urlscan.io logo urlscan.io
SecurityTrails logo

www.securitylab.ru Open in urlscan Pro
178.248.236.145  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.securitylab.ru/virus/400144.php
Submission: On November 03 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 51 HTTP transactions. The main IP is 178.248.236.145, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.securitylab.ru. The Cisco Umbrella rank of the primary domain is 693945.
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.
This is the only time www.securitylab.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    178.248.236.145 (Russian Federation)

ASN197068 (QRATOR, RU)
www.securitylab.ru
4    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
www.securelist.com
securelist.com
4    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
27 securitylab.ru
www.securitylab.ru — Cisco Umbrella Rank: 693945
2 MB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
648 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8231
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 17
25 KB
4 securelist.com
www.securelist.com — Cisco Umbrella Rank: 678052
securelist.com — Cisco Umbrella Rank: 404176
271 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2098
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
51 7
Domain Requested by
27 www.securitylab.ru www.securitylab.ru
8 fonts.gstatic.com fonts.googleapis.com
5 mc.yandex.com 2 redirects www.securitylab.ru
5 www.gstatic.com www.google.com
4 www.google.com www.securitylab.ru
www.gstatic.com
www.google.com
2 mc.yandex.ru 1 redirects www.securitylab.ru
2 securelist.com www.securitylab.ru
2 www.securelist.com 2 redirects
1 fonts.googleapis.com www.securitylab.ru
51 9

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
vk.com
www.ptsecurity.com
getpocket.com
itsecurity.ru
Subject Issuer Validity Valid
*.securitylab.ru
R3		 2022-09-21 -
2022-12-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.securitylab.ru/virus/400144.php
Frame ID: 8A92F10AE496E0D5FA18F3B68C1F9CC1
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
Frame ID: AEDB8C218956913EDAFA8A0D6A38B248
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG
Frame ID: A736E2EABA1BACC17C12D7A176948DEE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hoax.Win32. ArchSMS.lrt

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:<link[^>]+components/bitrix|(?:src|href)="/bitrix/(?:js|templates))
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

51
Requests

92 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

3151 kB
Transfer

4081 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.securelist.com/ru/images/pictures/virus2/12550965.png HTTP 301
  • https://securelist.com/ru/images/pictures/virus2/12550965.png
Request Chain 11
  • https://www.securelist.com/ru/images/pictures/virus2/12550966.png HTTP 301
  • https://securelist.com/ru/images/pictures/virus2/12550966.png
Request Chain 39
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9811.cqMZpDMP7wlX1rl96LFSzibeomfDNEUWRJnOAo5WEYTSxZpR8Qy7AlJ7TTThMLD5.IRARXSDWsuxjt1t_0Ovg6o_rAl0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9811.t4SQzW-SJJ5Nua2QGknFkGLvHo68hWLFSurBTmgre3A4Lll9AMr_kd3GcLEa_CpuqA7iqwsbMcD0kne888QJMg%2C%2C.7EelNqbeINf-qjVnYdBPHPOvlmI%2C
Request Chain 45
  • https://mc.yandex.com/watch/32292334?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1403707504749%3Ahid%3A389771942%3Az%3A0%3Ai%3A20221103182146%3Aet%3A1667499707%3Ac%3A1%3Arn%3A50516036%3Arqn%3A1%3Au%3A1667499707563056747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C42%2C496%2C0%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Acpf%3A1%3Ans%3A1667499700678%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667499707%3At%3AHoax.Win32.%20ArchSMS.lrt&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/32292334/1?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1403707504749%3Ahid%3A389771942%3Az%3A0%3Ai%3A20221103182146%3Aet%3A1667499707%3Ac%3A1%3Arn%3A50516036%3Arqn%3A1%3Au%3A1667499707563056747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C42%2C496%2C0%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Acpf%3A1%3Ans%3A1667499700678%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667499707%3At%3AHoax.Win32.%20ArchSMS.lrt&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 400144.php
