa8PNJusA0wp6wmPFihx8ESwRTI7oDitVvrgmIThdcfFcYcEmeHQ==
expires: Fri, 17 Dec 2021 12:28:36 GMT

GET
H2 200 oct.js Show response
static.ads-twitter.com/ 14 KB
6 KB 26ms
7ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:26 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200134-IAD, cache-fra19141-FRA

GET
H/1.1 200
OK scripts.js Show response
kasperskycontenthub.com/securelist/wp-content/plugins/kaspersky-embeds/js/ 2 KB
1 KB 313ms
107ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kasperskycontenthub.com/securelist/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Dec 2021 10:52:52 GMT
Server: nginx
ETag: W/"61c45504-828"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
971 B 41ms
17ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-xss-protection: 1; mode=block
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H2 200 s_code_single_suite.js Show response
media.kaspersky.com/tracking/omniture/ 171 KB
48 KB 121ms
61ms Script
application/javascript 185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.8.2

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

eacb95d63e659a5a1b14b0b1611e8a90e7a5368d2e70fd35dfc14efece380949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "801bd06a9af1d71:0"
x-powered-by: Kaspersky Labs, Kaspersky Labs
content-length: 48977
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 09:59:15 GMT
server
x-frame-options: SAMEORIGIN
date: Sun, 26 Dec 2021 02:08:26 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-server: fr2/MSK8
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 / Show response
assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/ 184 KB
56 KB 10ms
7ms Script
application/x-javascript 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js,wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/migrate.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/autocomplete.js,wp-content/plugins/kaspersky-wp-autosearch/assert/js/ajax-script.js,wp-content/plugins/wds-no-login-autocomplete/js/script.js,wp-content/themes/securelist2020/assets/js/main.js,wp-includes/js/comment-reply.min.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=4f063e4c

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-87.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

fc74442fdae91656d36d56217f79f0da33aa9dfe2e6ce3383d7eba3bfd9891f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 11:00:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 54449
x-cache: Hit from cloudfront
content-length: 57117
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA56-P5
x-request-host: kasperskycontenthub.com
x-amz-cf-id: dVVX1YxSbw7cYM-uFAOdOVkth7OOj3zETvPPgF0iKszevZgP_-Fxog==
expires: Sun, 26 Dec 2021 11:00:58 GMT

GET
H2 200 / Show response
assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/ 6 KB
3 KB 13ms
9ms Script
application/x-javascript 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=4f063e4c

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-87.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2f04dffb98bb2d4636822c0a9932d3065c94fd7962fea1066675503246312487

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:37:31 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 66656
x-cache: Hit from cloudfront
content-length: 2569
last-modified: Thu, 23 Dec 2021 10:52:52 GMT
server: nginx
x-cache-hit: HIT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-debug-auth: off
x-amz-cf-pop: FRA56-P5
x-request-host: kasperskycontenthub.com
x-amz-cf-id: IjGogm6O7ncEcHyA2M-NfxIAjeCwQ62vdDcUbYnOCUhlOhSPGKkelw==
expires: Sat, 25 Dec 2021 10:54:49 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
securelist.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 1257ms
100ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securelist.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Dec 2021 10:52:50 GMT
Server: nginx
ETag: W/"61c45502-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
62 KB 63ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CGZ3HG

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e44f2e48aff813746a5709ac18c2876d6306ca2ff9d2cd691f8ec985ab8e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62889
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 498 KB
116 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ecf379443f57809638e14820fa03538a924031b95233c263e336b5aeb40bd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118296
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
399 B 400ms
184ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=43&siteid=1&t=1234465826&back=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 02:08:27 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript
x-cache-hit: MISS
Transfer-Encoding: chunked
X-Debug-Auth: off
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 77ms
37ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 26 Dec 2021 02:08:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 19ms
19ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 02:08:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Tue, 05 Apr 2022 02:08:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: SVEjweAmS+iI1aU0cdk0KuPijQN6tkVe/sOqsbR21h5YE1XZl1GTiPZLJp5THFSDy0rbVWqSLOQYvEqXuNU4DQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 26 Dec 2021 02:08:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pa-560b0cc5abe53daf128a2dfc.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 254ms
203ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-560b0cc5abe53daf128a2dfc.js
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824238054fdcb3af318c598d2cf97ee7bf0685b7785a674fc90f4cfc1bd92bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 11 May 2021 14:01:36 GMT
server: cloudflare
etag: W/"609a8e40-1852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6c36c2ead8343743-MXP
expires: Sun, 26 Dec 2021 02:13:27 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87978ba1ff2b78c8cfbd935f0208276189eb762c337a0804983aeb6631926f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nQ0canE7sJ9hPxjWJGwEmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 26 Dec 2021 02:14:11 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: ihoy1IO0wTg/FoY3tpWHbAN655YJb05uwNWUssWql1Mv7JITvyNxJf7GOC2D45Xcpukz9SWMPh5XCo7hclxhcg==
x-fb-trip-id: 686109401
x-fb-content-md5: e8351155178eadb061ef39dd34b42753
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 26 Dec 2021 02:08:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5e7adae577af6f7f8a99e87c4959818d"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 75ms
51ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e3u1vaP9NG6zaLe6M3yA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "9e73b2cd9b08c6b34a7273789934d4e5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-e3u1vaP9NG6zaLe6M3yA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H/1.1 200
OK icons.svg
securelist.com/wp-content/themes/securelist2020/assets/sprite/ 15 KB
15 KB 383ms
188ms Other
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/sprite/icons.svg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 561ca556ddb05522eb2f3cc5506a4bcb7728938e01d194ae07557699ceb6a99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-3b96"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 15254

GET
H2 200 logo-basic.svg
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/ 2 KB
1 KB 14ms
14ms Image
image/svg+xml 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/logo-basic.svg
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e381e76e2f8e13a602958f16754d80474a07c1019eb3c7770bf34bdf51c40b5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:32:17 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 70570
etag: W/"61c45505-9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: HnTeHaK-PA2Z5WuvKqACBQ-ViNV1TziCok0CK77R6K6TrTAQX5Qncg==
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)

GET
H/1.1 200
OK bg-gradient-01.jpg
securelist.com/wp-content/themes/securelist2020/assets/images/content/ 19 KB
19 KB 629ms
189ms Image
image/jpeg 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/content/bg-gradient-01.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6f4abed507ae5e7cea30cf0420b7a937e954423ff85ff0111c9cc6140d472d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:27 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-4c3b"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 19515
Expires: Sun, 02 Jan 2022 02:08:27 GMT

GET
H2 200 logo-basic--invert.svg
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/ 2 KB
1 KB 14ms
14ms Image
image/svg+xml 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/logo-basic--invert.svg
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 836563ad7be90ef74eac8862468b675138192f8691a870462d25bacb8c7069af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 02:41:40 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 10:52:50 GMT
server: nginx
age: 84407
etag: W/"61c45502-9d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: JKlIDWcgHzyVYCiJmMhPQCzeZguL9iARJHV9OPMTCDyLiXEbOZgTEg==
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)

GET
H2 200 buttons.png
assets.kasperskycontenthub.com/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/ 2 KB
3 KB 16ms
15ms Image
image/png 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/buttons.png
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Dec 2021 15:36:44 GMT
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:52 GMT
server: nginx
age: 210703
etag: "61c45504-8bc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 2236
x-amz-cf-id: NBEzbch1Ow2Z3rJHiyFeMBPGHj4dGM-hm1iKXF9nE8qsO-2hHtdQ0w==
expires: Thu, 30 Dec 2021 15:36:44 GMT

