usa.kaspersky.com Open in urlscan Pro
77.74.178.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://usa.kaspersky.com/resource-center/threats/zeus-virus
Submission Tags: falconsandbox
Submission: On January 25 via api (January 25th 2022, 12:37:45 pm UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 34 domains to perform 115 HTTP transactions. The main IP is 77.74.178.40, located in Switzerland and belongs to KL-EXT, RU. The main domain is usa.kaspersky.com. The Cisco Umbrella rank of the primary domain is 642838.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 11th 2021. Valid for: a year.

This is the only time usa.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	77.74.178.40 77.74.178.40	200107 (KL-EXT) (KL-EXT)
3	23.36.238.7 23.36.238.7	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	185.85.15.23 185.85.15.23	200107 (KL-EXT) (KL-EXT)
1	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1 3	34.243.89.47 34.243.89.47	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.109 18.64.79.109	16509 (AMAZON-02) (AMAZON-02)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.61.33 65.9.61.33	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	34.199.207.17 34.199.207.17	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:205... 2600:9000:2057:2c00:17:2e54:9a00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7 12	18.195.250.85 18.195.250.85	16509 (AMAZON-02) (AMAZON-02)
1	50.18.209.150 50.18.209.150	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 3	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.248.81.51 34.248.81.51	16509 (AMAZON-02) (AMAZON-02)
1	34.250.134.201 34.250.134.201	16509 (AMAZON-02) (AMAZON-02)
3	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.75.68.230 54.75.68.230	16509 (AMAZON-02) (AMAZON-02)
2	54.76.34.70 54.76.34.70	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1 1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
2 5	172.217.21.166 172.217.21.166	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	95.100.153.169 95.100.153.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:801::2003	15169 (GOOGLE) (GOOGLE)
3	34.238.109.52 34.238.109.52	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:214... 2600:9000:214f:de00:13:ed6c:11c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	18.204.167.233 18.204.167.233	14618 (AMAZON-AES) (AMAZON-AES)
1	54.211.99.89 54.211.99.89	14618 (AMAZON-AES) (AMAZON-AES)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
2	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
115	44

34 77.74.178.40 (Switzerland)

ASN200107 (KL-EXT, RU)

usa.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-router.kaspersky-labs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.238.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-238-7.deploy.static.akamaitechnologies.com

service.maxymiser.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.23 (Switzerland)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.243.89.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-89-47.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-109.txl50.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-33.fra56.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.207.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-207-17.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2c00:17:2e54:9a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

ove1.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.195.250.85 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.209.150 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-209-150.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:c05 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.81.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-81-51.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.134.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-134-201.eu-west-1.compute.amazonaws.com

kaspersky.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

kaspersky.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.68.230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.34.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-34-70.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.21.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra07s64-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9582686.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.153.169 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-169.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:801::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.238.109.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-109-52.compute-1.amazonaws.com

visitor-scoring.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:de00:13:ed6c:11c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.204.167.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-167-233.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.99.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-99-89.compute-1.amazonaws.com

cobrowse.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	kaspersky.com usa.kaspersky.com — Cisco Umbrella Rank: 642838 media.kaspersky.com — Cisco Umbrella Rank: 137138	2 MB
13	myvisualiq.net 7 redirects vt.myvisualiq.net — Cisco Umbrella Rank: 13335 t.myvisualiq.net — Cisco Umbrella Rank: 1321	11 KB
8	doubleclick.net 2 redirects pubads.g.doubleclick.net — Cisco Umbrella Rank: 462 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 ad.doubleclick.net — Cisco Umbrella Rank: 195 9582686.fls.doubleclick.net — Cisco Umbrella Rank: 487941	3 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3413 va.idp.liveperson.net — Cisco Umbrella Rank: 13059 va.v.liveperson.net — Cisco Umbrella Rank: 3834	112 KB
6	marketlinc.com ove1.marketlinc.com — Cisco Umbrella Rank: 973371 visitor-scoring.marketlinc.com — Cisco Umbrella Rank: 109695 cdn.marketlinc.com	15 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	68 KB
4	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3384 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3468	33 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com — Cisco Umbrella Rank: 5501	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205 kaspersky.demdex.net — Cisco Umbrella Rank: 345568	6 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	314 KB
3	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	401 B
3	omtrdc.net kaspersky.d3.sc.omtrdc.net — Cisco Umbrella Rank: 329988	745 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	3 KB
3	tribalfusion.com 3 redirects s.tribalfusion.com — Cisco Umbrella Rank: 2305 a.tribalfusion.com — Cisco Umbrella Rank: 808	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 881	2 KB
3	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3931 c.contentsquare.net — Cisco Umbrella Rank: 3774	65 KB
3	maxymiser.net service.maxymiser.net — Cisco Umbrella Rank: 9689	49 KB
2	mypurecloud.com apps.mypurecloud.com — Cisco Umbrella Rank: 12792 cobrowse.mypurecloud.com — Cisco Umbrella Rank: 62937	107 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5557	564 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	171 KB
2	kaspersky-labs.com api-router.kaspersky-labs.com — Cisco Umbrella Rank: 410687	591 B
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 284	556 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1333	124 B
1	tapad.com 1 redirects tapestry.tapad.com — Cisco Umbrella Rank: 1115	446 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 992	517 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 3214	19 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1117	428 B
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 4808	4 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2727	13 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	2 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 6180	6 KB
115	34

	Domain	Requested by
32	usa.kaspersky.com	usa.kaspersky.com
12	t.myvisualiq.net	7 redirects
5	analytics.tiktok.com	usa.kaspersky.com analytics.tiktok.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	usa.kaspersky.com www.googletagmanager.com
3	visitor-scoring.marketlinc.com	ove1.marketlinc.com visitor-scoring.marketlinc.com
3	9582686.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	www.facebook.com
3	kaspersky.d3.sc.omtrdc.net	media.kaspersky.com
3	ib.adnxs.com	2 redirects
3	bat.bing.com	usa.kaspersky.com bat.bing.com
3	unpkg.com	2 redirects
3	dpm.demdex.net	1 redirects media.kaspersky.com
3	service.maxymiser.net	usa.kaspersky.com service.maxymiser.net
2	va.v.liveperson.net	lptag.liveperson.net
2	va.idp.liveperson.net	lptag.liveperson.net va.idp.liveperson.net
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	lptag.liveperson.net	ove1.marketlinc.com
2	px.ads.linkedin.com	2 redirects
2	www.google.de
2	www.google.com
2	ad.doubleclick.net	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	c.contentsquare.net
2	s.tribalfusion.com	2 redirects
2	connect.facebook.net	usa.kaspersky.com connect.facebook.net
2	ove1.marketlinc.com	www.googletagmanager.com usa.kaspersky.com
2	api-router.kaspersky-labs.com	usa.kaspersky.com
1	cobrowse.mypurecloud.com	cdn.marketlinc.com
1	apps.mypurecloud.com	cdn.marketlinc.com
1	adservice.google.com	9582686.fls.doubleclick.net
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.marketlinc.com	ove1.marketlinc.com
1	s.amazon-adsystem.com
1	loadus.exelator.com
1	tapestry.tapad.com	1 redirects
1	cm.everesttech.net	1 redirects
1	kaspersky.demdex.net	media.kaspersky.com
1	w.usabilla.com	usa.kaspersky.com
1	a.tribalfusion.com	1 redirects
1	pubads.g.doubleclick.net
1	jadserve.postrelease.com
1	resources.xg4ken.com	usa.kaspersky.com
1	d.impactradius-event.com	usa.kaspersky.com
1	vt.myvisualiq.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	t.contentsquare.net	usa.kaspersky.com
1	widget.trustpilot.com	usa.kaspersky.com
1	media.kaspersky.com	usa.kaspersky.com
115	51

This site contains links to these domains. Also see Links.

Domain
shop.usa.kaspersky.com
app.appsflyer.com
support.kaspersky.com
www.facebook.com
twitter.com
linkedin.com
youtube.com
instagram.com
community.kaspersky.com
www.kaspersky.com
latam.kaspersky.com
www.kaspersky.com.br
www.kaspersky.ca
africa.kaspersky.com
afrique.kaspersky.com
algerie.kaspersky.com
www.kaspersky.ma
www.kaspersky.co.za
www.kaspersky.tn
me-en.kaspersky.com
me.kaspersky.com
www.kaspersky.be
www.kaspersky.dk
www.kaspersky.de
www.kaspersky.es
www.kaspersky.fr
www.kaspersky.it
www.kaspersky.nl
www.kaspersky.no
www.kaspersky.pt
www.kaspersky.se
www.kaspersky.fi
www.kaspersky.co.uk
www.kaspersky.cz
www.kaspersky.hu
www.kaspersky.pl
www.kaspersky.ro
www.kaspersky.rs
www.kaspersky.com.tr
www.kaspersky.gr
www.kaspersky.bg
www.kaspersky.ru
www.kaspersky.ua
www.kaspersky.com.au
www.kaspersky.co.in
www.kaspersky.com.vn
www.kaspersky.co.th
www.kaspersky.co.kr
www.kaspersky.com.cn
www.kaspersky.com.hk
www.kaspersky.com.tw
www.kaspersky.co.jp

Subject Issuer	Validity	Valid
usa.kaspersky.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-11` - `2022-08-11`	a year	crt.sh
*.maxymiser.net DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
media.kaspersky.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-23` - `2022-04-28`	a year	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
api-router.kaspersky-labs.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-08`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.myvisualiq.net Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-10` - `2023-01-06`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2021-09-17` - `2022-10-19`	a year	crt.sh
*.marketlinc.com Amazon	`2022-01-06` - `2023-02-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
w.usabilla.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
mypurecloud.com Amazon	`2021-10-21` - `2022-11-18`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
*.idp.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2020-07-09` - `2022-07-09`	2 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Frame ID: 49DA913EC64A7962DCF27BC1E4E1AF13
Requests: 107 HTTP requests in this frame

Frame: https://w.usabilla.com/1649d5fbb67c.js?lv=1
Frame ID: A463505413A15B2167B9CCEDBB94A3D2
Requests: 1 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 7106C41D5B6507BD3EE78B0846B0BD5D
Requests: 1 HTTP requests in this frame