www.securitylab.ru/virus/ 		39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
705f9d7bfe8bb7d2e2f1fafb9f31dba19091864017fdf511fb3918f9c8845c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 18:21:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
origin
server
QRATOR
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1
compatibility.css
www.securitylab.ru/bitrix/js/ui/design-tokens/dist/ 		439 B
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/js/ui/design-tokens/dist/compatibility.css?1663929388439
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
7b15bfa01681d5498e1b0e027886fe96df8f3d413578ea27eb201361eec2cae8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 23 Sep 2022 10:36:28 GMT
server
QRATOR
etag
"632d8c2c-1b7"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
439
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui.font.opensans.css
www.securitylab.ru/bitrix/js/ui/fonts/opensans/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/js/ui/fonts/opensans/ui.font.opensans.css?16639293882555
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
d7e5a1a93e918694267fb4c2e1ea9f46f128794032ea91434a760415ff99aa47
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 23 Sep 2022 10:36:28 GMT
server
QRATOR
etag
W/"632d8c2c-9fb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.popup.bundle.css
www.securitylab.ru/bitrix/js/main/popup/dist/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/js/main/popup/dist/main.popup.bundle.css?166659491028285
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
c7b83c520399497aa9772d9527ef2748e445d8511a9d65c198fb3874fa8bc8ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Mon, 24 Oct 2022 07:01:50 GMT
server
QRATOR
etag
W/"6356385e-6e7d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
template_834e04b046d0c6d7e13edd262385560e_v1.css
www.securitylab.ru/bitrix/cache/css/ru/securitylab_pages/template_834e04b046d0c6d7e13edd262385560e/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/cache/css/ru/securitylab_pages/template_834e04b046d0c6d7e13edd262385560e/template_834e04b046d0c6d7e13edd262385560e_v1.css?16674695428917
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
326f25e21764459737dcf41bad50d96f7337bb1da89135e5d9c870b76fa9da96
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 09:59:02 GMT
server
QRATOR
etag
W/"636390e6-22d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
core.js
www.securitylab.ru/bitrix/js/main/core/ 		477 KB
478 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/js/main/core/core.js?1663929402488362
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
27dc66d5fb4217fc8dcafe158a6f87d55d94a32a32f5f7d1c18689e96830e0d4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 23 Sep 2022 10:36:42 GMT
server
QRATOR
etag
W/"632d8c3a-773aa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.popup.bundle.js
www.securitylab.ru/bitrix/js/main/popup/dist/ 		111 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/js/main/popup/dist/main.popup.bundle.js?1661366281113772
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a7bf7c319f8be08e102538124ae3f7aa4a18680a733d29451d1f782ee7f5eca1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 24 Aug 2022 18:38:01 GMT
server
QRATOR
etag
W/"63067009-1bc6c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
user_consent.js
www.securitylab.ru/bitrix/components/bitrix/main.userconsent.request/templates/.default/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/bitrix/components/bitrix/main.userconsent.request/templates/.default/user_consent.js?164356269812150
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
82f181b8f48d26cc213a3535b20ac5c9bb8b7f021dca8c140c73ae05c3aee506
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Sun, 30 Jan 2022 17:11:38 GMT
server
QRATOR
etag
W/"61f6c6ca-2f76"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
www.securitylab.ru/css/ 		312 KB
312 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/css/main.css
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
bfe40c1833460252972ed1f90d9e22a949f499a53c66f7f8c5da54957a61266f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:41 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 22 Oct 2020 10:25:11 GMT
server
QRATOR
etag