GET
H2 200 KasperskySans-Light.woff2
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/ 36 KB
37 KB 51ms
23ms Font
font/woff2 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/KasperskySans-Light.woff2
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f49616f5799065ebf4fcc95c80d526d53a486c33aa0213d32b5b124aab582c6b

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:09:07 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 3560
etag: "61c45505-9124"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 37156
x-amz-cf-id: 8VB3DMHhE25VCx7b5wt9QOpiHEXOcuhhMGIAWHrBSPAIPlIWTSXnbg==

GET
H2 200 font-icons.ttf
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/font-icons/ 34 KB
22 KB 63ms
35ms Font
application/font-sfnt 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/font-icons/font-icons.ttf?p2bytm
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0b5e58a4f0210f08715d04b464d51ee735c5952a86ecb59988f5aab3ad166096

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 10:52:50 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: W/"61c45502-897c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/font-sfnt
access-control-allow-origin: *
x-amz-cf-id: AKVsKft67GuycnB6FFa-iImEVqfhRi-D3H3jOdjT2omIrtbWlxW7tQ==
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)

GET
H2 200 KasperskySans-Bold.woff2
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/ 36 KB
37 KB 50ms
23ms Font
font/woff2 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/KasperskySans-Bold.woff2
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 799706f10a0d4045e0be9f81f89a830a6b303283f8d363d12aa984e79e108713

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 23:33:01 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 10179
etag: "61c45505-90c0"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 37056
x-amz-cf-id: YxzznjzEo9xJrKScqMFOgBWfu1yV6Ne7UT-9aTpUYzzf4fxRYYcMkA==

GET
H2 200 KasperskySans-Regular.woff2
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/ 36 KB
37 KB 39ms
12ms Font
font/woff2 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/kasperskysans/KasperskySans-Regular.woff2
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9d267660007f1f410756135374db1ee6baea0115d81e2c2a0821507c7111209f

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:25:40 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 67367
etag: "61c45505-91fc"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 37372
x-amz-cf-id: 5NqU96ikMQLyGU_9ty8A8-RXkcT2fmgP4LAYMrozpEaUUHrhdgnMJA==

GET
H2 200 AnonymousPro-Bold.woff2
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/anonymouspro/ 34 KB
35 KB 56ms
29ms Font
font/woff2 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/anonymouspro/AnonymousPro-Bold.woff2
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 47db3eedf6793ff55d3d71a6ea5fa2cc86317453f3910e181d22198cee291389

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 00:07:32 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 7430
etag: "61c45505-88f8"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35064
x-amz-cf-id: 2VW4WvSJnQm7fxjytw-yPcrLtDp-rXDnizcJhLUltEU0aY7oXrQOGQ==

GET
H2 200 Oswald-Bold.woff2
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/oswald/ 30 KB
30 KB 44ms
17ms Font
font/woff2 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/fonts/oswald/Oswald-Bold.woff2
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 08e5c51e367f5f721ad103f5463f457f4ea5d9586583030cd1b766f4514e1bac

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 22:58:51 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
age: 9256175
x-cache: Hit from cloudfront
content-length: 30624
pragma: public
last-modified: Thu, 02 Sep 2021 12:41:18 GMT
server: nginx
etag: "6130c66e-77a0"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: abF0uvmcWSILpZA91AvR06lvsVhJPf_2B5AVVn85WXHNuWcNZUVZYA==
expires: Fri, 09 Sep 2022 22:58:51 GMT

GET
H2 200 monaco-webfont.woff
assets.kasperskycontenthub.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/ 21 KB
21 KB 9ms
9ms Font
application/font-woff 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kasperskycontenthub.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/monaco-webfont.woff
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567

Request headers

Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 07:36:34 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
age: 27455513
x-cache: Hit from cloudfront
content-length: 21372
pragma: public
last-modified: Wed, 25 Jan 2012 03:53:44 GMT
server: nginx
etag: "4f1f7cc8-537c"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: Ap7UGt_qS_QqGxlxCdHbuoZbDOF_GQKkhTuEf9zzjTLRsW0as61YXw==
expires: Fri, 11 Feb 2022 07:36:34 GMT

GET
H2 200 abstract_digital_castle-1200x600.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/17094158/ 58 KB
59 KB 10ms
9ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/17094158/abstract_digital_castle-1200x600.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a5c570c0f6e751544a5edb307dd1bcd249f9d22dd1e7f94a01cc06a97d4edcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 03:03:39 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Jun 2021 09:42:04 GMT
server: AmazonS3
age: 6476689
etag: "36f22850b204432fd8083938d614ce0e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 59653
x-amz-cf-id: Os-Nofa7gK2TzjUDViAqe2dWXm7opCdF2HeLdhV-NT0FdzXQ6T0_xw==
expires: Fri, 17 Jun 2022 09:42:03 GMT

GET
H2 200 Marc_Rivero_Securelist.png
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/15120744/ 294 KB
294 KB 30ms
29ms Image
image/png 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/15120744/Marc_Rivero_Securelist.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae4b6effb7fbf04941a4a5ae668befcbbb636b444d4554c1bcb3608ca0e980cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 12:10:38 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 12:08:26 GMT
server: AmazonS3
age: 914270
etag: "533d4f47f52aff9ddad09046c618c956"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 300570
x-amz-cf-id: GTLj14z3f_J-UWsxtAdO1bz7wwWVflIOlOY0qEoYnEJaNs4wNeGY_w==
expires: Thu, 15 Dec 2022 12:08:24 GMT

GET
H2 200 BlackKingdom_ransomware_01.png
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141438/ 10 KB
10 KB 29ms
28ms Image
image/png 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141438/BlackKingdom_ransomware_01.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a444f0c2fd13f0c1acf9997683d2821393eaba71052bbe45b949529c10ffa5b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:42:06 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 16 Jun 2021 14:14:39 GMT
server: AmazonS3
age: 3997582
etag: "74351522f42d82b6f60a781725494104"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 10292
x-amz-cf-id: xe5OXuWbgs_jH4Zy5xFayK0AGz66ZQlI8jiX5-UmVBm8BIVVVllWiw==
expires: Thu, 16 Jun 2022 14:14:38 GMT

GET
H2 200 BlackKingdom_ransomware_02.png
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141523/ 148 KB
148 KB 51ms
50ms Image
image/png 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141523/BlackKingdom_ransomware_02.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f17dc41f6bb14f278714727ec9d706a39c7484ecea8cc70637affdc850b3c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 01:21:18 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 16 Jun 2021 14:15:24 GMT
server: AmazonS3
age: 3977230
etag: "789449e4107a11c4bafe8d4aca12603d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 151189
x-amz-cf-id: dopfxz3KUoR2ucPsJ-wm5nKFsclJpywHdVPWbKMunzn1Jx_Rt43KPw==
expires: Thu, 16 Jun 2022 14:15:23 GMT

GET
H2 200 BlackKingdom_ransomware_03.png
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141650/ 29 KB
30 KB 42ms
41ms Image
image/png 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141650/BlackKingdom_ransomware_03.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5d76fcf1e513d110d8fcc5c66faedd5e8e9ed5f24b664aacede0463dbf9a33f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 01:21:31 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 16 Jun 2021 14:16:51 GMT
server: AmazonS3
age: 1730817
etag: "4ed35c5fe6a1daea32f08e75e52a40ac"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 29885
x-amz-cf-id: SnGSd0Xuj1dqvznMU8_x8UmzMCn-kFpJ9p3rdG6ACaVyEqZgO8Lt9w==
expires: Thu, 16 Jun 2022 14:16:50 GMT