Frame: https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus
Frame ID: EA4088B4DA6AFFA50DFEBC690B14A22B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC4A249545F16FF0AAFBF49A3EF1F502
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fusa.kaspersky.com&site=45693676&env=prod
Frame ID: 8526C7BC9F15A0340D153B90970BFFDA
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1643114261526&loc=https%3A%2F%2Fusa.kaspersky.com
Frame ID: A793A1955AD2995C74D5EB9F073746A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zeus Virus | Zeus Trojan Malware | Zbot and Other Names | Kaspersky

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

115
Requests

90 %
HTTPS

32 %
IPv6

34
Domains

51
Subdomains

44
IPs

9
Countries

2590 kB
Transfer

6813 kB
Size

57
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.usa.kaspersky.com/checkout/add

Search URL Search Domain Scan URL

URL: https://app.appsflyer.com/com.kms.free?pid=klsite&c=usa_dp_trial
Title: GET IT ON GOOGLE PLAY

Search URL Search Domain Scan URL

URL: https://support.kaspersky.com/us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Kaspersky

Search URL Search Domain Scan URL

URL: https://twitter.com/kaspersky

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/kaspersky/

Search URL Search Domain Scan URL

URL: https://youtube.com/Kaspersky

Search URL Search Domain Scan URL

URL: https://instagram.com/kasperskylab

Search URL Search Domain Scan URL

URL: https://community.kaspersky.com/

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/web-privacy-policy/ccpa#optout
Title: Online Tracking Opt-Out Guide

Search URL Search Domain Scan URL

URL: https://latam.kaspersky.com/?ignoreredirects=true
Title: América Latina

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.br/?ignoreredirects=true
Title: Brasil

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ca/?ignoreredirects=true
Title: Canada

Search URL Search Domain Scan URL

URL: https://africa.kaspersky.com/?ignoreredirects=true
Title: Africa

Search URL Search Domain Scan URL

URL: https://afrique.kaspersky.com/
Title: Afrique Francophone

Search URL Search Domain Scan URL

URL: https://algerie.kaspersky.com/
Title: Algéria

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ma/
Title: Maroc

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.za/?ignoreredirects=true
Title: South Africa

Search URL Search Domain Scan URL

URL: https://www.kaspersky.tn/
Title: Tunisia

Search URL Search Domain Scan URL

URL: https://me-en.kaspersky.com/?ignoreredirects=true
Title: Middle East

Search URL Search Domain Scan URL

URL: https://me.kaspersky.com/?ignoreredirects=true
Title: الشرق الأوسط

Search URL Search Domain Scan URL

URL: https://www.kaspersky.be/?ignoreredirects=true
Title: Belgique & Luxembourg

Search URL Search Domain Scan URL

URL: https://www.kaspersky.dk/?ignoreredirects=true
Title: Danmark

Search URL Search Domain Scan URL

URL: https://www.kaspersky.de/?ignoreredirects=true
Title: Deutschland & Schweiz

Search URL Search Domain Scan URL

URL: https://www.kaspersky.es/?ignoreredirects=true
Title: España

Search URL Search Domain Scan URL

URL: https://www.kaspersky.fr/?ignoreredirects=true
Title: France

Search URL Search Domain Scan URL

URL: https://www.kaspersky.it/?ignoreredirects=true
Title: Italia & Svizzera

Search URL Search Domain Scan URL

URL: https://www.kaspersky.nl/?ignoreredirects=true
Title: Nederland

Search URL Search Domain Scan URL

URL: https://www.kaspersky.no/?ignoreredirects=true
Title: Norge

Search URL Search Domain Scan URL

URL: https://www.kaspersky.pt/?ignoreredirects=true
Title: Portugal

Search URL Search Domain Scan URL

URL: https://www.kaspersky.se/?ignoreredirects=true
Title: Sverige

Search URL Search Domain Scan URL

URL: https://www.kaspersky.fi/?ignoreredirects=true
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.uk/?ignoreredirects=true
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.kaspersky.cz/
Title: Česká republika

Search URL Search Domain Scan URL

URL: https://www.kaspersky.hu/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://www.kaspersky.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.kaspersky.rs/
Title: Srbija

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.tr/?ignoreredirects=true
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www.kaspersky.gr/
Title: Ελλάδα (Greece)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.bg/
Title: България (Bulgaria)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ru/?ignoreredirects=true
Title: Россия и Белару́сь (Russia & Belarus)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ua/
Title: Україна (Ukraine)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.au/?ignoreredirects=true
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.in/?ignoreredirects=true
Title: India

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.vn/
Title: Việt Nam

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.th/
Title: ไทย (Thailand)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.kr/
Title: 한국 (Korea)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.cn/?ignoreredirects=true
Title: 中国 (China)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.hk/
Title: 中国香港 (Hong Kong)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.tw/
Title: 中国台灣 (Taiwan)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.jp/
Title: 日本語 (Japan)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com/?ignoreredirects=true
Title: Global Website

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 54

https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523 HTTP 302
https://t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523

Request Chain 58

https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global HTTP 302
https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=5599052135977962006&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662313200076285

Request Chain 63

https://cm.everesttech.net/cm/dd?d_uuid=59728071409917141853838656426531454888 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye-vEwAAALWgdAP7

Request Chain 71

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_32677ea9-7744-4100-8313-bcea3ee704c2

Request Chain 72

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253DAOEPNR1%2526ao%253D0%2526pruuid%253D%2524%257BDD_UUID%257D%250A HTTP 302
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-f50806db-9dfe-4f79-833c-18bc7abf3943&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D HTTP 302
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=59728071409917141853838656426531454888

Request Chain 73

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1260&buid=aea70ce5-31e1-430d-ab64-1f3d999feada

Request Chain 74

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2F%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com//ecm3?ex=visualiq&id=0-542885f5-e90d-407d-a996-6f3d278d2fcf

Request Chain 75

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122508.135768705%253Bdc_trk_aid%253D308294997%253Bdc_trk_cid%253D72954675%253Bsz%253D1x1%253Bu%253D-https%25253A%25252F%25252Fusa.kaspersky.com%25252Fresource-center%25252Fthreats%25252Fzeus-virus%7CVIQ_%24%7BUUID%7D%7C%3Bord%3D6331138 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus%7CVIQ_0-60ba0001-eae0-4328-bca8-4402549471bf%7C;ord=6331138 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CLSflM71zPUCFdWFsgod8qAPcQ;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus%7CVIQ_0-60ba0001-eae0-4328-bca8-4402549471bf%7C;ord=6331138

Request Chain 77

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0 HTTP 302
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=fd3891bd-5502-4799-b8ce-9b76c7fcebb6&dpo=LDU&dpoco=0&dpost=0

Request Chain 81

https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus HTTP 302
https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus

Request Chain 89

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1643114259463%26url%3Dhttps%253A%252F%252Fusa.kaspersky.com%252Fresource-center%252Fthreats%252Fzeus-virus%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true&e_ipv6=AQKCSFaOfpvBlwAAAX6RPebNJ4fDNi_wZZTcqbsU23bvc7FB4YzIvNCFI2ACr-OcOMeBCjZ9aqRTihQ4nH6p2ECbfqhQkw

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zeus-virus Show response
usa.kaspersky.com/resource-center/threats/ 224 KB
49 KB 352ms
227ms Document
text/html 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

577ade1db7dd4005d0ce1e132504655446df9ffdd83d80b98699c28a692dc33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 25 Jan 2022 12:37:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
x-platform: repository
x-server: MSKTCMWEB12
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT
x-request-id: 811a186a438a816da87e94f6ba66b06c
x-proxy: msk1
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-cached: MISS
content-encoding: gzip

GET
H2 200 mmapi.js Show response
service.maxymiser.net/cdn/com.kaspersky/js/ 20 KB
7 KB 153ms
17ms Script
application/x-javascript 23.36.238.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-7.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 59cd7afa1fc8b7762fb5ae77a9c84278b96f3559d097274cd766bda573509dd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 08:32:45 GMT
server: AkamaiNetStorage
etag: "09870a1ec48f9cc2347e176bc55e5bcb:1623918767.047959"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7170

GET
H2 200 0b4f9d01d38e2b944f6f.css
usa.kaspersky.com/_next/static/css/ 22 KB
6 KB 67ms
65ms Stylesheet
text/css 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/css/0b4f9d01d38e2b944f6f.css

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

60f9b992130b179601e0710bac4742708f71e8df9fad48da085119afa560a9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 004376c46a8657e18a0eaadb7d8bd733
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"595a-17e672c46b0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 2fe343ddc21e509f4b31.css
usa.kaspersky.com/_next/static/css/ 132 KB
21 KB 121ms
118ms Stylesheet
text/css 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/css/2fe343ddc21e509f4b31.css

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

0735ee6c98acd32f3bd6949c7acf8ab1a51df4b8e623ad605ee1c421d18fe083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: eceff9a78a8d894e484a9d9898936beb
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"20f2a-17e672c46b0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 _app.js Show response
usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/ 401 KB
107 KB 121ms
119ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/_app.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

8258bc9ecc62e87fa9802e48956d2fcc86d1c95083219b41ea0e2d49ed767a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 69f4c4f017b159b1c4920e909f3ad4a3
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"64589-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 %5BarticleTitle%5D.js Show response
usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/resource-center/%5Bcategory%5D/ 1 MB
313 KB 121ms
119ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/resource-center/%5Bcategory%5D/%5BarticleTitle%5D.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

ab7db7060334c6b60bcbe42c911f90ce189506549d7c09802243c21d2a524a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 3ccea4e54421c6ace23c1acd487265dc
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"120998-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 webpack-1c5199ff66550d26e499.js Show response
usa.kaspersky.com/_next/static/runtime/ 1 KB
1 KB 115ms
114ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/runtime/webpack-1c5199ff66550d26e499.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: ba412c5c53d4b4a9a7a2a723a62d0591
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5fb-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 framework.619a4f70c1d4d3a29cbc.js Show response
usa.kaspersky.com/_next/static/chunks/ 126 KB
40 KB 120ms
118ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/chunks/framework.619a4f70c1d4d3a29cbc.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

ece9461b67448fd9efc75ad4bbf3c6a2f0d0aea477046e8822068aee283160d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 6887e5e0617ae21b30d04123d4d70693
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1f968-17e672c46b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 commons.e10f62e1d912a15c1c9c.js Show response
usa.kaspersky.com/_next/static/chunks/ 9 KB
4 KB 121ms
120ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/chunks/commons.e10f62e1d912a15c1c9c.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