W/"5f915e07-4debc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-header.svg
www.securitylab.ru/img/logo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/img/logo/logo-header.svg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
9d5c2d697e15c6a9cdf7b78f5b458af3a15e593ddc24bd1f6705d8087db91d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Sat, 19 Oct 2019 09:44:01 GMT
server
QRATOR
etag
"5daadae1-2633"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
9779
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
8yjmh7yvi7guvzkb4vj25jogi8xqwp01.png
www.securitylab.ru/upload/rk/1ef/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/rk/1ef/8yjmh7yvi7guvzkb4vj25jogi8xqwp01.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
684edb2fe39b72a87e923695eb1e97efbc0c7269e2de4a3637fa15f49ec84f7e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Sat, 29 Oct 2022 20:23:02 GMT
server
QRATOR
etag
"635d8ba6-15471"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
87153
expires
Thu, 31 Dec 2037 23:55:55 GMT
12550965.png
securelist.com/ru/images/pictures/virus2/
Redirect Chain
  • https://www.securelist.com/ru/images/pictures/virus2/12550965.png
  • https://securelist.com/ru/images/pictures/virus2/12550965.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securelist.com/ru/images/pictures/virus2/12550965.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

location
https://securelist.com/ru/images/pictures/virus2/12550965.png
date
Thu, 03 Nov 2022 18:21:44 GMT
server
kaspersky
content-length
162
x-frame-options
SAMEORIGIN
content-type
text/html
12550966.png
securelist.com/ru/images/pictures/virus2/
Redirect Chain
  • https://www.securelist.com/ru/images/pictures/virus2/12550966.png
  • https://securelist.com/ru/images/pictures/virus2/12550966.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securelist.com/ru/images/pictures/virus2/12550966.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

location
https://securelist.com/ru/images/pictures/virus2/12550966.png
date
Thu, 03 Nov 2022 18:21:44 GMT
server
kaspersky
content-length
162
x-frame-options
SAMEORIGIN
content-type
text/html
bf05ou8dlr4e0pv0xhil001jsdydidxh.png
www.securitylab.ru/upload/resize_cache/iblock/1b9/241_151_2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/1b9/241_151_2/bf05ou8dlr4e0pv0xhil001jsdydidxh.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
ca5838e7fac0ec5cb100d8ff85804a722266f65ab186c643a523ac83167609a9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 12:31:44 GMT
server
QRATOR
etag
"6363b4b0-2be1"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
11233
expires
Thu, 31 Dec 2037 23:55:55 GMT
5eck2sftl1regureerb4gefs3gux0g0u.jpg
www.securitylab.ru/upload/resize_cache/iblock/69d/241_151_2/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/69d/241_151_2/5eck2sftl1regureerb4gefs3gux0g0u.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
47b31158ba2ef0919b46e4b4a3da8ab3a68dae768e6f4091170fc531c0196cd7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 11:49:19 GMT
server
QRATOR
etag
"6363aabf-496e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
18798
expires
Thu, 31 Dec 2037 23:55:55 GMT
m0g8a5mrb6xj9y6fc0zrbb606wtwf5ix.jpg
www.securitylab.ru/upload/resize_cache/iblock/a7d/241_151_2/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/a7d/241_151_2/m0g8a5mrb6xj9y6fc0zrbb606wtwf5ix.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
383f43b0b23ee3608c30c07f9385505ac304bed2149a65efa7f239fde5d3f5bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 11:40:05 GMT
server
QRATOR
etag
"6363a895-5e29"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
24105
expires
Thu, 31 Dec 2037 23:55:55 GMT
olxdeguo61wqoxw3ckjk4jacmk7jytyx.png
www.securitylab.ru/upload/resize_cache/iblock/6b2/241_151_2/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/6b2/241_151_2/olxdeguo61wqoxw3ckjk4jacmk7jytyx.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
e6e8b2dcea8b20094678b83793a09b0edfb70b08b16e3c1094b3362f8f83c482
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 09:57:58 GMT
server
QRATOR
etag
"636390a6-15bfe"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
89086
expires
Thu, 31 Dec 2037 23:55:55 GMT
vjw5jcyr11vagci8cb0soyl1wx311o0o.jpg