GET
H2 200 BlackKingdom_ransomware_04.png
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141733/ 2 MB
2 MB 66ms
66ms Image
image/png 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/06/16141733/BlackKingdom_ransomware_04.png
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89083a6b95a71fc5bc390635d020818aaf9a9515fb982a4e8ca40f12f2adfe72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 01:21:31 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 16 Jun 2021 14:17:34 GMT
server: AmazonS3
age: 1730817
etag: "a4636f013796f8691dd75f00b707a9ab"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1662127
x-amz-cf-id: 3HvsF_xhJf86-PrdKjo-aY9plHHKN6X4nFb_Oj-0cgYW7BfuX5uDZQ==
expires: Thu, 16 Jun 2022 14:17:33 GMT

GET
H2 200 form-dropdown.svg
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/icon/ 370 B
704 B 9ms
8ms Image
image/svg+xml 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/icon/form-dropdown.svg
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 73a6db7aaf149ec53d69ffea02bf070734217ea7e55c8f8b2b47a5ec4e656b54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 04:30:09 GMT
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 10:52:50 GMT
server: nginx
age: 77898
etag: "61c45502-172"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 370
x-amz-cf-id: -A0FKtGel_7IICVp709zTt2Qjg3Fg6HM89LjO1sdtNjEBSBhCQbePg==

GET
H2 200 bg-gradient-03.jpg
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/content/ 44 KB
44 KB 13ms
13ms Image
image/jpeg 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/content/bg-gradient-03.jpg
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 53dbe2ed80b498f4a0c0e811dc9c4f6a8c1d62c7a5c19e3e3d9b9aab8a070bc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Dec 2021 06:45:26 GMT
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 08:40:05 GMT
server: nginx
age: 501781
etag: "61bc4ce5-af9c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=604800, public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 44956
x-amz-cf-id: vxf_nfNml-kY1CBGCGyjWTIFsY69nkJgGLB5ndBKG3fTzsBf-jEQmA==
expires: Mon, 27 Dec 2021 06:45:26 GMT

GET
H2 200 abstract_mail_blue-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/14080310/ 65 KB
66 KB 187ms
185ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/14080310/abstract_mail_blue-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f332c7c949ac0b8f51a62d377bda8db16f095e520fc26190692e8fbfdf7c62b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 10:04:36 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 08:03:14 GMT
server: AmazonS3
age: 1008232
etag: "155a3df97c8560cb863b1b93742780fd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 66977
x-amz-cf-id: LpUYSgT6ru9S_eOmzFGumidDtadIRRTs4Kh9DivUfV5HOYH_GREP2Q==
expires: Wed, 14 Dec 2022 08:03:13 GMT

GET
H2 200 sl-abstract-block-module-structure-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/19080901/ 51 KB
51 KB 193ms
191ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/19080901/sl-abstract-block-module-structure-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd29fbde8630c8cfff064cac887d276e5696e5b76d475534b15ab263ce087820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 10:03:07 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 08:09:08 GMT
server: AmazonS3
age: 5846721
etag: "ce155b1874d149eb44e26fea927ab3f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 52092
x-amz-cf-id: L0LxacaG5M7gRixAFGY3M2SRWZ6OPMMxbZyLfHUWBV7uDFSuWksWyA==
expires: Wed, 19 Oct 2022 08:09:06 GMT

GET
H2 200 sl-cis-cyberthreat-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/06165450/ 69 KB
69 KB 204ms
202ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/10/06165450/sl-cis-cyberthreat-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c53425a00bb2860376f8a756688f59935048263d449a2b8fa07a7b95b50c859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 10:03:42 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 16:54:54 GMT
server: AmazonS3
age: 6883486
etag: "88b7a0c92d8d81eb8e9ac47d576f57d1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 70193
x-amz-cf-id: MBdWN8Ab46VaoicniHwdObgu8LGxnhn2S70XsXG9tvDer4QLqw8uww==
expires: Thu, 06 Oct 2022 16:54:53 GMT

GET
H2 200 abstract_spy_eye-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/09/28092657/ 70 KB
70 KB 212ms
210ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/09/28092657/abstract_spy_eye-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90d287e131c8cba3c283ef47d5f643fa06742b580fd9f9a618a961f9f1aa158b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 11:06:00 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Sep 2021 09:27:01 GMT
server: AmazonS3
age: 6188548
etag: "30e07ce6df832e50c53f8841b7a53c78"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 71627
x-amz-cf-id: KFZyue9HRzMDRotTV_SHwZl730Lt1ASbPtxIxhfTOALrxZTlIVAozA==
expires: Wed, 28 Sep 2022 09:27:00 GMT

GET
H2 200 sl_abstract_binary_wave-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/03/30083524/ 59 KB
59 KB 223ms
222ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/03/30083524/sl_abstract_binary_wave-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8b893c3d498be87f6ded47f7ed991d75530ddab7bb1c4cde1de707a35315803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 09:19:41 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 08:35:32 GMT
server: AmazonS3
age: 6108527
etag: "cd9fae1b4174e63392ea70a9f3f25d4a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 60134
x-amz-cf-id: 8mHeH3agkX384sg5i33kuYkqFs6F2XPYm7Vslpd28ICSEYv48dT58A==
expires: Wed, 30 Mar 2022 08:35:31 GMT

GET
H2 200 sl-abstract-machine-learning-digital-brain-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/20075124/ 52 KB
53 KB 216ms
214ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/20075124/sl-abstract-machine-learning-digital-brain-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1f7b5a18a344d0bb89a4e3fd37683f97fc66cf603ba09a5d2a15f24258611da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 10:01:51 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Mon, 20 Dec 2021 07:51:29 GMT
server: AmazonS3
age: 489997
etag: "3142ec740db6ccc35befbc97378fe60b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 53420
x-amz-cf-id: -_gzQgMjb5Te4SN31m1LcvVupslh_QH6dZqCjIp5QVd9hCC4QuV52w==
expires: Tue, 20 Dec 2022 07:51:28 GMT

GET
H2 200 sl_abstract_ics_industrial-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/09/15085852/ 80 KB
80 KB 229ms
227ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/09/15085852/sl_abstract_ics_industrial-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adb6fc54157702116274fef81f6ce06d5ba0559c1adf78c21b65b94249677a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 06:26:28 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 11:57:55 GMT
server: AmazonS3
age: 27459720
etag: "666ae35a2fc0f6e9f2e3ceeee24298ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 81633
x-amz-cf-id: 5Be13dsPHca5jn39wOx9sI-cct7XNEMgBbQcfhtjlI6-zeyR8J0XvA==
expires: Thu, 02 Dec 2021 11:57:54 GMT

GET
H2 200 abstract-security-alert-sl-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/15092025/ 65 KB
66 KB 249ms
247ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/15092025/abstract-security-alert-sl-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07d09e64601bde8c74fcdff4ce1a5e7d50eaf76f11e85f2845d1b82983279107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:04:26 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 09:20:31 GMT
server: AmazonS3
age: 921842
etag: "b3cc5b49714faf3bad1d88222a8ab9d4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 66837
x-amz-cf-id: MT721WJOgt-87CY8YQbQ-5HMjXyum-KBb9BEZMGwIs3gm0_pWFWBLA==
expires: Thu, 15 Dec 2022 09:20:30 GMT