7aaf4727a2b360e8504f0d6d610dcacaee9def6b26adb81756128a25fd462ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: a2670d99aa78b3738e4202a1334d1503
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"22b0-17e672c46b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 main-d5dab41907fa039833af.js Show response
usa.kaspersky.com/_next/static/runtime/ 41 KB
14 KB 120ms
119ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/runtime/main-d5dab41907fa039833af.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

e86f7686f9ed6a53e17a3b99796d79ca19a1478349004210abd3db4f170bdcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: c23355cda32afa7adb08d2cd9c2fc952
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a46d-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 29107295.f6a75533f44746ed893d.js Show response
usa.kaspersky.com/_next/static/chunks/ 70 KB
25 KB 124ms
123ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/chunks/29107295.f6a75533f44746ed893d.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

19714b127696958ae4ba21a02028b0ae5590727c08cd0658ada679ee61b0e1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 7ee1139718db069020c38c5cd245ee09
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"117b2-17e672c46b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 product-icon-security-cloud.png
usa.kaspersky.com/content/en-us/images/b2c/ 7 KB
8 KB 59ms
56ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/b2c/product-icon-security-cloud.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

b8f782217f076f4fc9f8dbb820ab2aa04a3af2a14246936feaa275e726cca97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7414
x-xss-protection: 1; mode=block
x-request-id: 4b977622be974b14bb234b1514f93451
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Jan 2021 18:55:36 GMT
server: nginx
x-cached: STALE
etag: "0c47381cbedd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK11
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 product-box-KTS.png
usa.kaspersky.com/content/en-us/images/b2c/ 4 KB
4 KB 149ms
146ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/b2c/product-box-KTS.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

45c6bd6da54a178e9b03bc8a637c25b133130346340554d22bf95028bd5f9b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4030
x-xss-protection: 1; mode=block
x-request-id: 8c075dcdd868ef2a00d6ddd6d4fff3ec
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 11:42:11 GMT
server: nginx
x-cached: STALE
etag: "80eb5e2de9c3d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK12
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 product-box-KISMD.png
usa.kaspersky.com/content/en-us/images/b2c/ 4 KB
4 KB 156ms
153ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/b2c/product-box-KISMD.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

bb65425245986103b4d8d71bdd7e403a074365190f0ab674702d5fa91dbc38c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4031
x-xss-protection: 1; mode=block
x-request-id: 5bb35917401b33aa4d1c1f4f119e38e9
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 09:13:21 GMT
server: nginx
x-cached: STALE
etag: "804effa986bd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK11
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 product-box-KISM.png
usa.kaspersky.com/content/en-us/images/ 3 KB
4 KB 159ms
156ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/product-box-KISM.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

f2094013499e7abe81e124144e0808db432fe02025ff4f2bd0049171c0a0c1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3455
x-xss-protection: 1; mode=block
x-request-id: 60ba93c07a075881bb6da921c13315b4
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 09:15:45 GMT
server: nginx
x-cached: HIT
etag: "80f6d3ff86bd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK12
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 Boxshot_KISA_2017_mini_140x199px.png
usa.kaspersky.com/content/en-us/images/ 6 KB
6 KB 163ms
160ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/Boxshot_KISA_2017_mini_140x199px.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

262b08c68dad3508f75a9e6ce95971857633b364c70ec303abf151340df35924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5945
x-xss-protection: 1; mode=block
x-request-id: 708893fb0deebe46fb56c83664eee5ba
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 09:15:13 GMT
server: nginx
x-cached: STALE
etag: "8026c1ec86bd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK9
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 product-box-KAV.png
usa.kaspersky.com/content/en-us/images/b2c/ 4 KB
4 KB 166ms
164ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/b2c/product-box-KAV.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

f2917aa9003a092a4a3de1b4fe5f3c704e03f75e7f1b4f21973ab5ff6065e55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4032
x-xss-protection: 1; mode=block
x-request-id: cb017e6e08313bdbdb2c7d13de66317b
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 09:13:21 GMT
server: nginx
x-cached: STALE
etag: "804effa986bd61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK9
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 496 KB
115 KB 73ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

559cdea2eee7916741bdd86ae0bdecfff092e3a884cba42274ce69855247ff09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117306
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 12:37:38 GMT

GET
H2 200 malware-img-68.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2017-images/ 149 KB
149 KB 203ms
200ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2017-images/malware-img-68.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

64cd3f93cf6921ad2a8718cca709c44d41919e3aa8c8354ded3b22322fa9065e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 152303
x-xss-protection: 1; mode=block
x-request-id: 2aa73625b728aaefffcfeff7c945f533
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Feb 2019 10:27:28 GMT
server: nginx
x-cached: MISS
etag: "068f6b786c3d41:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK11
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 logo.jpg
usa.kaspersky.com/content/en-us/images/homepage/ 8 KB
9 KB 169ms
167ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/homepage/logo.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

42da5645360f8148bbba20cf35c8be5fa929deac9d43062fd3b580827ce2a51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 8420
x-xss-protection: 1; mode=block
x-request-id: 4523d7c00ca4233c412adee732285a49
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Feb 2018 18:02:45 GMT
server: nginx
x-cached: STALE
etag: "8010b12c3eabd31:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK9
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 security-and-privacy-risks-of-ar-and-vr-1.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2021/ 40 KB
40 KB 174ms
171ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2021/security-and-privacy-risks-of-ar-and-vr-1.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

bd4641c201d76eae011cc3b1da2cb3cba9f07e9e5c064f37fab3dda7ce055f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 40867
x-xss-protection: 1; mode=block
x-request-id: 750286942caf890d65b46c7de6196a34
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 25 May 2021 13:50:55 GMT
server: nginx
x-cached: STALE
etag: "80c996fb6c51d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK10
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 ransomware-attacks-and-types.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2021/ 199 KB
200 KB 180ms
178ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2021/ransomware-attacks-and-types.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

c889fd7eaaf92befd3cdc722ab748d12802dece8e0df6e4fd22938b9f7ba3598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 204286
x-xss-protection: 1; mode=block
x-request-id: b6e49e9d0696ddd048beb785b20f8dd6
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 27 Apr 2021 07:25:13 GMT
server: nginx
x-cached: STALE
etag: "80d25076363bd71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK11
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 trickbot_image1_710x400px_300dpi.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2021/ 34 KB
35 KB 184ms
182ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2021/trickbot_image1_710x400px_300dpi.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

4f2897a105173fa28c7a9d8a2dec18fd0c8adec81ba3772a471f63587f6d3378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 35236
x-xss-protection: 1; mode=block
x-request-id: a7572288b73013ccc816d7733a821c5a
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Oct 2021 07:37:31 GMT
server: nginx
x-cached: STALE
etag: "806fb4dabbb9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK10
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 top_ransomware_attacks_1.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2021/ 335 KB
336 KB 255ms
253ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2021/top_ransomware_attacks_1.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

647add3da4c8d6e4e0fad11f0a0d53df3ef7ab621778d06ad4daa359d9145b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 342984
x-xss-protection: 1; mode=block
x-request-id: 3979c163e3d14f2561f2f4bbf37ea63c
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 26 Mar 2021 11:35:35 GMT
server: nginx
x-cached: STALE
etag: "801de8223422d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK12
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 types-of-malware-1.jpg
usa.kaspersky.com/content/en-us/images/repository/isc/2021/ 30 KB
30 KB 269ms
267ms Image
image/jpeg 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/isc/2021/types-of-malware-1.jpg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

111d8a6835fb4301f39ff644e0e163c071f9cb7fa432ad4f8678c5048e1caa79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 30700
x-xss-protection: 1; mode=block
x-request-id: 8445aa54c0556cc60baa2c7f76338203
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Nov 2021 08:49:24 GMT
server: nginx
x-cached: STALE
etag: "0428558d9e1d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=600
x-server: MSK11
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 KTS-trial-120x600-EN.png
usa.kaspersky.com/content/en-us/images/repository/ 35 KB
36 KB 275ms
273ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/content/en-us/images/repository/KTS-trial-120x600-EN.png

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

2fb3831e5dc54a7986aa5341f2fa6059eecf0e44de909aa24791f720c368d50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 36314
x-xss-protection: 1; mode=block
x-request-id: 33b56b63b2232cb6f445b4aa81e82023
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Apr 2020 11:39:29 GMT
server: nginx
x-cached: STALE
etag: "80ee2bd96319d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=600
x-server: MSK9
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 _buildManifest.js Show response
usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/ 1 KB
939 B 318ms
316ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/_buildManifest.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

c99bfe6da2e9383e42b49aa5fc16f2bf3dbb1f4096e5b8c11bc2d8261fcb4e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 768a4654412955102593fbfe1a55c192
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"42f-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 _ssgManifest.js Show response
usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/ 76 B
615 B 312ms
311ms Script
application/javascript 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/_ssgManifest.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 55c4c47a6951570000efa7d1cf1a2955
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4c-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 s_code_single_suite.js Show response
media.kaspersky.com/tracking/omniture/ 171 KB
48 KB 111ms
60ms Script
application/javascript 185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.85.15.23 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

ac63716a755cb58f9930d686c3e7fe419c1e6edbb8a50e4d6c9c4fda57ef6ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "0dd70fad011d81:0"
x-powered-by: Kaspersky Labs, Kaspersky Labs
content-length: 48974
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jan 2022 09:50:26 GMT
server
x-frame-options: SAMEORIGIN
date: Tue, 25 Jan 2022 12:37:37 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
x-server: fr1/MSK7
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 / Show response
service.maxymiser.net/cg/v5/ 69 KB
17 KB 25ms
25ms Script
text/javascript 23.36.238.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.maxymiser.net/cg/v5/?fv=dmn%3Dkaspersky.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fusa.kaspersky.com%252Fresource-center%252Fthreats%252Fzeus-virus%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.18&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=s