www.securitylab.ru/upload/resize_cache/iblock/a40/241_151_2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/a40/241_151_2/vjw5jcyr11vagci8cb0soyl1wx311o0o.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
ffec761110407432a2609dfb389b7efabe8ad554d457431bfcfaf8fb77d0efce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 10:07:21 GMT
server
QRATOR
etag
"636392d9-74a4"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
29860
expires
Thu, 31 Dec 2037 23:55:55 GMT
gf25644mna67pqef1yerbtz2ay8vv4ie.png
www.securitylab.ru/upload/resize_cache/iblock/eec/241_151_2/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/eec/241_151_2/gf25644mna67pqef1yerbtz2ay8vv4ie.png
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b3468d365d7c0e651ddf7ffc5c333cfc8745864ce443be9b8e83f158bb4c15e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 09:10:41 GMT
server
QRATOR
etag
"63638591-e6ac"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59052
expires
Thu, 31 Dec 2037 23:55:55 GMT
ce3fbx5l1fm6kb2qzv34u7aye622fwzd.jpg
www.securitylab.ru/upload/resize_cache/iblock/fce/241_151_2/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/fce/241_151_2/ce3fbx5l1fm6kb2qzv34u7aye622fwzd.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
92f25602cf0988bd0ab9101227366194967537a607d2009c501077535c67c807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 09:06:22 GMT
server
QRATOR
etag
"6363848e-bfe4"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
49124
expires
Thu, 31 Dec 2037 23:55:55 GMT
24d0a2abrye644401e4zqfxipbai0a9b.jpg
www.securitylab.ru/upload/resize_cache/iblock/047/241_151_2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/047/241_151_2/24d0a2abrye644401e4zqfxipbai0a9b.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
18ab778cbe62aeba50c1bc1b2ccf27d2aba84c6bcd0ed86f297f5b065237722f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 09:46:08 GMT
server
QRATOR
etag
"63638de0-2855"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
10325
expires
Thu, 31 Dec 2037 23:55:55 GMT
3w7v3nrud507ojnqgonorpz057jlyzdp.jpg
www.securitylab.ru/upload/resize_cache/iblock/714/241_151_2/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/resize_cache/iblock/714/241_151_2/3w7v3nrud507ojnqgonorpz057jlyzdp.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
42c35ba49ca8b02a030e8160e0251bf24e1f71f9f34aa96e0c5166288c8d3483
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 03 Nov 2022 10:30:56 GMT
server
QRATOR
etag
"63639860-5a10"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
23056
expires
Thu, 31 Dec 2037 23:55:55 GMT
jusn0e5fblzkws26yaa1yhw8fwptcvll.jpg
www.securitylab.ru/upload/rk/fbd/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/upload/rk/fbd/jusn0e5fblzkws26yaa1yhw8fwptcvll.jpg
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a060e421556a5071b5679d32b4302b512b9de749e6c32132cebba0981176d2b0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 28 Oct 2022 05:16:06 GMT
server
QRATOR
etag
"635b6596-1fd31"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
130353
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.securitylab.ru/js/ 		847 KB
849 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/js/main.js
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
427b1e20b7f60ce4a264000fe9d3ed4b41c0f037b0dddd0aa88a8251cc9bd1aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:42 GMT
strict-transport-security
max-age=15768000
last-modified
Tue, 29 Jun 2021 13:25:37 GMT
server
QRATOR
etag
W/"60db1f51-d3d6e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
image_croper.js
www.securitylab.ru/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/js/image_croper.js
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
167b92270f815c8c1ad693190943c4aa27416291d093a2c4e61fe40346dce5c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:43 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 17 Jul 2020 11:16:20 GMT
server
QRATOR
etag
W/"5f118884-6ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
cpb.js
www.securitylab.ru/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/js/cpb.js
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
96ffda0d9e970a382dddfb652b581372149088b2cab2cc90eb551b352545863a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Tue, 21 Jul 2020 13:50:09 GMT
server
QRATOR
etag