GET
H2 200 ksb-2021_Statistics-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/13092058/ 53 KB
53 KB 242ms
240ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/13092058/ksb-2021_Statistics-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 817a5884e29ee6e297abacc7da0b6433e95321732053e065c03db845907ed02f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:04:40 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 09:21:02 GMT
server: AmazonS3
age: 921828
etag: "f22c9518bf0a609f26bc39a78c47b3dc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 53814
x-amz-cf-id: KK9MC7q33kRfiBVngN8y2SGZi3CtSFcVNEpHWgmj0LjuNZzHgTcY2g==
expires: Tue, 13 Dec 2022 09:21:01 GMT

GET
H2 200 abstract_random_red_code-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/09/09131757/ 50 KB
50 KB 237ms
236ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/09/09131757/abstract_random_red_code-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 431b070bc8f5f121f479f0ac17384c5c60b39288bc684cd594fb0653f4e176d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 07:23:22 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 11:57:33 GMT
server: AmazonS3
age: 1795506
etag: "c3128f665928da6971e909b8e9261f2d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51057
x-amz-cf-id: _IaVTs_OFSVQEkJ10uGSmPb9Lp5sJ3zdUyc9ULsHNlzgbP8NRmPZdQ==
expires: Thu, 02 Dec 2021 11:57:32 GMT

GET
H2 200 latam_threats_webinar-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/16145841/ 52 KB
53 KB 238ms
237ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/12/16145841/latam_threats_webinar-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7120aa240ae903fa5178e8a6ade91196d20c6ae93ae78163576d4fe5a956ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:56 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Dec 2021 14:58:44 GMT
server: AmazonS3
age: 817352
etag: "c1d9a39ed64078102b196eeeb3987d33"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 53353
x-amz-cf-id: j78rtGLiLg8mvLldpjyLs7cxzJaOJzqXss2xO3K7dGvk_7PkMA2T0Q==
expires: Fri, 16 Dec 2022 14:58:43 GMT

GET
H2 200 programming-code-abstract-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2019/03/22105659/ 72 KB
73 KB 239ms
239ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2019/03/22105659/programming-code-abstract-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7af89203ce9fa1f039511a01ae12b4d8d9822afbc5748cc831111713aac697d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 15:23:04 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 07:55:24 GMT
server: AmazonS3
age: 9110723
etag: "7521f14ea1b4e122626e26a112df9e6e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 74062
x-amz-cf-id: 1EWE9W_hRBpOO0-vtYrergnadgNArZAX8iccMalC4-AMAa4vs-W3Fg==
expires: Thu, 02 Dec 2021 07:55:23 GMT

GET
H2 200 ask-the-analyst_webinar-800x450.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/11/22124819/ 48 KB
48 KB 271ms
271ms Image
image/jpeg 2600:9000:223c:6600:1b:d000:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2021/11/22124819/ask-the-analyst_webinar-800x450.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e8f70457295dc6917349d86929d8f644b2b6991e0613586524a1f5fac7a8214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:24:24 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 12:48:22 GMT
server: AmazonS3
age: 2897044
etag: "7d6c6b60a37b9a9861421795178138ac"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 49064
x-amz-cf-id: XBSNzpyHbReuEe6F-WmhoY9pYpKIyXY9QbHEBM7s7tovfoMvKN4C1A==
expires: Tue, 22 Nov 2022 12:48:21 GMT

GET
H/1.1 200
OK bg-gradient-02.jpg
securelist.com/wp-content/themes/securelist2020/assets/images/content/ 37 KB
37 KB 384ms
189ms Image
image/jpeg 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securelist.com/wp-content/themes/securelist2020/assets/images/content/bg-gradient-02.jpg
Requested by: Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 946b9f30a2864e61c74a65da0fc9dacce9a001b5c361c29b710fd2e34dd2f89b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/black-kingdom-ransomware/102873/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Dec 2021 02:08:28 GMT
Last-Modified: Thu, 23 Dec 2021 10:52:53 GMT
Server: nginx
ETag: "61c45505-9448"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 37960
Expires: Sun, 02 Jan 2022 02:08:28 GMT

GET
H2 200 logo-kaspersky--invert.svg
assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/ 3 KB
2 KB 24ms
24ms Image
image/svg+xml 18.66.112.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.kasperskycontenthub.com/wp-content/themes/securelist2020/assets/images/logo/logo-kaspersky--invert.svg
Requested by: Host: assets.kasperskycontenthub.com
URL: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6670587c6c6f7eaea610366096842e6256d42aa527149b0627416005f81f3390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.kasperskycontenthub.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css,wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist2020/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=4f063e4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 04:38:31 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 10:52:53 GMT
server: nginx
age: 77396
etag: W/"61c45505-d79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YzYbfH2MURZlfoTAi17NIf6cxyritvO7TLJhqxhgvXpAr7xLxAJ32g==
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)

GET
H3 200 839281392784015 Show response
connect.facebook.net/signals/config/ 493 KB
145 KB 56ms
28ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/839281392784015?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8c2a4839b74385d981e135fe7dd27930f9ec40fa224a9c90491f1830a42e5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 148106
x-xss-protection: 0
pragma: public
x-fb-debug: r+LSBqmOuU4q+neIpu8f1xOdbArGcr4XwzpFxE5LbJ9WhoSaUsAPCg5gORHMKm1XLkgMIFhq+JWeCD+ryb6kXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Dec 2021 02:08:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 54ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=fe80c689ea746bd0c2b9d31f433fa3dd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43eeacbe9d816eae32e826f3783870424b689182d420317f1e3cd313fe5c4caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securelist.com/
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ya0B3ErYSu7O0DZ/yR3WHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Dec 2022 00:53:59 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81985
x-fb-rlafr: 0
x-fb-debug: qDSrXIeNuOoSM6dOyV23jDrlihKnc5oYe2hD0VP0zKorhtIm7gLI59zIZJ0tPkQ4tMTRuL7Wr+kBbjpcQVgcxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2000d29f3f59d0efadfc0625ff489e0c
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 02:08:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9e83777132c7fb2c4cb1473cdbe30740"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 adsct
t.co/i/ 43 B
365 B 140ms
140ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0i&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9560eeab-0c2f-4b55-a0a3-42bb24b69f60&tw_document_href=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Sun, 26 Dec 2021 02:08:27 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8b1dd5f98581af60fbaeb0039b8a79febab619305617ab7ee3fec32c664c143b
x-transaction: c7ab6ca9ceba6696
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 98ms
33ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securelist.com/
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 22:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sun, 25 Dec 2022 22:13:48 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 220ms
57ms XHR
application/json 54.78.200.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1640484507419

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.8.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.200.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-200-127.eu-west-1.compute.amazonaws.com

Software

Resource Hash

94c6434812d7611bb00ac71312cd3cb826c1e468b8ed87d3e7b36f9ccd486418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v026-04ca9fdc8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: F3K7poduRfU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://securelist.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 344 KB
134 KB 118ms
115ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securelist.com/
Origin: https://securelist.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137533
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 23 Dec 2022 15:14:09 GMT