Requested by

Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.238.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-238-7.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b05cee14152e8be9b02666a35b78ac2fef8db446f4808597c76317bcdb8e4e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
strict-transport-security: max-age=1800
content-encoding: gzip
x-content-type-options: nosniff
last-modified: 01/25/2022 12:37:38
server: nginx
date: Tue, 25 Jan 2022 12:37:38 GMT
x-frame-options: SAMEORIGIN
p3p: CP="DEV IND NOI OTC OUR PSA PSD"
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-length: 17235
x-xss-protection: 1; mode=block
expires: Sun, 06 Jan 1980 01:00:00 GMT

GET
H2 200 mmpackage-1.25.js Show response
service.maxymiser.net/platform/eu/api/ 78 KB
24 KB 26ms
26ms Script
application/x-javascript 23.36.238.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/platform/eu/api/mmpackage-1.25.js
Requested by: Host: service.maxymiser.net
URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.238.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-238-7.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 12:06:19 GMT
server: AkamaiNetStorage
etag: "b9f18659b30ebfd24842a8cf31daa2ee:1597406783.793351"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24788

GET
DATA 200
OK truncated
/ 56 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c812505dac7d946ac523df1a3ac19e9e5b7161d299762c020b2c2677a43c3b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 kaspersky-logo-green.edf27003483d0ef42bafce0e295e6269.svg
usa.kaspersky.com/_next/static/media/ 3 KB
2 KB 304ms
304ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.kaspersky.com/_next/static/media/kaspersky-logo-green.edf27003483d0ef42bafce0e295e6269.svg

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/_next/static/css/2fe343ddc21e509f4b31.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

97f058586c1d1b08be01ab989c2fe48c6d45a1bbe853b286593cdebf98907cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/_next/static/css/2fe343ddc21e509f4b31.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cached: EXPIRED
x-request-id: 45c5ace7435fc7d76c314a4d754c8ab6
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d7c-17e672c5650"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=600
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
DATA 200
OK truncated
/ 389 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae3515054086be405f7626a8b9e42cb73788f028eebd9b2038c5d568b89350d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 museosans-300-webfont.woff2
usa.kaspersky.com/_next/static/fonts/museo-sans/ 11 KB
12 KB 295ms
294ms Font
font/woff2 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/fonts/museo-sans/museosans-300-webfont.woff2

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

dfff48fba10c55918711c4bc2868154379f6348c7facdcefca870d512877cc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Origin: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
content-length: 11716
x-cached: EXPIRED
x-request-id: ab4a1eaeafbd3b2b74f320a3ded6c368
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2dc4-17e672c46b0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 museosans-500-webfont.woff2
usa.kaspersky.com/_next/static/fonts/museo-sans/ 11 KB
12 KB 299ms
299ms Font
font/woff2 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/fonts/museo-sans/museosans-500-webfont.woff2

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

5c665a75ce13001a0bb6cab3ee959b2f043a672b615876000f764c912649d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Origin: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
content-length: 11728
x-cached: EXPIRED
x-request-id: eb92784f3d139ea05189e0228a84f3cf
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2dd0-17e672c46b0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 museosans-700-webfont.woff2
usa.kaspersky.com/_next/static/fonts/museo-sans/ 12 KB
12 KB 294ms
293ms Font
font/woff2 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/fonts/museo-sans/museosans-700-webfont.woff2

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

f7dab0061921848e572d8389f8bedb735dcfed05b4c3baef528d43284f16c190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Origin: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
content-length: 11852
x-cached: EXPIRED
x-request-id: 6903cb1d1c527ea59f3e80cfbb7774f2
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2e4c-17e672c46b0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 museoslab-500-webfont.woff2
usa.kaspersky.com/_next/static/fonts/museo-slab/ 13 KB
13 KB 295ms
295ms Font
font/woff2 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/fonts/museo-slab/museoslab-500-webfont.woff2

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

175e2018415e3e13c7a1a5aa5ad67ca4e0bf754489bbf35d2eeb647bcff4bf04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Origin: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
content-length: 13128
x-cached: EXPIRED
x-request-id: 4dfd58fd8f869cf8b4fe8112a9a68a1c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3348-17e672c46b0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 museosans-900-webfont.woff2
usa.kaspersky.com/_next/static/fonts/museo-sans/ 11 KB
12 KB 338ms
338ms Font
font/woff2 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://usa.kaspersky.com/_next/static/fonts/museo-sans/museosans-900-webfont.woff2

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx /

Resource Hash

42ac77b9dcbdd5babce87afde9b3dc5826a9144bbf3781f360ac697c885e0060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Origin: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:38 GMT
x-content-type-options: nosniff
content-length: 11476
x-cached: EXPIRED
x-request-id: 737bc4ed178976a4a6df2954960d74cf
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 08:34:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2cd4-17e672c46b0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 25 Jan 2022 12:47:38 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 57ms
16ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/resource-center/%5Bcategory%5D/%5BarticleTitle%5D.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f2d93058b573566d1970ee894c9b413b6982ac99938f76918e6b7aa109363285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 29614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 25 Jan 2022 04:24:05 GMT
content-length: 6078
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Dec 2021 17:08:35 GMT
server: AmazonS3
etag: "21f1d42b116ae864b665ab3c395f3e3e"
content-type: application/x-javascript
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 0ZWjdKt0ut2VqlmyJrUNzehSKLzrctyTjDVgOqU_5f9mnuqOAY55iA==

POST
H2 200 / Show response
api-router.kaspersky-labs.com/logger2/metrics/ 2 B
591 B 83ms
83ms XHR
text/plain 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://api-router.kaspersky-labs.com/logger2/metrics/

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/_next/static/s-XGBMNU8muxYUw1WU-3D/pages/resource-center/%5Bcategory%5D/%5BarticleTitle%5D.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

x-proxy: msk1
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
x-powered-by: Express
content-length: 2
x-xss-protection: 1; mode=block
x-request-id: e77ac4b8e1e5e981ed740f11cf7f40eb
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://usa.kaspersky.com
access-control-allow-headers: Content-Type

OPTIONS
H2 200 /
api-router.kaspersky-labs.com/logger2/metrics/ Frame 0
0 183ms
61ms Preflight
text/html 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://api-router.kaspersky-labs.com/logger2/metrics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Switzerland, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://usa.kaspersky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 25 Jan 2022 12:37:39 GMT
content-type: text/html; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: https://usa.kaspersky.com
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
allow: POST
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
x-request-id: d776207adb2095bdef54a30a9440eca3
x-proxy: msk1
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
102 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e409fa9e07033dae0a8f18b622dc384b77218ec4cf94af59575c5bb9d55b9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104758
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 161ms
42ms XHR
application/json 34.243.89.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1643114259037

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.89.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-89-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d24473901a107c5ed987832d86736def4ed253427f702db59cd5f4208572645f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v027-0faf5f5c7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: CEpIPY2RS/M=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://usa.kaspersky.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 312
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 2c47087421d0b.js Show response
t.contentsquare.net/uxa/ 307 KB
64 KB 81ms
25ms Script
application/javascript 18.64.79.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/2c47087421d0b.js
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-109.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 948e25467f3fd203e42fde7a02ec1f7b6971f8b277f918e54b47cddb786b7020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 25 Jan 2022 11:37:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 11:34:08 GMT
server: AmazonS3
age: 3612
etag: "3f27bd7e66d68721151d361640bc4aca"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 65367
x-amz-cf-id: ESIHq4Ejyh7MwhfxYY56vPK94_QEzaHFhJ2bLXgeCSCVbeexHX-Ezw==

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

38ms
38ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 383112
fly-request-id: 01FSX6G4BV26459PNH2WD5M7Q3
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d318dd8caf96927-FRA

Redirect headers

date: Tue, 25 Jan 2022 12:37:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSXAPQCR787H8XM1CH5RFGZ6
server: cloudflare
age: 378701
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d318dd8297a6927-FRA
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3765
date: Tue, 25 Jan 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 25 Jan 2022 13:34:54 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 302ms
77ms Script
application/x-javascript 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 12:37:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=53019
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 76ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:38 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8914FD8D1062422DBB84D67C0FA0FE1C Ref B: FRAEDGE1217 Ref C: 2022-01-25T12:37:39Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9582686

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

534b62c0b19e4904331062bcc7202a3f2c823b1d54333e78b3e262b304d29055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35830
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H/1.1 200
OK vt-131.js Show response
vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/ 20 KB
6 KB 90ms
27ms Script
application/x-javascript 65.9.61.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vt.myvisualiq.net/2/7hrBnrmZAM5n6cl1WjyOsg%3D%3D/vt-131.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65062d3b53a3009de2283222a9aa84951eec5ad9c77755d37fd7a855287ec6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 13:19:47 GMT
Content-Encoding: gzip
Age: 83873
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
Connection: keep-alive
x-amz-request-id: G6SD82WEVXEEN5N6
x-amz-id-2: bYfL+ZTQtzKDLYfO8vyJ2JCGAJsf/QsMeo1j26EvIvjEXyszDhR9+EQUt5vZm+OwfQ8GSxd/LYM=
access-control-allow-origin: *
Last-Modified: Fri, 26 Nov 2021 01:53:26 GMT
Server: AmazonS3
ETag: W/"bd83d0c3d56f809bbabb3e46847e1ba1"
Vary: Accept-Encoding
x-amz-version-id: kQhO5sDwY8ixC.dBV9az6eOTmD_gYCq_
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Content-Type: application/x-javascript
X-Amz-Cf-Id: hVwn1xnYtJbkrz7JGiYN7iGCqxhIra_vJdbC3t0lD4rMrTRUQqq4JQ==

GET
H2 200 A2336411-46c8-4f83-96b6-294966496d651.js Show response
d.impactradius-event.com/ 42 KB
13 KB 60ms
17ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2336411-46c8-4f83-96b6-294966496d651.js
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54e70b2e71dba6966f8bc2a07b9b9ed05a395cfc63373e8b00159c81ce9687b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:35:00 GMT
content-encoding: gzip
age: 159
x-guploader-uploadid: ADPycdtrw03sJkpUcDo9CunhuUoD-jJe-3NpQvhTlpQwGNV_Rt2OQcVvmPjHMwqH-_nLrcHscy2u8Yo7KB45HMvbmK-kBpQJJw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13182
last-modified: Wed, 15 Dec 2021 16:27:14 GMT
server: UploadServer
etag: "70b95d9e7d0cb07fe8bdf9eedb3a2beb"
vary: Accept-Encoding
x-goog-hash: crc32c=i7QEoA==, md5=cLldnn0MsH/ovfnu2zor6w==
x-goog-generation: 1639585634509920
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13182
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Tue, 25 Jan 2022 12:40:00 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 438ms
99ms Script
text/plain 34.199.207.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.207.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-207-17.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8197beade425ff2cc9267289cf9976d139ecb5aa79d9be72d44f777f8aa6666e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 12:37:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 07:47:32 GMT
Server: nginx
ETag: "61dfd914-dd8"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3544
X-XSS-Protection: 1; mode=block
Expires: Wed, 26 Jan 2022 12:37:39 GMT