W/"5f16f291-74f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		850 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d090129339f10606292a643f5489c78bc7fab0206d94a2c3f034811a5f63e6e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 18:21:43 GMT
grammar.js
www.securitylab.ru/local/components/grammar/grammar/templates/main/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/local/components/grammar/grammar/templates/main/grammar.js?1667499701
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
6f1b9524cac833c5fd1f26e6e62b62cae2cfc47affb7ff16aa0392c5ad0a2ec5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 15 Jan 2021 11:50:57 GMT
server
QRATOR
etag
W/"600181a1-10f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
watch.js
mc.yandex.ru/metrika/ 		160 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ad63ec11346d8076872523dc208ea4383d9fdd37a88c1ace621b0e16672d5104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 25 Oct 2022 06:30:09 GMT
etag
"63575841-e1e1"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
57825
expires
Thu, 03 Nov 2022 19:21:44 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 18:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 18:12:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 18:21:43 GMT
fontello.woff2
www.securitylab.ru/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.securitylab.ru/fonts/fontello.woff2?54227959
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b4bba48613f4f4ed8afc60d108352f50c3778380239e2b32b5ce1a48ea3db0b2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.securitylab.ru/css/main.css
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:44 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 09 Oct 2020 11:18:47 GMT
server
QRATOR
etag
"5f804717-1e94"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7828
expires
Thu, 31 Dec 2037 23:55:55 GMT
o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v27/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2df8df811aa34268dae030824fd3d27905c259a28c208650b1e6f42cec094563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 17:37:17 GMT
x-content-type-options
nosniff
age
261867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5936
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 17:37:17 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 20:52:35 GMT
x-content-type-options
nosniff
age
250149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 20:52:35 GMT
o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v27/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
154627be91ed8c1e92a0c4cd4011eef27d4b1ff1be423ad20836fc283e00393b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 19:15:47 GMT
x-content-type-options
nosniff
age
83157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6072
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 19:15:47 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 21:23:03 GMT
x-content-type-options
nosniff
age
75521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 21:23:03 GMT
ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 14:59:17 GMT
x-content-type-options
nosniff
age
271347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:36:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:59:17 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 01:03:45 GMT
x-content-type-options
nosniff
age
148679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23948
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:47:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 01:03:45 GMT
ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d46ead9f910fcfde400da676a140b14241a2f67c6f2c0557cb2139cb10ebb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 18:25:24 GMT
x-content-type-options
nosniff
age
258980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18328
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:10:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 18:25:24 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 22:20:59 GMT
x-content-type-options
nosniff
age
244845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27456
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:10:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 22:20:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ 		400 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.securitylab.ru/
Origin