POST
H/1.1 200
OK visitWebPage
802-ijn-240.mktoresp.com/webevents/ 2 B
311 B 1059ms
159ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://802-ijn-240.mktoresp.com/webevents/visitWebPage?_mchNc=1640484507503&_mchCn=&_mchId=802-IJN-240&_mchTk=_mch-securelist.com-1640484507502-18241&_mchHo=securelist.com&_mchPo=&_mchRu=%2Fblack-kingdom-ransomware%2F102873%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Ft.co%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 26 Dec 2021 02:08:28 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 9dd130e1-9823-44d9-97be-02f64eef61d5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CGZ3HG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2013
date: Sun, 26 Dec 2021 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 26 Dec 2021 03:34:54 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
101 KB 56ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17d15076c09f0f4a4a7c2cf7de50083a700cce80233d0ce57bf6677a496c08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102960
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 25ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1640484507670&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640484507669.546210016&it=1640484507404&coo=false&exp=p1&rqm=GET

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 26 Dec 2021 02:08:27 GMT

GET
H2 200 id Show response
kaspersky.d3.sc.omtrdc.net/ 2 B
316 B 61ms
17ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=83770431581797010783234492027547561731&ts=1640484507692

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Dec 2021 02:08:27 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-675dccd488-ccncf
vary: Origin
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://securelist.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET dd
cm.everesttech.net/cm/ 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1490819208&t=pageview&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Black%20Kingdom%20ransomware%20%7C%20Securelist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1296707907&gjid=2042546391&cid=580549244.1640484508&tid=UA-15857463-1&_gid=1046677929.1640484508&_r=1&gtm=2wgc105CGZ3HG&cd1=Marc%20Rivero&cd2=102873&cd3=2021-06-17&cd4=Malware%20descriptions&cd5=Bitcoin%2C%20Encryption%2C%20Malware%20Descriptions%2C%20Malware%20Technologies%2C%20Microsoft%2C%20Ransomware%2C%20Vulnerabilities%20and%20exploits&z=913436771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 02:08:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securelist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1490819208&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Black%20Kingdom%20ransomware%20%7C%20Securelist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Product%20Menu%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=580549244.1640484508&tid=UA-15857463-1&_gid=1046677929.1640484508&gtm=2wgc105CGZ3HG&cd1=Marc%20Rivero&cd2=102873&cd3=2021-06-17&cd4=Malware%20descriptions&cd5=Bitcoin%2C%20Encryption%2C%20Malware%20Descriptions%2C%20Malware%20Technologies%2C%20Microsoft%2C%20Ransomware%2C%20Vulnerabilities%20and%20exploits&cd8=Header%20%2F%20Product%20Menu&z=1602976861

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 08:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1490819208&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Black%20Kingdom%20ransomware%20%7C%20Securelist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20NextGen%20Menu%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=580549244.1640484508&tid=UA-15857463-1&_gid=1046677929.1640484508&gtm=2wgc105CGZ3HG&cd1=Marc%20Rivero&cd2=102873&cd3=2021-06-17&cd4=Malware%20descriptions&cd5=Bitcoin%2C%20Encryption%2C%20Malware%20Descriptions%2C%20Malware%20Technologies%2C%20Microsoft%2C%20Ransomware%2C%20Vulnerabilities%20and%20exploits&cd8=Header%20%2F%20NextGen%20Menu&z=725574080

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 08:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1490819208&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Black%20Kingdom%20ransomware%20%7C%20Securelist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Company%20Account%20View&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=580549244.1640484508&tid=UA-15857463-1&_gid=1046677929.1640484508&gtm=2wgc105CGZ3HG&cd1=Marc%20Rivero&cd2=102873&cd3=2021-06-17&cd4=Malware%20descriptions&cd5=Bitcoin%2C%20Encryption%2C%20Malware%20Descriptions%2C%20Malware%20Technologies%2C%20Microsoft%2C%20Ransomware%2C%20Vulnerabilities%20and%20exploits&cd8=Header%20%2F%20Company%20Account&z=239240461

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 08:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15857463-1&cid=580549244.1640484508&jid=1296707907&gjid=2042546391&_gid=1046677929.1640484508&_u=YEBAAEAAAAAAAC~&z=1290863343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 02:08:27 GMT
content-type: text/plain
access-control-allow-origin: https://securelist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 54ms
43ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=160639043985664&input_token&origin=1&redirect_uri=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fe80c689ea746bd0c2b9d31f433fa3dd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: yuF7GDTpEVJ6lIXJJXDIGjNCtIaS0F2odw6I8zngV/zYPT8oJ6r9dK+n8AsPkLUpW4c5yttClmzIuRW/OxJG1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Sun, 26 Dec 2021 02:08:27 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securelist.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15857463-1&cid=580549244.1640484508&jid=1296707907&_u=YEBAAEAAAAAAAC~&z=667237669

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 02:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 02F1 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: securelist.com
URL: https://securelist.com/black-kingdom-ransomware/102873/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://securelist.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://securelist.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sun, 26 Dec 2021 02:08:28 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 146ms
128ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0i&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9560eeab-0c2f-4b55-a0a3-42bb24b69f60&tw_document_href=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Sun, 26 Dec 2021 02:08:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e86f144dbb912bad00eba249776528ec99a84a5db4268f7110bded7f60e5d784
x-transaction: 2e92bf9b613371e0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET 2c47087421d0b.js
t.contentsquare.net/uxa/ 0
0

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 90 KB
28 KB 79ms
17ms Script
application/javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=cff94f08-9b87-48a3-9cee-fc2a6fd5d7cf
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d11314258b6411af1595b1034a2c1810ae01a70ab1451bde06832d8c7478a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:28 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 11:37:11 GMT
server: Microsoft-IIS/10.0
etag: "671f451bf1ecd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=314
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 28032
expires: Sun, 26 Dec 2021 02:13:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1490819208&t=pageview&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&dp=%2Fblack-kingdom-ransomware%2F102873%2F&ul=en-us&de=UTF-8&dt=Kaspersky%20Securelist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1978465492&gjid=615746487&cid=580549244.1640484508&uid=83770431581797010783234492027547561731&tid=UA-63997723-86&_gid=1046677929.1640484508&_r=1&gtm=2wgc10WZ7LJ3&cd10=blog&cd14=en_IE&cd15=83770431581797010783234492027547561731&cd17=Kaspersky%20Securelist&cd50=b2c&cd53=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&gcs=G111&cd16=580549244.1640484508&z=589572396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 02:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securelist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2014
date: Sun, 26 Dec 2021 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 26 Dec 2021 03:34:54 GMT