GET
H2 200 deployment.js Show response
ove1.marketlinc.com/public/js/ 39 KB
8 KB 106ms
17ms Script
application/javascript 2600:9000:2057:2c00:17:2e54:9a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ove1.marketlinc.com/public/js/deployment.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2c00:17:2e54:9a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee9fbb51c7b51efda9f11867fce07256731088456c60cdaf3546394959806568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: TUj0jIj_ovwi0HsokFSXtc7jsEmiXEhe
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 19:12:02 GMT
server: AmazonS3
age: 16650
etag: W/"d02674a2bb7e8ad80d89de1dc6bb6f33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
date: Tue, 25 Jan 2022 08:22:11 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8tG8VvRus6WBaoob87z6v1I7LsRyRh6jB27XDd9lj9QzghRJMNwthA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 0Mvgr1p4lBbDqhmx+cDSU5usrM4PVH77NOSMwZ0zmJqVsqdPYVwHp1R1sBy4+ptcWHoziigIzERMxpUKUW2orw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Tue, 25 Jan 2022 12:37:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

activity_pixel
t.myvisualiq.net/ul_cb/
Redirect Chain

https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523
https://t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523

43 B
573 B

18ms
16ms

Image
image/gif

18.195.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523
Protocol: HTTP/1.1
Server: 18.195.250.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=548714907&u1=USA|ALL|Traffic&r=1669771523
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 rt.gif
jadserve.postrelease.com/ 43 B
428 B 519ms
163ms Image
image/gif 50.18.209.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/rt.gif?ntv_tg=CQAAAEAAAAsBACAA%3D%3D&gtmcb=1755029552
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.209.150 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-209-150.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=8338565433075.913;dc_seg=1048288955
pubads.g.doubleclick.net/activity;dc_iu=/4585/ 42 B
635 B 87ms
49ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/4585/DFPAudiencePixel;ord=8338565433075.913;dc_seg=1048288955?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity_pixel
t.myvisualiq.net/ 43 B
296 B 369ms
16ms Image
image/gif 18.195.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/activity_pixel?pt=i&et=a&ago=212&ao=537&px=278&ord=1566403518&u1=USA|ALL|Traffic&r=1079163119
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.250.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global
https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
https://a.tribalfusion.com/i.match?p=b26&u=5599052135977962006&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662313200076285

43 B
994 B

21ms
21ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662313200076285

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 12:37:40 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad8cf5ff-1bfa-4da4-994b-3962122ba835
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:40 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 164
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d318ddc1c7a90fa-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662313200076285
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1649d5fbb67c.js Show response
w.usabilla.com/ Frame A463 154 KB
19 KB 125ms
38ms Script
text/javascript 34.248.81.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/1649d5fbb67c.js?lv=1
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.81.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-81-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7e514fe47356ff339bedd39de463ba37db90d9ef6b1020b9e9ca56cb0a627348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "fd84117a22123af83b7099f568fb3a7f"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 18974

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RHQPYL96VR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8862261d427b09c41c5d68552687a0bafc3499f83dd34aeeaaf851af87de5394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62988
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H/1.1 200
OK dest5.html Show response
kaspersky.demdex.net/ Frame 7106 7 KB
3 KB 169ms
37ms Document
text/html 34.250.134.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kaspersky.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.134.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-134-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 25 Jan 2022 12:37:39 GMT
DCS: dcs-prod-irl1-2-v027-0b8f90721.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 19 Jan 2022 14:02:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: GGARRxPbQak=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
kaspersky.d3.sc.omtrdc.net/ 2 B
317 B 87ms
24ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=66814527371330144834260194144829886962&ts=1643114259216

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-jvrp8
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Ye-vEwAAALWgdAP7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=59728071409917141853838656426531454888
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye-vEwAAALWgdAP7

42 B
945 B

42ms
41ms

Image
image/gif

34.243.89.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye-vEwAAALWgdAP7

Protocol

HTTP/1.1

Server

34.243.89.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-89-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-0fa023e15.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CjacW/6gTDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye-vEwAAALWgdAP7
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
24ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244325030&t=pageview&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&dp=%2Fresource-center%2Fthreats%2Fzeus-virus&ul=en-us&de=UTF-8&dt=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=143953559&gjid=1828744799&cid=308547943.1643114259&tid=UA-63997723-24&_gid=191887306.1643114259&_r=1&gtm=2wg1o0WZ7LJ3&cd4=USD&cd10=&cd14=en_US&cd17=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&cd53=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd16=308547943.1643114259&z=1237922144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5039146.js Show response
bat.bing.com/p/action/ 0
112 B 41ms
41ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5039146.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 12:37:38 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 748DCF5D732F4F5E9CF333FB69656876 Ref B: FRAEDGE1217 Ref C: 2022-01-25T12:37:39Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5039146&Ver=2&mid=d3856838-b59c-495c-8bff-360b35270c07&sid=94fb52107ddb11ec9a4dd1b37cc2c2eb&vid=94fb88c07ddb11ecabe75da01fc106f3&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&p=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&r=&lt=1133&evt=pageLoad&msclkid=N&sv=1&rn=323020
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B70AFDE91462409DBD3BF8593D150F75 Ref B: FRAEDGE1217 Ref C: 2022-01-25T12:37:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 134ms
39ms Image
text/plain 54.76.34.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=2064&uu=367ef8e6-6e29-a99c-bae2-54ca0e7920d4&sn=1&lv=1643114259&lhd=1643114259&hd=1643114259&pn=1&dw=1600&dh=4270&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&uc=0&la=en-US&cvars=%7B%221%22%3A%5B%22Page%20Name%22%2C%22Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats%22%5D%7D&cvarp=%7B%221%22%3A%5B%22Page%20Name%22%2C%22Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats%22%5D%7D&v=11.9.3&r=298880
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.34.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-34-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3 200 839281392784015 Show response
connect.facebook.net/signals/config/ 494 KB
145 KB 35ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/839281392784015?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc65c1ffad7a97913d2f8cb1090dd6032f5195399ab272e6cd9eb607115953cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 148167
x-xss-protection: 0
pragma: public
x-fb-debug: Y0qeR7vbF1WfMiBZCNkovpKEdlz20FmF20Ss7zEhDT1pPhemqOpGadeacRSmrlPeLbMeKEVtRLakWwo0xz8eAw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 25 Jan 2022 12:37:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 72ms
24ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=143953559&gjid=1828744799&_gid=191887306.1643114259&_u=YEBAAEAAAAAAAC~&z=48061903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 25 Jan 2022 12:37:39 GMT
content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d5a6d019-b1ac-4ea5-a77d-12b0242e7e23
https://usa.kaspersky.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://usa.kaspersky.com/d5a6d019-b1ac-4ea5-a77d-12b0242e7e23
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5accb9c1606101e17c582132a77348b26b9c479b8c1f1248f12673b86429d44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 6435
Content-Type: application/javascript

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_32677ea9-7744-4100-8313-bcea3ee704c2

43 B
296 B

154ms
16ms

Image
image/gif

18.195.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_32677ea9-7744-4100-8313-bcea3ee704c2
Protocol: HTTP/1.1
Server: 18.195.250.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_32677ea9-7744-4100-8313-bcea3ee704c2
date: Tue, 25 Jan 2022 12:37:39 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&red=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D125310%26dpuuid%3D%24%7BUUID%7D%26redir%3Dhttps%253A%252F%252Ft.myvisualiq.net%252Fsync%253Fprid%253D...
https://dpm.demdex.net/ibs:dpid=125310&dpuuid=0-f50806db-9dfe-4f79-833c-18bc7abf3943&redir=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3DAOEPNR1%26ao%3D0%26pruuid%3D%24%7BDD_UUID%7D
https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=59728071409917141853838656426531454888

43 B
296 B

16ms
15ms

Image
image/gif

18.195.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=59728071409917141853838656426531454888
Protocol: HTTP/1.1
Server: 18.195.250.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v027-0e1375e85.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XobO+COWRqs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://t.myvisualiq.net/sync?prid=AOEPNR1&ao=0&pruuid=59728071409917141853838656426531454888
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
loadus.exelator.com/load/
Redirect Chain

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://loadus.exelator.com/load/?p=204&g=1260&buid=aea70ce5-31e1-430d-ab64-1f3d999feada

124 B
124 B

152ms
37ms

Image
application/x-javascript

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=1260&buid=aea70ce5-31e1-430d-ab64-1f3d999feada
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://loadus.exelator.com/load/?p=204&g=1260&buid=aea70ce5-31e1-430d-ab64-1f3d999feada

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com//
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2F%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com//ecm3?ex=visualiq&id=0-542885f5-e90d-407d-a996-6f3d278d2fcf

43 B
556 B

327ms
102ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com//ecm3?ex=visualiq&id=0-542885f5-e90d-407d-a996-6f3d278d2fcf

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 12:37:39 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DAVV75W7CYKHJY2WH2TC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com//ecm3?ex=visualiq&id=0-542885f5-e90d-407d-a996-6f3d278d2fcf

GET
H3

200

B10122508.135768705;dc_pre=CLSflM71zPUCFdWFsgod8qAPcQ;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus%7CVIQ_0-60ba0001-ea...
ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/
Redirect Chain

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%253A%252F%252Fad.doubleclick.net%252Fddm%252Ftrackimp%252FN408002.2426714VISUALIQ%252FB10122508.135768705%253Bdc_trk_aid%253D308294997%253Bdc_...
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2F...
https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CLSflM71zPUCFdWFsgod8qAPcQ;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky....