https://www.securitylab.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163140
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 16:23:26 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9811.cqMZpDMP7wlX1rl96LFSzibeomfDNEUWRJnOAo5WEYTSxZpR8Qy7AlJ7TTThMLD5.IRARXSDWsuxjt1t_0Ovg6o_rAl0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9811.t4SQzW-SJJ5Nua2QGknFkGLvHo68hWLFSurBTmgre3A4Lll9AMr_kd3GcLEa_CpuqA7iqwsbMcD0kne888QJMg%2C%2C.7EelNqbeINf-qjVnYdBPHPOvlmI%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9811.t4SQzW-SJJ5Nua2QGknFkGLvHo68hWLFSurBTmgre3A4Lll9AMr_kd3GcLEa_CpuqA7iqwsbMcD0kne888QJMg%2C%2C.7EelNqbeINf-qjVnYdBPHPOvlmI%2C
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:47 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9811.t4SQzW-SJJ5Nua2QGknFkGLvHo68hWLFSurBTmgre3A4Lll9AMr_kd3GcLEa_CpuqA7iqwsbMcD0kne888QJMg%2C%2C.7EelNqbeINf-qjVnYdBPHPOvlmI%2C
date
Thu, 03 Nov 2022 18:21:47 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:46 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 25 Oct 2022 06:30:09 GMT
etag
"63575841-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 03 Nov 2022 19:21:46 GMT
ajax-loader.gif
www.securitylab.ru/css/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitylab.ru/css/ajax-loader.gif
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.248.236.145 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
3f141e2ee38ad9dde45ac592bb703ac525f682c4e68275137f05cd45f088f6bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:47 GMT
strict-transport-security
max-age=15768000
last-modified
Fri, 22 Nov 2019 17:06:43 GMT
server
QRATOR
etag
"5dd815a3-d729"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
55081
expires
Thu, 31 Dec 2037 23:55:55 GMT
anchor
www.google.com/recaptcha/api2/ Frame AEDB 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce317399b163af09c6695a0c4c07ce63fee64b12d90de4065990706c05cdf5c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5Dq6CDXoy6S0V3odA6KxKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.securitylab.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23294
content-security-policy
script-src 'report-sample' 'nonce-5Dq6CDXoy6S0V3odA6KxKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 18:21:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame AEDB 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 16:32:17 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame AEDB 		400 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163140
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 16:23:26 GMT
1
mc.yandex.com/watch/32292334/
Redirect Chain
  • https://mc.yandex.com/watch/32292334?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%3A...
  • https://mc.yandex.com/watch/32292334/1?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%...
439 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/32292334/1?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1403707504749%3Ahid%3A389771942%3Az%3A0%3Ai%3A20221103182146%3Aet%3A1667499707%3Ac%3A1%3Arn%3A50516036%3Arqn%3A1%3Au%3A1667499707563056747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C42%2C496%2C0%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Acpf%3A1%3Ans%3A1667499700678%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667499707%3At%3AHoax.Win32.%20ArchSMS.lrt&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Requested by
Host: www.securitylab.ru
URL: https://www.securitylab.ru/virus/400144.php
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e52e6b58425e5e5cb62c2d034c9e8b42ced59fda1bcf89b210f230d8888fce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.securitylab.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 18:21:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 03-Nov-2022 18:21:47 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.securitylab.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Thu, 03-Nov-2022 18:21:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Nov 2022 18:21:47 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 03-Nov-2022 18:21:47 GMT
location