GET vt-132.js
vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/ 0
0

GET A2336411-46c8-4f83-96b6-294966496d651.js
d.impactradius-event.com/ 0
0

GET ktag.js
resources.xg4ken.com/js/v2/ 0
0

GET activity_pixel
t.myvisualiq.net/ 0
0

GET 1649d5fbb67c.js
w.usabilla.com/ Frame 8763 0
0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 141ms
31ms XHR
text/plain 54.220.225.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=560b0cc5abe53daf128a2dfc&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=105&cE=302&dLE=105&dLS=1&fS=0&hS=111&rE=-1&rS=-1&reS=302&resS=490&resE=582&uEE=-1&uES=-1&dL=495&dI=2250&dCLES=2251&dCLEE=2333&dC=2644&lES=2644&lEE=2646&s=nt&title=Black%20Kingdom%20ransomware%20%7C%20Securelist&path=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&ref=https%3A%2F%2Ft.co%2F&sId=5217h8e6&sST=1640484508&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-560b0cc5abe53daf128a2dfc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.225.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-225-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 26 Dec 2021 02:08:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame D070 2 KB
1 KB 50ms
14ms Document
text/html 2a02:26f0:6c00:2b8::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=cff94f08-9b87-48a3-9cee-fc2a6fd5d7cf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b8::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31535736
expires: Mon, 26 Dec 2022 02:04:04 GMT
date: Sun, 26 Dec 2021 02:08:28 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G7M1SXZ71&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d6500e8422784fa54708b2bf5cda81302fb67a758eb7977795ef7ca19bc3d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62219
x-xss-protection: 0
expires: Sun, 26 Dec 2021 02:08:29 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3G7M1SXZ71&gtm=2oec10&_p=1490819208&sr=1600x1200&gcs=G111&ul=en-us&cid=580549244.1640484508&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&dr=https%3A%2F%2Ft.co%2F&dt=Black%20Kingdom%20ransomware%20%7C%20Securelist&sid=1640484509&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.pageType=blog&ep.businessType=b2c&ep.siteType=Default&ep.siteClass=Micro%20Sites&ep.siteLocale=en-global&ep.pageName=Kaspersky%20Securelist&ep.campaign=&ep.acCampaignId=&ep.omnitureVisitorId=83770431581797010783234492027547561731
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G7M1SXZ71&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securelist.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 02:08:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securelist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s63833546948146
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 43 B
244 B 17ms
17ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s63833546948146?AQB=1&ndh=1&pf=1&t=26%2F11%2F2021%202%3A8%3A29%200%200&mid=83770431581797010783234492027547561731&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Kaspersky%20Securelist&g=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&r=https%3A%2F%2Ft.co%2F&cc=USD&ch=Kaspersky%20Securelist&server=securelist.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=blog&c3=b2c&v3=Kaspersky%20Securelist&v9=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&c20=dataLayer&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20211215%3A284%3AMicro%20Site%3A%5BNULL%5D&c31=https%3A%2F%2Fsecurelist.com%2Fblack-kingdom-ransomware%2F102873%2F&v35=https%3A%2F%2Ft.co%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Micro%20Sites&c57=en-global&v57=D%3Dc57&c58=Black%20Kingdom%20ransomware%20%7C%20Securelist&v71=v1%3APage%20View%3A%5BNULL%5D&v113=83770431581797010783234492027547561731&v116=580549244.1640484508&v125=0.6036447098412268_1640484507422&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:29 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 27 Dec 2021 02:08:29 GMT
server: jag
xserver: anedge-675dccd488-mxq29
etag: 3522913658995933184-4619636522712273734
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 25 Dec 2021 02:08:29 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/cff94f08-9b87-48a3-9cee-fc2a6fd5d7cf/ 245 KB
56 KB 210ms
210ms Script
application/x-javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/cff94f08-9b87-48a3-9cee-fc2a6fd5d7cf/cc.js?renew=false&referer=securelist.com&dnt=false&forceshow=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=cff94f08-9b87-48a3-9cee-fc2a6fd5d7cf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9f086ead8240a93219f770cada3938d07335c50afc9de4e3ce7058f08b08afcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securelist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 02:08:29 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 02:08:29 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 56372
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.everesttech.net
URL: https://cm.everesttech.net/cm/dd?d_uuid=87988659227123586682502274003950600537

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15857463-1&cid=580549244.1640484508&jid=1296707907&_u=YEBAAEAAAAAAAC~&z=667237669

Domain: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/2c47087421d0b.js

Domain: vt.myvisualiq.net
URL: https://vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/vt-132.js

Domain: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2336411-46c8-4f83-96b6-294966496d651.js

Domain: resources.xg4ken.com
URL: https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=235&ord=358124655&u1=Global|ALL|Traffic&r=181235815

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=235&ord=649376002&u1=Global|ALL|Traffic&r=1394211197

Domain: w.usabilla.com
URL: https://w.usabilla.com/1649d5fbb67c.js?lv=1

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 17:12:36	Name: muc Value: d484e397-91b0-4913-91ae-7564529c3cd0
.t.co/	1970-01-20 17:12:36	Name: muc_ads Value: d484e397-91b0-4913-91ae-7564529c3cd0
.google.com/	1970-01-20 04:04:55	Name: NID Value: 511=Hx9SS2SvcqWG5biThFAIGDgC4U7SCxKGoCTg2aELcNJQJB1S8o-nbp3TGM9jI32SCT1_CuSog-sR9vc8ozOFlnhLR1UxskFm7mEh19TIhfaxtOUuJpE5RfLZGFqjc9pIvpdAwejc4ZRIQUXcYFg_5uOdYUt3PogLJnvdlL2mQZE
.securelist.com/	1970-01-19 23:41:26	Name: _cs_mk Value: 0.6036447098412268_1640484507422
.securelist.com/	1970-01-20 17:12:36	Name: _mkto_trk Value: id:802-IJN-240&token:_mch-securelist.com-1640484507502-18241
.demdex.net/	1970-01-20 04:00:36	Name: demdex Value: 87988659227123586682502274003950600537
.securelist.com/	1970-01-20 01:51:00	Name: _fbp Value: fb.1.1640484507669.546210016
.securelist.com/	1969-12-31 23:59:59	Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg Value: 1
.facebook.com/	1970-01-20 01:51:00	Name: fr Value: 0QKNanLXQu00k1UoH..Bhx86b...1.0.Bhx86b.
.securelist.com/	1970-01-19 23:42:50	Name: _gid Value: GA1.2.1046677929.1640484508
.securelist.com/	1970-01-19 23:41:24	Name: _gat_UA-15857463-1 Value: 1
.securelist.com/	1970-01-20 17:12:36	Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18988%7CMCMID%7C83770431581797010783234492027547561731%7CMCAAMLH-1641089307%7C6%7CMCAAMB-1641089307%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1640491707s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.twitter.com/	1970-01-20 17:12:36	Name: personalization_id Value: "v1_iQ1svRLzRiEajaWQiz8q7w=="
.securelist.com/	1970-01-19 23:41:24	Name: _gat_UA-63997723-86 Value: 1
.securelist.com/	1970-01-20 17:12:36	Name: _ga_3G7M1SXZ71 Value: GS1.1.1640484509.1.0.1640484509.0
.securelist.com/	1970-01-20 17:12:36	Name: _ga Value: GA1.1.580549244.1640484508
.securelist.com/	1969-12-31 23:59:59	Name: s_cc Value: true