42 B
65 B

70ms
70ms

Image
image/gif

172.217.21.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CLSflM71zPUCFdWFsgod8qAPcQ;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus%7CVIQ_0-60ba0001-eae0-4328-bca8-4402549471bf%7C;ord=6331138

Protocol

Server

172.217.21.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra07s64-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N408002.2426714VISUALIQ/B10122508.135768705;dc_pre=CLSflM71zPUCFdWFsgod8qAPcQ;dc_trk_aid=308294997;dc_trk_cid=72954675;sz=1x1;u=-https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus%7CVIQ_0-60ba0001-eae0-4328-bca8-4402549471bf%7C;ord=6331138
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impression_pixel
t.myvisualiq.net/ 43 B
296 B 17ms
16ms Image
image/gif 18.195.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/impression_pixel?r=3267339&et=i&ago=212&ao=537&aca=-10&si=-10&ci=-10&pi=-10&ad=-10&advt=-10&chnl=-10&vndr=1583&sz=8951&u=|https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&pt=i
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.250.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-250-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D238727726635232%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0
https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=fd3891bd-5502-4799-b8ce-9b76c7fcebb6&dpo=LDU&dpoco=0&dpost=0

44 B
295 B

48ms
15ms

Image
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=fd3891bd-5502-4799-b8ce-9b76c7fcebb6&dpo=LDU&dpoco=0&dpost=0

Protocol

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 25 Jan 2022 12:37:39 GMT

Redirect headers

access-control-allow-origin: *
Date: Tue, 25 Jan 2022 12:37:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://www.facebook.com/tr?id=238727726635232&ev=PageView&cd[order_id]=fd3891bd-5502-4799-b8ce-9b76c7fcebb6&dpo=LDU&dpoco=0&dpost=0

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 38ms
37ms Image
text/plain 54.76.34.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=11.9.3&pid=2064&uu=367ef8e6-6e29-a99c-bae2-54ca0e7920d4&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6AdgA4AWcgRmIGYA2ZgJjvPOOsoH06zaozp1qbAKwBOJlJABfIA&r=461494
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.34.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-34-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 200 snippet.js Show response
ove1.marketlinc.com/public/js/ 2 KB
892 B 19ms
19ms Script
application/javascript 2600:9000:2057:2c00:17:2e54:9a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ove1.marketlinc.com/public/js/snippet.js?658016032
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2c00:17:2e54:9a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cab21cd92570cbeba315fea113ee5c06b3f6de012e2b32883901f322e7e09de9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Z_qDS1QNy44EquJbeFMQmTziH44PAbp8
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 16:54:32 GMT
server: AmazonS3
age: 33384
etag: W/"396f621f67cd000e69739996320fed61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
date: Tue, 25 Jan 2022 03:44:36 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: wdqt5l7xn5kvK7dKYQ0ccEMGs69-pQvm_OjvslJUfA8DzYgAjWj1Dg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 198ms
138ms Script
application/javascript 95.100.153.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq
Requested by: Host: usa.kaspersky.com
URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 9d32b741.29b9df62
date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-106-10.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-165.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 114,95.100.153.165
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=7, inner; dur=4
content-length: 34583
pragma: no-cache
server: nginx
x-tt-logid: 2022012512373901011300607104B62795
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.10
x-tt-trace-host: 0144da35583382f01da67818a34e5e4e18462d6a53880a596e4d760bd1282be0dba655d342c8d4f68d248250aa9b2ea5382d3510f0b81a3a7dadca02aa9493018fa5942e7f7c565df006281b35c4ae1f9788d144822ad82349f213df1efe221a67ba185d6d7e42925a37260d791631ef49
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H3

200

activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%... Show response
9582686.fls.doubleclick.net/ Frame EA40
Redirect Chain

https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-cente...
https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa....

585 B
441 B

127ms
70ms

Document
text/html

172.217.21.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.21.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra07s64-in-f166.1e100.net

Software

cafe /

Resource Hash

25566ed07b5ff1f8cdecce4f3fd2804992290c25cb4d0d7277f892d150f7ef42

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jan 2022 12:37:39 GMT
expires: Tue, 25 Jan 2022 12:37:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jan 2022 12:37:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activityi;register_conversion=1;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2F...
9582686.fls.doubleclick.net/ 0
0 64ms
58ms Image
text/html 172.217.21.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9582686.fls.doubleclick.net/activityi;register_conversion=1;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.21.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra07s64-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 84ms
42ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=143953559&_u=YEBAAEAAAAAAAC~&z=98753236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 158ms
59ms Image
image/gif 2a00:1450:400f:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=143953559&_u=YEBAAEAAAAAAAC~&z=98753236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 snippet.js Show response
visitor-scoring.marketlinc.com/public/js/ 5 KB
3 KB 435ms
101ms Script
text/plain 34.238.109.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring.marketlinc.com/public/js/snippet.js?viewId=112128204
Requested by: Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/snippet.js?658016032
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.109.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-109-52.compute-1.amazonaws.com
Software: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e103f511fd4575a0b9ac5b7a798959dd03c9c2eb158e2111ac26fe56c208d077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 12:37:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jan 2022 10:11:13 GMT
Server: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips
ETag: W/"5294-1643105473993"
Content-Type: text/plain
Cache-Control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2413
Expires: -1

GET
H2 200 genesys-cobrowse-snippet.js Show response
cdn.marketlinc.com/code/ 4 KB
2 KB 145ms
17ms Script
application/javascript 2600:9000:214f:de00:13:ed6c:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.marketlinc.com/code/genesys-cobrowse-snippet.js
Requested by: Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/snippet.js?658016032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:de00:13:ed6c:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b006338f0c403152e33a13f60f23863dbf3f6a5dbd7df80dda6c80f136674877

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 23:11:13 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 21:53:10 GMT
server: AmazonS3
age: 48387
etag: W/"af6f49baa0297b7f223838f1e30f6830"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: sCuD9e0Z0AGqCvUvM6Lduf87XuJPCXih
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 5ef7ym__Z5tfK-jkHnEk8VpKgAleNinAHp6d_HsQEEE4BWokhzIaNA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 23ms
22ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RHQPYL96VR&gtm=2oe1o0&_p=1244325030&sr=1600x1200&ul=en-us&cid=308547943.1643114259&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&dt=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&sid=1643114259&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.pageType=other&ep.businessType=b2c&ep.siteType=Default&ep.siteClass=Websites&ep.siteLocale=en-us&ep.pageName=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&ep.campaign=&ep.acCampaignId=&ep.omnitureVisitorId=66814527371330144834260194144829886962
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RHQPYL96VR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&rl=&if=false&ts=1643114259437&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643114259436.997112574&it=1643114259305&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1643114259463%26url%3Dhttps%253A%252F%252Fusa.kaspersky.com%252Fre...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true&e_ipv6=AQKCSFaOfpvBlwAAAX6RPebN...

0
155 B

367ms
156ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true&e_ipv6=AQKCSFaOfpvBlwAAAX6RPebNJ4fDNi_wZZTcqbsU23bvc7FB4YzIvNCFI2ACr-OcOMeBCjZ9aqRTihQ4nH6p2ECbfqhQkw
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: QQ9637aDzRbQNkEnbSsAAA==

Redirect headers

date: Tue, 25 Jan 2022 12:37:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B6CC046F5DC7408F8228DA9D1C1663AD Ref B: FRAEDGE1515 Ref C: 2022-01-25T12:37:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1643114259463&url=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&liSync=true&e_ipv6=AQKCSFaOfpvBlwAAAX6RPebNJ4fDNi_wZZTcqbsU23bvc7FB4YzIvNCFI2ACr-OcOMeBCjZ9aqRTihQ4nH6p2ECbfqhQkw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXWZ1nNWjTllN18sz9Oiw==

GET
H2 200 s08943578395356
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 43 B
220 B 25ms
25ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s08943578395356?AQB=1&ndh=1&pf=1&t=25%2F0%2F2022%2012%3A37%3A39%202%200&mid=66814527371330144834260194144829886962&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&g=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&cc=USD&ch=Home&server=usa.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&v9=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&c20=url&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20220125%3A285%3ANextGen%3Acorp-static&c31=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=en-us&v57=D%3Dc57&c58=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&v71=v1%3APage%20View%3A%5BNULL%5D&v113=66814527371330144834260194144829886962&v116=308547943.1643114259&v125=0.7847103662177048_1643114259039&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 26 Jan 2022 12:37:39 GMT
server: jag
xserver: anedge-cdfbd77b-55zsq
etag: 3528561004645253120-4619426729796018414
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 24 Jan 2022 12:37:39 GMT

GET
H2 200 dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=*;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=...
adservice.google.com/ddm/fls/z/ Frame EA40 42 B
494 B 93ms
53ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=*;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus

Requested by

Host: 9582686.fls.doubleclick.net
URL: https://9582686.fls.doubleclick.net/activityi;dc_pre=CKOljs71zPUCFRZKkQUd7n4F0Q;src=9582686;type=globalc;cat=globa0;ord=7539118510875;gtm=2od1o0;auiddc=1704481234.1643114259;u1=B2C;u2=en_US;u4=usa.kaspersky.com;u5=%2Fresource-center%2Fthreats%2Fzeus-virus;u6=;u7=undefined-undefined;u9=_resource-center_threats_zeus-virus;ps=1;~oref=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9582686.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 124ms
124ms Script
application/javascript 95.100.153.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 809c03b1.29b9e250
date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-110.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-165.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 94,95.100.153.165
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202201251237390101131351470DAAD0FF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,104.78.78.110
x-tt-trace-host: 0144da35583382f01da67818a34e5e4e18a38e82edf0361f9b729d82c2708a3ad9dcb46f61249e1f5f4157d0c9f05a43fb557be0a7fee10ad5d19cedddc9b3f353a8c9d9c3efe25720c3d55ff6893de65268297e63d6a5b346eb58d7e6c25a367425df7b0a11afe9cadfaf6e19c254f5f8
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 722 B
933 B 121ms
120ms Script
application/javascript 95.100.153.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1QRHFHLRI5O97LIAVQG&hostname=usa.kaspersky.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 888c0c86599cfca3d29403b34a3b3eb6b118985bf7da74532253766d38ded024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 29b9e2ea
date: Tue, 25 Jan 2022 12:37:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-165.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length: 326
pragma: no-cache
server: nginx
x-tt-logid: 2022012512373901011313504419B76700
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,95.100.153.165
x-tt-trace-host: 0144da35583382f01da67818a34e5e4e18a1c9579ec031622b0ab3e83794f314f8f51646df7a7249168749c6c54653a5da01cae545873f2d41e1435b9abed14bca35b07e19e3a820498e260687ad206588953430647d5b19dabce016f6d7ae673c
expires: Tue, 25 Jan 2022 12:37:39 GMT