/watch/32292334/1?wmode=7&page-url=https%3A%2F%2Fwww.securitylab.ru%2Fvirus%2F400144.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeeda838fxmlhk5beh3cok%3Afp%3A3402%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1403707504749%3Ahid%3A389771942%3Az%3A0%3Ai%3A20221103182146%3Aet%3A1667499707%3Ac%3A1%3Arn%3A50516036%3Arqn%3A1%3Au%3A1667499707563056747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C42%2C496%2C0%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Acpf%3A1%3Ans%3A1667499700678%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1667499707%3At%3AHoax.Win32.%20ArchSMS.lrt&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin
https://www.securitylab.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 03-Nov-2022 18:21:47 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AEDB 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d135a22ba0093900bcb7e07d85517d411eebd89c425de91935c75020bee16f73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG&co=aHR0cHM6Ly93d3cuc2VjdXJpdHlsYWIucnU6NDQz&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=normal&cb=jrhuq06vgmad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 18:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 18:21:47 GMT
bframe
www.google.com/recaptcha/api2/ Frame A736 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10c5293ca6491defafaeaa0825b8eaf63106d59a7cf6e758097047b0e783d7ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GN1U4E9U-SgaUoJSuewZ0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.securitylab.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1117
content-security-policy
script-src 'report-sample' 'nonce-GN1U4E9U-SgaUoJSuewZ0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 18:21:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame A736 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 16:32:17 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame A736 		400 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6LdcFRUUAAAAAEmP0hXlfU5t2nqtdPFYMQG4BreG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163140
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 04:01:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 16:23:26 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| BX object| babelHelpers object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| _main_polyfill_core function| BXInputPopup function| mainInit function| initTopNewsSlider function| initSliderArticles function| initSliderBlogHome function| initSliderBlogPersonal function| initContentSlider function| initFormValidation function| doScrollTop function| doScrollTo function| initCookieMsg function| initToastr function| showAlert function| goToPageSubmit function| initSocialShare function| printDiv function| $ function| jQuery function| Popper object| Util function| Alert function| Button function| Carousel function| Collapse function| Dropdown function| Modal function| Tooltip function| Popover function| ScrollSpy function| Tab function| Toast object| toastr function| SimpleBar function| JSShare function| ScrollMagic function| Cookies function| bannerReload undefined| div4copy string| pagelink function| create_div4copy function| clipboard_addLink object| a number| c object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _processform_8BACKi function| CloseErrorWindow object| Ya object| yaCounter32292334 object| recaptcha object| closure_lm_810311

13 Cookies

Domain/Path Name / Value
.www.securitylab.ru/ Name: PHPSESSID
Value: 1NMt0tv77039PlxUONbRA69R3DlkiUI1
.www.securitylab.ru/ Name: SL_GUEST_ID
Value: 3702147
.www.securitylab.ru/ Name: SL_LAST_VISIT
Value: 03.11.2022%2021%3A21%3A40
.securitylab.ru/ Name: _ym_uid
Value: 1667499707563056747
.securitylab.ru/ Name: _ym_d
Value: 1667499707
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 612351798fake
.securitylab.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1073089767fake
.yandex.com/ Name: yandexuid
Value: 7934587531667499707
.yandex.com/ Name: yuidss
Value: 7934587531667499707
mc.yandex.com/ Name: yabs-sid
Value: 1950620781667499707
.yandex.com/ Name: i
Value: x4LMgil5DYxyfhzoicD4wie5eWp6SdltEjiuKxX7V/sqWxc2pAOP1tcJVUKhibfL6NjIGxnrcNFymdZrIApHT0B9Wog=
.yandex.com/ Name: ymex
Value: 1699035707.yrts.1667499707#1699035707.yrtsi.1667499707

7 Console Messages

Source Level URL
Text
security warning URL: https://www.securitylab.ru/virus/400144.php
Message:
Mixed Content: The page at 'https://www.securitylab.ru/virus/400144.php' was loaded over HTTPS, but requested an insecure element 'http://www.securelist.com/ru/images/pictures/virus2/12550965.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.securitylab.ru/virus/400144.php