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securelist.com/black-kingdom-ransomware/102873/(Line 97) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://munchkin.marketo.net/munchkin.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securelist.com/black-kingdom-ransomware/102873/(Line 97) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://munchkin.marketo.net/munchkin.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://securelist.com/black-kingdom-ransomware/102873/ Message: Refused to load the image 'https://cm.everesttech.net/cm/dd?d_uuid=87988659227123586682502274003950600537' because it violates the following Content Security Policy directive: "img-src 'self' data: http://.netdna-cdn.com http://.wordpress.com http://.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://.addthis.com https://.cdninstagram.com https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.com https://.google.ru https://.gravatar.com https://.gstatic.com https://.infogram.com https://.instagram.com https://.netdna-cdn.com https://.netdna-ssl.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.staticflickr.com https://.twimg.com https://.twitter.com https://.wordpress.com https://.wp.com https://*.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com".
security	error	URL: https://media.kaspersky.com/ Message: Refused to frame 'https://kaspersky.demdex.net/' because it violates the following Content Security Policy directive: "frame-src 'self' http://.slideshare.net https://.addthis.com https://.doubleclick.net https://.facebook.com https://.google.com https://.infogram.com https://.instagram.com https://.libsyn.com https://.marketo.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.slideshare.net https://.twitter.com https://.wp.com https://.youtube.com https://box.kaspersky.com https://cdn.securelist.com https://consentcdn.cookiebot.com https://go.kaspersky.com https://infogram.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://tagmanager.google.com https://tpc.googlesyndication.com https://www.brighttalk.com".
security	error	URL: https://securelist.com/black-kingdom-ransomware/102873/ Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15857463-1&cid=580549244.1640484508&jid=1296707907&_u=YEBAAEAAAAAAAC~&z=667237669' because it violates the following Content Security Policy directive: "img-src 'self' data: http://.netdna-cdn.com http://.wordpress.com http://.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://.addthis.com https://.cdninstagram.com https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.com https://.google.ru https://.gravatar.com https://.gstatic.com https://.infogram.com https://.instagram.com https://.netdna-cdn.com https://.netdna-ssl.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.staticflickr.com https://.twimg.com https://.twitter.com https://.wordpress.com https://.wp.com https://*.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com".
security	error	(Line 2) Message: Refused to load the script 'https://t.contentsquare.net/uxa/2c47087421d0b.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3(Line 412) Message: Refused to load the script 'https://vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/vt-132.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://d.impactradius-event.com/A2336411-46c8-4f83-96b6-294966496d651.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://securelist.com/black-kingdom-ransomware/102873/ Message: Refused to load the image 'https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=235&ord=358124655&u1=Global\|ALL\|Traffic&r=181235815' because it violates the following Content Security Policy directive: "img-src 'self' data: http://.netdna-cdn.com http://.wordpress.com http://.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://.addthis.com https://.cdninstagram.com https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.com https://.google.ru https://.gravatar.com https://.gstatic.com https://.infogram.com https://.instagram.com https://.netdna-cdn.com https://.netdna-ssl.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.staticflickr.com https://.twimg.com https://.twitter.com https://.wordpress.com https://.wp.com https://*.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com".
security	error	URL: https://securelist.com/black-kingdom-ransomware/102873/ Message: Refused to load the image 'https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=235&ord=649376002&u1=Global\|ALL\|Traffic&r=1394211197' because it violates the following Content Security Policy directive: "img-src 'self' data: http://.netdna-cdn.com http://.wordpress.com http://.wp.com http://assets.kasperskycontenthub.com http://assets.kasperskydaily.com http://assets.threatpost.com http://d2538mqrb7brka.cloudfront.net http://forum.kasperskyclub.ru http://i0.poll.fm http://media.kasperskycontenthub.com http://media.kasperskydaily.com http://media.threatpost.com https://.addthis.com https://.cdninstagram.com https://.doubleclick.net https://.facebook.com https://.google-analytics.com https://.google.com https://.google.ru https://.gravatar.com https://.gstatic.com https://.infogram.com https://.instagram.com https://.netdna-cdn.com https://.netdna-ssl.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.staticflickr.com https://.twimg.com https://.twitter.com https://.wordpress.com https://.wp.com https://*.ytimg.com https://addevent.com https://assets.kasperskycontenthub.com https://assets.kasperskydaily.com https://assets.threatpost.com https://blog.kaspersky.com https://box.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://d2538mqrb7brka.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kaspersky.d3.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://media.kasperskycontenthub.com https://media.kasperskydaily.com https://media.threatpost.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://s3-eu-west-1.amazonaws.com https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://tagmanager.google.com https://threatpost.com https://tpc.googlesyndication.com https://track.addevent.com".
security	error	URL: https://securelist.com/black-kingdom-ransomware/102873/ Message: Refused to load the script 'https://w.usabilla.com/1649d5fbb67c.js?lv=1' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http://assets.kasperskycontenthub.com http://assets.threatpost.com https://.addevent.com https://.addthis.com https://.cloudfront.net https://.crazyegg.com https://.demdex.net https://.doubleclick.net https://.facebook.com https://.facebook.net https://.flickr.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.googlesyndication.com https://.gravatar.com https://.gstatic.com https://.instagram.com https://.kaspersky.com https://.marketo.com https://.marketo.net https://.optimizely.com https://.polldaddy.com https://.securelist.com https://.sekindo.com https://.sharethis.com https://.twimg.com https://.twitter.com https://.woopra.com https://.wp.com https://addthisevent.com https://adservice.google.com https://adservice.google.hr https://adservice.google.ru https://assets.adobedtm.com https://assets.kasperskycontenthub.com https://assets.threatpost.com https://box.kaspersky.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://consent.cookiebot.com https://consentcdn.cookiebot.com https://e.infogram.com https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://polldaddy.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.googletagservices.com https://www.linkedin.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