GET
H2 200 jsapi-v1.js Show response
apps.mypurecloud.com/webchat/ 197 KB
54 KB 447ms
198ms Script
text/javascript 18.204.167.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/webchat/jsapi-v1.js

Requested by

Host: cdn.marketlinc.com
URL: https://cdn.marketlinc.com/code/genesys-cobrowse-snippet.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.167.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-167-233.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cc4e54ad634616d85953bbc4d344a399355aaa67e0d1ce43b42499566ef0a3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:40 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 04:05:22 GMT
server: nginx
x-amz-request-id: 3ASKHV21ZDYSBTD7
etag: "b0f1a40aa145ae8217ec4536247802f3"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 54633
x-amz-version-id: UQfQbrYKIUpEUGdhaiitIUpyL5xtkkyN
x-amz-id-2: gbmtVyKbnTZFl+5cw0tofjMdX+DWrQRPpdXUTTZieiJgbTII9KaitCOxRMNWVE/rXspnqkkQhSs=

GET
H/1.1 200
OK cobrowse-jsapi-v1.js Show response
cobrowse.mypurecloud.com/ 53 KB
53 KB 553ms
215ms Script
text/javascript 54.211.99.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cobrowse.mypurecloud.com/cobrowse-jsapi-v1.js?deploymentKey=b0lbaofzzNeJB1rp6MQefJRMTPI3JQvP
Requested by: Host: cdn.marketlinc.com
URL: https://cdn.marketlinc.com/code/genesys-cobrowse-snippet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.99.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-99-89.compute-1.amazonaws.com
Software: /
Resource Hash: b31bdb6d9d79c79835ee019b91489191535cca0576ef8ffe12ce287178a61087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 12:37:40 GMT
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/javascript

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AC4A 0
15 B 17ms
17ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://usa.kaspersky.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Response headers

content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 25 Jan 2022 12:37:39 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
710 B 121ms
120ms Ping
application/octet-stream 95.100.153.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2a9f4440.29b9e4da
date: Tue, 25 Jan 2022 12:37:40 GMT
x-cache-remote: TCP_MISS from a23-220-106-26.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-165.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 101,95.100.153.165
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=11, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012512374001011300607116A9917C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.106.26
x-tt-trace-host: 0144da35583382f01da67818a34e5e4e18462d6a53880a596e4d760bd1282be0db7fd25328ee220f87a8f8c1f72f93f348d53b33cc4bafc1a1f889beec2773fe87647ce45d8ec9d1f7264ac9b2523ccc7b6ac67be2273c20aa58bf8b4eb633cb015b062c16cf87213acebe1ef534db6cd8
expires: Tue, 25 Jan 2022 12:37:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 134ms
133ms Ping
application/octet-stream 95.100.153.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5864038a.29b9e4de
date: Tue, 25 Jan 2022 12:37:40 GMT
x-cache-remote: TCP_MISS from a104-78-78-111.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-165.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time: 111,95.100.153.165
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=16, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012512374001011313523304BAD4A3
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,104.78.78.111
x-tt-trace-host: 0144da35583382f01da67818a34e5e4e18a38e82edf0361f9b729d82c2708a3ad952cb7e3f033f4d3bd50e5e13c2bfffe38c6a800156e87a9132702caac8cea063e72721d3f7a2db4fc1607f858e0b4774c2240f2ff3c734ac034ed4236119ced6ec758f8d42f67b926a80c36c26f34083
expires: Tue, 25 Jan 2022 12:37:40 GMT

POST
H/1.1 200 visitor-scoring Show response
visitor-scoring.marketlinc.com/ 169 B
869 B 144ms
144ms XHR
application/json 34.238.109.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring.marketlinc.com/visitor-scoring
Requested by: Host: visitor-scoring.marketlinc.com
URL: https://visitor-scoring.marketlinc.com/public/js/snippet.js?viewId=112128204
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.109.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-109-52.compute-1.amazonaws.com
Software: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 918b47e43dba912a5896b63da0c2188e2ce7ffa11e7520828124d3dabf314093

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 25 Jan 2022 12:37:40 GMT
Content-Encoding: gzip
Server: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 156
Expires: -1

OPTIONS
H/1.1 200 visitor-scoring
visitor-scoring.marketlinc.com/ Frame 0
0 401ms
101ms Preflight 34.238.109.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring.marketlinc.com/visitor-scoring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.109.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-109-52.compute-1.amazonaws.com
Software: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://usa.kaspersky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Date: Tue, 25 Jan 2022 12:37:40 GMT
Server: Apache/2.4.51 (Amazon) OpenSSL/1.0.2k-fips
Content-Length: 0
Connection: keep-alive

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 213ms
29ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=45693676
Requested by: Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/deployment.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:40 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/ 266 KB
96 KB 59ms
58ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by: Host: ove1.marketlinc.com
URL: https://ove1.marketlinc.com/public/js/deployment.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: ff8134457874c6e964b9496bd40f86f916336505f28f80be566c055810b4b67d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:40 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/45693676/configuration/setting/accountproperties/ 6 KB
2 KB 149ms
62ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/45693676/configuration/setting/accountproperties/?cb=lpCb16494x33896
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: a20593808728baadac540299489cd4216d7c0a7819e55859d12970d006d92059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:41 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 25 Jan 2022 12:38:41 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/45693676/configuration/le-campaigns/ 2 KB
505 B 119ms
35ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/45693676/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: a1003eb701127cec668264584453aa02ccc8547ab7367365e3f44dfd7564fe2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:41 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Tue, 25 Jan 2022 12:38:41 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame 8526 39 KB
16 KB 109ms
26ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fusa.kaspersky.com&site=45693676&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Response headers

date: Tue, 25 Jan 2022 12:37:41 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 25 Jan 2022 12:47:41 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ 38 KB
15 KB 95ms
94ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fusa.kaspersky.com&site=45693676&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:41 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Tue, 25 Jan 2022 12:47:41 GMT

GET
H2 200 postmessage.min.html Show response
va.idp.liveperson.net/postmessage/ Frame A793 11 KB
5 KB 529ms
102ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1643114261526&loc=https%3A%2F%2Fusa.kaspersky.com
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.idp.liveperson.net
Software: ws /
Resource Hash: c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Response headers

date: Tue, 25 Jan 2022 12:37:42 GMT
content-type: text/html
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
etag: W/"5f2ff440-2a51"
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip

POST
H2 200 authorize Show response
va.idp.liveperson.net/api/account/45693676/anonymous/ Frame A793 678 B
1 KB 248ms
247ms XHR
application/json 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/api/account/45693676/anonymous/authorize?__d=30725

Requested by

Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1643114261526&loc=https%3A%2F%2Fusa.kaspersky.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

d097588c37cd462ffb27423804f4a05d11da20845601158c4afc10aa95ad0f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

LP-DOMAIN-REFERER: https://usa.kaspersky.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1643114261526&loc=https%3A%2F%2Fusa.kaspersky.com
X-Requested-With: XMLHttpRequest
LP-URL: https://usa.kaspersky.com/resource-center/threats/zeus-virus

Response headers

date: Tue, 25 Jan 2022 12:37:42 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://va.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 678