Message:
Mixed Content: The page at 'https://www.securitylab.ru/virus/400144.php' was loaded over HTTPS, but requested an insecure element 'http://www.securelist.com/ru/images/pictures/virus2/12550966.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.securitylab.ru/virus/400144.php(Line 229)
Message:
Mixed Content: The page at 'https://www.securitylab.ru/virus/400144.php' was loaded over HTTPS, but requested an insecure element 'http://www.securelist.com/ru/images/pictures/virus2/12550965.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.securitylab.ru/virus/400144.php(Line 229)
Message:
Mixed Content: The page at 'https://www.securitylab.ru/virus/400144.php' was loaded over HTTPS, but requested an insecure element 'http://www.securelist.com/ru/images/pictures/virus2/12550966.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://securelist.com/ru/images/pictures/virus2/12550965.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://securelist.com/ru/images/pictures/virus2/12550966.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9811.t4SQzW-SJJ5Nua2QGknFkGLvHo68hWLFSurBTmgre3A4Lll9AMr_kd3GcLEa_CpuqA7iqwsbMcD0kne888QJMg%2C%2C.7EelNqbeINf-qjVnYdBPHPOvlmI%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
securelist.com
www.google.com
www.gstatic.com
www.securelist.com
www.securitylab.ru
178.248.236.145
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
35.173.160.135
10c5293ca6491defafaeaa0825b8eaf63106d59a7cf6e758097047b0e783d7ac
154627be91ed8c1e92a0c4cd4011eef27d4b1ff1be423ad20836fc283e00393b
167b92270f815c8c1ad693190943c4aa27416291d093a2c4e61fe40346dce5c1
17d46ead9f910fcfde400da676a140b14241a2f67c6f2c0557cb2139cb10ebb7
18ab778cbe62aeba50c1bc1b2ccf27d2aba84c6bcd0ed86f297f5b065237722f
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
27dc66d5fb4217fc8dcafe158a6f87d55d94a32a32f5f7d1c18689e96830e0d4
2df8df811aa34268dae030824fd3d27905c259a28c208650b1e6f42cec094563
326f25e21764459737dcf41bad50d96f7337bb1da89135e5d9c870b76fa9da96
383f43b0b23ee3608c30c07f9385505ac304bed2149a65efa7f239fde5d3f5bc
3f141e2ee38ad9dde45ac592bb703ac525f682c4e68275137f05cd45f088f6bd
427b1e20b7f60ce4a264000fe9d3ed4b41c0f037b0dddd0aa88a8251cc9bd1aa
42c35ba49ca8b02a030e8160e0251bf24e1f71f9f34aa96e0c5166288c8d3483
47b31158ba2ef0919b46e4b4a3da8ab3a68dae768e6f4091170fc531c0196cd7
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
684edb2fe39b72a87e923695eb1e97efbc0c7269e2de4a3637fa15f49ec84f7e
6f1b9524cac833c5fd1f26e6e62b62cae2cfc47affb7ff16aa0392c5ad0a2ec5
705f9d7bfe8bb7d2e2f1fafb9f31dba19091864017fdf511fb3918f9c8845c8e
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
7b15bfa01681d5498e1b0e027886fe96df8f3d413578ea27eb201361eec2cae8
82f181b8f48d26cc213a3535b20ac5c9bb8b7f021dca8c140c73ae05c3aee506
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
92f25602cf0988bd0ab9101227366194967537a607d2009c501077535c67c807
96ffda0d9e970a382dddfb652b581372149088b2cab2cc90eb551b352545863a
9d5c2d697e15c6a9cdf7b78f5b458af3a15e593ddc24bd1f6705d8087db91d8e
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
a060e421556a5071b5679d32b4302b512b9de749e6c32132cebba0981176d2b0
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a7bf7c319f8be08e102538124ae3f7aa4a18680a733d29451d1f782ee7f5eca1
ad63ec11346d8076872523dc208ea4383d9fdd37a88c1ace621b0e16672d5104
b3468d365d7c0e651ddf7ffc5c333cfc8745864ce443be9b8e83f158bb4c15e5
b4bba48613f4f4ed8afc60d108352f50c3778380239e2b32b5ce1a48ea3db0b2
bfe40c1833460252972ed1f90d9e22a949f499a53c66f7f8c5da54957a61266f
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c7b83c520399497aa9772d9527ef2748e445d8511a9d65c198fb3874fa8bc8ce
ca5838e7fac0ec5cb100d8ff85804a722266f65ab186c643a523ac83167609a9
ce317399b163af09c6695a0c4c07ce63fee64b12d90de4065990706c05cdf5c1
d090129339f10606292a643f5489c78bc7fab0206d94a2c3f034811a5f63e6e2
d135a22ba0093900bcb7e07d85517d411eebd89c425de91935c75020bee16f73
d7e5a1a93e918694267fb4c2e1ea9f46f128794032ea91434a760415ff99aa47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52e6b58425e5e5cb62c2d034c9e8b42ced59fda1bcf89b210f230d8888fce31
e6e8b2dcea8b20094678b83793a09b0edfb70b08b16e3c1094b3362f8f83c482
ffec761110407432a2609dfb389b7efabe8ad554d457431bfcfaf8fb77d0efce