802-ijn-240.mktoresp.com
analytics.twitter.com
apis.google.com
assets.kasperskycontenthub.com
cm.everesttech.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d.impactradius-event.com
dpm.demdex.net
kaspersky.d3.sc.omtrdc.net
kasperskycontenthub.com
media.kaspersky.com
media.kasperskycontenthub.com
munchkin.marketo.net
resources.xg4ken.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
securelist.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.contentsquare.net
t.myvisualiq.net
vt.myvisualiq.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
cm.everesttech.net
d.impactradius-event.com
resources.xg4ken.com
t.contentsquare.net
t.myvisualiq.net
vt.myvisualiq.net
w.usabilla.com
www.google.de
104.111.234.67
104.244.42.195
104.244.42.197
13.36.218.177
151.101.12.157
18.66.112.87
185.85.15.31
192.28.147.68
2600:9000:223c:6600:1b:d000:d280:93a1
2606:4700:10::ac43:5d8
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00:2b8::f09
2a02:26f0:6c00::210:ba79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.173.160.135
54.220.225.42
54.78.200.127
00e2a621d21f27807c82af5d0ae72ba394d49cadb66eabdbeda8df15035dd00c
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
07d09e64601bde8c74fcdff4ce1a5e7d50eaf76f11e85f2845d1b82983279107
08e5c51e367f5f721ad103f5463f457f4ea5d9586583030cd1b766f4514e1bac
0b5e58a4f0210f08715d04b464d51ee735c5952a86ecb59988f5aab3ad166096
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17d15076c09f0f4a4a7c2cf7de50083a700cce80233d0ce57bf6677a496c08aa
1c960c480714e7a7e4360e3485b1c121fce15da0714e5fa53fd442ec6e7c8d58
211b1eb870f412eeb313da14d50d29c1702ed1ba5fd360d0a30b179d4008e520
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
29b8fef5edea5b3d8c7671a3365f3a48d73922364b763eabf05e46623a09a7c9
2c24b916160dc4962ba77c6f85b04c5f4831e2d71b549c0695d61154b1f32d49
2d5e0c040ebb46abb12a18ae1687e565f0839ef457eb3afe76e970bb6e4ce49b
2ecf379443f57809638e14820fa03538a924031b95233c263e336b5aeb40bd28
2f04dffb98bb2d4636822c0a9932d3065c94fd7962fea1066675503246312487
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
3511b363a05be1ba4471c10307c80144f57110e642deb01da0e4f561886a13d7
36175c07afaffa0777295d540fe4ee1b82d9c4414228e4551994728a2c88ad7e
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3c53425a00bb2860376f8a756688f59935048263d449a2b8fa07a7b95b50c859
3e8f70457295dc6917349d86929d8f644b2b6991e0613586524a1f5fac7a8214
3ef18948ff01c7b94a3ba7a291c1f632faa83da95570b77d0dd003a53a2a0855
431b070bc8f5f121f479f0ac17384c5c60b39288bc684cd594fb0653f4e176d3
43eeacbe9d816eae32e826f3783870424b689182d420317f1e3cd313fe5c4caf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47db3eedf6793ff55d3d71a6ea5fa2cc86317453f3910e181d22198cee291389
484aee1b81286040100dad5243407bd64be9aa7fc389b87ef2acd03451bc6888
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4d6500e8422784fa54708b2bf5cda81302fb67a758eb7977795ef7ca19bc3d4f
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e44f2e48aff813746a5709ac18c2876d6306ca2ff9d2cd691f8ec985ab8e2d7
528bbd11d6966cc5106f4ecf60da4f7096cd0b3c951f79a2d12c1f0bad33faa8
52b99878d87ee25a91e4986ab6522156eba4c51d6a4d65c91d812d83f4a6fcd8
53dbe2ed80b498f4a0c0e811dc9c4f6a8c1d62c7a5c19e3e3d9b9aab8a070bc2
561ca556ddb05522eb2f3cc5506a4bcb7728938e01d194ae07557699ceb6a99e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f17dc41f6bb14f278714727ec9d706a39c7484ecea8cc70637affdc850b3c94
630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab
634450e226178e563fcb407aeca195aa27f4fbd1efcb7415b1c8614f6d660dd0
6670587c6c6f7eaea610366096842e6256d42aa527149b0627416005f81f3390
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4abed507ae5e7cea30cf0420b7a937e954423ff85ff0111c9cc6140d472d56
73a6db7aaf149ec53d69ffea02bf070734217ea7e55c8f8b2b47a5ec4e656b54
799706f10a0d4045e0be9f81f89a830a6b303283f8d363d12aa984e79e108713
817a5884e29ee6e297abacc7da0b6433e95321732053e065c03db845907ed02f
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
824238054fdcb3af318c598d2cf97ee7bf0685b7785a674fc90f4cfc1bd92bb0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836563ad7be90ef74eac8862468b675138192f8691a870462d25bacb8c7069af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87978ba1ff2b78c8cfbd935f0208276189eb762c337a0804983aeb6631926f43
89083a6b95a71fc5bc390635d020818aaf9a9515fb982a4e8ca40f12f2adfe72
8a5c570c0f6e751544a5edb307dd1bcd249f9d22dd1e7f94a01cc06a97d4edcc
8d11314258b6411af1595b1034a2c1810ae01a70ab1451bde06832d8c7478a7a
8f799a34a68e6a09ed2f0afe3d9ef2bd456680fbc778766ab515feeed4b9cc81
90d287e131c8cba3c283ef47d5f643fa06742b580fd9f9a618a961f9f1aa158b
946b9f30a2864e61c74a65da0fc9dacce9a001b5c361c29b710fd2e34dd2f89b
94c6434812d7611bb00ac71312cd3cb826c1e468b8ed87d3e7b36f9ccd486418
98bd3afd3f47082426a89330cbff29e5ed773e6a2b9e5f7f3e25289e8eacad40
9a3d21319a4660d217fc8e36ee6715d9d11328105c60bf6103a7763d4393ca93
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
9d267660007f1f410756135374db1ee6baea0115d81e2c2a0821507c7111209f
9f086ead8240a93219f770cada3938d07335c50afc9de4e3ce7058f08b08afcb
9f7e0e10123ea3e492d4debb89938f3629b518326da0f269a241fd8691ce0a42
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a444f0c2fd13f0c1acf9997683d2821393eaba71052bbe45b949529c10ffa5b4
a5a74efd53eb2a7c097f816021c53f567e766cc3d3346bc9c322c247ef4f7c08
a5d76fcf1e513d110d8fcc5c66faedd5e8e9ed5f24b664aacede0463dbf9a33f
a94bde9aaf3c2226749ef3728c4c4daf78ea99c067f6dafc419b63fb374b3585
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adb6fc54157702116274fef81f6ce06d5ba0559c1adf78c21b65b94249677a78
ae4b6effb7fbf04941a4a5ae668befcbbb636b444d4554c1bcb3608ca0e980cb
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b378d22c726917d39df915cf46f85c2a88776f5463ad0b2f2bf4107e208c5fc6
b8b893c3d498be87f6ded47f7ed991d75530ddab7bb1c4cde1de707a35315803
b8c2a4839b74385d981e135fe7dd27930f9ec40fa224a9c90491f1830a42e5ee
bb64b458d21f550c6577ddb2d1bb7a055e029c0a85df128fb3b610052c430e0d
c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c50cd0d5ec965b0c3d7578f4963510454cf80c5f4da4ab1720700fbac33eed6b
c771fce0ba519a6fa28085f4ab1172fa52b71b26ec71bfd11955e2a743825dea
c7af89203ce9fa1f039511a01ae12b4d8d9822afbc5748cc831111713aac697d
cd29fbde8630c8cfff064cac887d276e5696e5b76d475534b15ab263ce087820
d1f7b5a18a344d0bb89a4e3fd37683f97fc66cf603ba09a5d2a15f24258611da
d49dc45ccc495169c52b1a9d0f0fbcc26d3a54023ba219e3fdde91a9121b2ad0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad
e381e76e2f8e13a602958f16754d80474a07c1019eb3c7770bf34bdf51c40b5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f53b9c893261cf1692f633c38b6b046efbef5b522fb826186f18346569a78e
e6bb226afa82eb9fcf6dc25592c6a7cd979ba4d795dfe6e0a31720de6ecd0af2
e7120aa240ae903fa5178e8a6ade91196d20c6ae93ae78163576d4fe5a956ce0
e98940cfe1288b874d977842ccaeb08cd169caa4173c3b86b8e188927e8578ed
ea8a6a7bc92c0a67e127611f44ba2943f2fcd4ef0cb7ae17405b4a495507e26f
eacb95d63e659a5a1b14b0b1611e8a90e7a5368d2e70fd35dfc14efece380949
ecd5e8012dc2a87ac3ec0707a4d4b2617858985f41333d920645c7c904690462
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f332c7c949ac0b8f51a62d377bda8db16f095e520fc26190692e8fbfdf7c62b4
f49616f5799065ebf4fcc95c80d526d53a486c33aa0213d32b5b124aab582c6b
f8ec69086f49812bda0cf94eb9c412c591c62e4c2f8d1136f74ad12c11fd14db
fc74442fdae91656d36d56217f79f0da33aa9dfe2e6ce3383d7eba3bfd9891f0
ff7e51d6ccb31da2a4099dbc1f3eb62ee3aec7ae5d83fe3d73b664c1b73427e0
ff83be5282c14284f873eac8098bd9bad2039604a70eba5aea8b221996535139

securelist.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

93 %HTTPS

52 %IPv6

26 Domains

32 Subdomains

24 IPs

6 Countries

4820 kBTransfer

10046 kBSize

17 Cookies

163 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securelist.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

93 %
HTTPS

52 %
IPv6

26
Domains

32
Subdomains

24
IPs

6
Countries

4820 kB
Transfer

10046 kB
Size

17
Cookies

123 HTTP transactions
1 data transactions