GET
H2 200 45693676 Show response
va.v.liveperson.net/api/js/ 240 B
1 KB 526ms
208ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/45693676?&cb=lpCb20830x91839&t=sp&ts=1643114261144&pid=2140287743&tid=241096915&pt=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&u=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%227f6446d4-f08a-4f23-a446-d4f08a1f23c2%22%2C%22account%22%3A%2245693676%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: bb1780f1573aa8579acc8801f790c39d7caca8876ba9cf5cbda582d93def4ba2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:42 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 45693676 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 108ms
107ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/45693676?sid=Mox6JvV_RJa6lzNiIhXB4w&cb=lpCb69350x61222&t=pl&ts=1643114262427&pid=2140287743&tid=241096915&vid=Q2N2M5N2UwMTI2NTMwNWEx
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/45693676/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 8d441244d917bb7c31744bd00f592f7867843df46a92482efc552ea74e85bae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:43 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 22ms
22ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244325030&t=event&ni=1&_s=1&dl=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&ul=en-us&de=UTF-8&dt=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Lift%20AI%20Score&ea=20-24&_u=YHDAAEABAAAAAC~&jid=122737529&gjid=1752208402&cid=308547943.1643114259&tid=UA-63997723-24&_gid=191887306.1643114259&_r=1&_slc=1&cd39=Q2N2M5N2UwMTI2NTMwNWEx%7CK9R0rQNnVImm2&cd52=K9R0rQNnVImm2&cd51=20-24&z=1777432693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s0727738229938
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 43 B
208 B 25ms
25ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s0727738229938?AQB=1&ndh=1&pf=1&t=25%2F0%2F2022%2012%3A37%3A43%202%200&mid=66814527371330144834260194144829886962&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&g=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&cc=USD&ch=Home&server=usa.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=Home%20%3E%20Home%20Security%20%3E%20Resource%20Center%20%3E%20Threats&v9=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&c20=url&c29=v1%3As_code_single_suite.js%3AtrackMarketLincVisitor%20%3E%20trackEvent%20%3E%20sng.tl%3Ao&c30=v1%3A20220125%3A285%3ANextGen%3Acorp-static&c31=https%3A%2F%2Fusa.kaspersky.com%2Fresource-center%2Fthreats%2Fzeus-virus&c47=Default&v47=D%3Dc47&v49=Q2N2M5N2UwMTI2NTMwNWEx%7CK9R0rQNnVImm2&c51=Websites&c57=en-us&v57=D%3Dc57&c58=Zeus%20Virus%20%7C%20Zeus%20Trojan%20Malware%20%7C%20Zbot%20and%20Other%20Names%20%7C%20Kaspersky&v71=v1%3AMarketLinc%20%3E%20Set%20Visitor%3A%7B%7D&v113=66814527371330144834260194144829886962&v116=308547943.1643114259&v125=0.7847103662177048_1643114259039&pe=lnk_o&pev2=Custom%20Event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&lrt=28&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 12:37:43 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 26 Jan 2022 12:37:43 GMT
server: jag
xserver: anedge-cdfbd77b-mh9gq
etag: 3528561012824178688-4619585385349517258
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 24 Jan 2022 12:37:43 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 47ms
23ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=122737529&gjid=1752208402&_gid=191887306.1643114259&_u=YHDAAEABAAAAAC~&z=470672102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 25 Jan 2022 12:37:43 GMT
content-type: text/plain
access-control-allow-origin: https://usa.kaspersky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 66ms
40ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=122737529&_u=YHDAAEABAAAAAC~&z=472750800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 119ms
60ms Image
image/gif 2a00:1450:400f:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-24&cid=308547943.1643114259&jid=122737529&_u=YHDAAEABAAAAAC~&z=472750800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://usa.kaspersky.com/resource-center/threats/zeus-virus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 12:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
usa.kaspersky.com/	1970-01-20 00:25:17	Name: country Value: DE
.kaspersky.com/	1970-01-20 09:10:50	Name: mmapi.p.pd Value: %22hoLWYy7uYLmvpE9PCMESWZmUVXd7emvVnm7rLAb_CAE%3D%7CAQAAAApDH4sIAAAAAAAEAGNhaO7QMaoXnZ7NwJxWlMgoxMDoxLBh_p4IRgbVnl0V_-_f9IDRDEDwHwoY2Fwyi1KTSxjrRRlB4mAAkwTRDAysDE9ZGBkEFFIZGda4pzEyTNDIZGSQ4sliZPADqmZ0BQBICqzSegAAAA%3D%3D%22
.kaspersky.com/	1970-01-20 00:25:14	Name: mmapi.p.bid Value: %22prodfracgeu10%22
.kaspersky.com/	1970-01-20 09:10:50	Name: mmapi.p.srv Value: %22prodfracgeu10%22
usa.kaspersky.com/	1970-01-20 00:25:17	Name: webserver_id Value: 634a71a2296dd024d84a7195b5d3ad77
.kaspersky.com/	1970-01-20 00:25:16	Name: _cs_mk Value: 0.7847103662177048_1643114259039
usa.kaspersky.com/	1970-01-21 00:25:14	Name: CookieConsent Value: {stamp:654332104=='\|Cnecessary:true\|Cpreferences:true\|Cstatistics:true\|Cmarketing:true\|Cver:1\|Cutc:1474528038\|Cregion:'not_gdpr'}
.demdex.net/	1970-01-20 04:44:26	Name: demdex Value: 59728071409917141853838656426531454888
.bing.com/	1970-01-20 09:46:50	Name: MUID Value: 097A524FAC646E0C08774378ADB66FD4
.kaspersky.com/	1969-12-31 23:59:59	Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg Value: 1
.kaspersky.com/	1970-01-20 00:26:40	Name: _gid Value: GA1.2.191887306.1643114259
.kaspersky.com/	1970-01-20 00:25:14	Name: _gat_UA-63997723-24 Value: 1
.kaspersky.com/	1969-12-31 23:59:59	Name: IR_gbd Value: kaspersky.com
.kaspersky.com/	1969-12-31 23:59:59	Name: IR_11660 Value: 1643114259235%7C0%7C1643114259235%7C%7C
.kaspersky.com/	1970-01-20 00:26:40	Name: _uetsid Value: 94fb52107ddb11ec9a4dd1b37cc2c2eb
.kaspersky.com/	1970-01-20 09:46:50	Name: _uetvid Value: 94fb88c07ddb11ecabe75da01fc106f3
.kaspersky.com/	1970-01-20 09:54:38	Name: _cs_c Value: 0
.kaspersky.com/	1970-01-20 09:54:38	Name: _cs_id Value: 367ef8e6-6e29-a99c-bae2-54ca0e7920d4.1643114259.1.1643114259.1643114259.1.1677278259294
.kaspersky.com/	1970-01-20 00:25:16	Name: _cs_s Value: 1.0.0.1643116059296
.kaspersky.com/	1970-01-20 02:34:50	Name: _gcl_au Value: 1.1.1704481234.1643114259
.everesttech.net/	1970-01-20 09:10:50	Name: everest_g_v2 Value: g_surferid~Ye-vEwAAALWgdAP7
.tapad.com/	1970-01-20 01:51:38	Name: TapAd_TS Value: 1643114259409
.tapad.com/	1970-01-20 01:51:38	Name: TapAd_DID Value: 32677ea9-7744-4100-8313-bcea3ee704c2
.dpm.demdex.net/	1970-01-20 04:44:26	Name: dpm Value: 59728071409917141853838656426531454888
.kaspersky.com/	1970-01-20 02:34:50	Name: _fbp Value: fb.1.1643114259436.997112574
.kaspersky.com/	1970-01-20 17:56:26	Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19018%7CMCMID%7C66814527371330144834260194144829886962%7CMCAAMLH-1643719059%7C6%7CMCAAMB-1643719059%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1643121459s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19025%7CvVersion%7C4.4.0
.kaspersky.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.myvisualiq.net/	1970-01-20 17:56:26	Name: c Value: 1643114259
.myvisualiq.net/	1970-01-20 17:56:26	Name: tuuid_lu Value: 1643114259
.myvisualiq.net/	1970-01-20 17:56:26	Name: tuuid Value: aea70ce5-31e1-430d-ab64-1f3d999feada
.doubleclick.net/	1970-01-20 09:46:50	Name: IDE Value: AHWqTUlGZ9SX3I9pnhw86AOifWGFbCe_UBeNmA34Ufv2AZpRbXojcLMx2SEopY0j8v4
.postrelease.com/	1970-01-20 09:10:50	Name: opt_out Value: 1
.adnxs.com/	1970-01-20 02:34:50	Name: uuid2 Value: 5599052135977962006
.linkedin.com/	1970-01-20 01:08:26	Name: UserMatchHistory Value: AQJgb9VEuRPVGwAAAX6RPeV-feRk-viNtasSr0srqCipzpfc3VS_YH4UVN4l6S6iovPVREtxBjGW0g
.linkedin.com/	1970-01-20 01:08:26	Name: AnalyticsSyncHistory Value: AQLt8N-N8kYiFgAAAX6RPeV-vHB9hhoWUlx3P3SX_Y8Evnel_7ipmOpDAYphU9SGS8ikjjGyREckGq9KPkha-w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:57:08	Name: bcookie Value: "v=2&209cce46-f1ed-4dc1-83e0-19747a2c1b49"
.linkedin.com/	1970-01-20 00:26:40	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2262:u=1:x=1:i=1643114259:t=1643200659:v=2:sig=AQHxulIPHiDqgf2CEvXQJTjN6WqOyWXG"
.tribalfusion.com/	1970-01-20 02:34:50	Name: ANON_ID Value: a7nteZbwyEodpuMNpbZaUv8RgWUZcZcNkrmaKkqdPcjUoCe2dsUPa5xBucwJpNT65xnHrrLMUbWZbGsuJTny9FwY3PDmp38s8PaDw
.adnxs.com/	1970-01-20 02:34:50	Name: anj Value: dTM7k!M4/YEVNsVF']wIg2GTthn<<U!]tbPl1Mis([?psUadBmN`ut5VCAgN_(xXlN`v55OwQpTLn-bs/X%W#.wL4W1Qw2'Za.Sb
visitor-scoring.marketlinc.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 174DE9310AF5C61C2425BB1123D5603B0E5ED662172448B86ADA0143B707BB1DAE789CE1AAC3939B545FBB4BE7AD8FB1D7DB12821E7A6800E376969814AEEED68A8128E85C
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:57:08	Name: bscookie Value: "v=1&202201251237399ab776ae-4687-424e-834e-692157719840AQGCSlf_WJESImIkN1_twny8pbg6fcE4"
.linkedin.com/	1970-01-20 17:39:42	Name: li_gc Value: MTswOzE2NDMxMTQyNTk7MjswMjETB5H+te52q237QnxWWEm1/2DFQrh6AvJSGGCyMI4cLA==
.kaspersky.com/	1970-01-23 16:01:14	Name: vs_vid Value: K9R0rQNnVImm2
.kaspersky.com/	1969-12-31 23:59:59	Name: vs_vfs Value: 1
.kaspersky.com/	1969-12-31 23:59:59	Name: vs_sid Value: wADv2LdWRSOV
.kaspersky.com/	1969-12-31 23:59:59	Name: vs_conv_ai Value: 20-24
.kaspersky.com/	1969-12-31 23:59:59	Name: vs_lift_ai Value: 45-49
.kaspersky.com/	1970-01-20 09:10:50	Name: LPVID Value: Q2N2M5N2UwMTI2NTMwNWEx
.kaspersky.com/	1969-12-31 23:59:59	Name: LPSID-45693676 Value: Mox6JvV_RJa6lzNiIhXB4w
.kaspersky.com/	1970-01-20 17:56:26	Name: _ga Value: GA1.2.308547943.1643114259
.kaspersky.com/	1970-01-23 14:49:14	Name: lae_vid Value: Q2N2M5N2UwMTI2NTMwNWEx
.kaspersky.com/	1970-01-20 00:25:14	Name: _gat_mlGATracker Value: 1
.kaspersky.com/	1970-01-20 17:56:26	Name: _ga_RHQPYL96VR Value: GS1.1.1643114259.1.0.1643114263.0
.kaspersky.com/	1969-12-31 23:59:59	Name: ml_language Value: en
.kaspersky.com/	1970-01-20 01:08:26	Name: _ml_random Value: 43

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/cg/v5/?fv=dmn%3Dkaspersky.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fusa.kaspersky.com%252Fresource-center%252Fthreats%252Fzeus-virus%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.18&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/cg/v5/?fv=dmn%3Dkaspersky.com%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fusa.kaspersky.com%252Fresource-center%252Fthreats%252Fzeus-virus%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.18&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=0&jrt=s, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/platform/eu/api/mmpackage-1.25.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://service.maxymiser.net/cdn/com.kaspersky/js/mmapi.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://service.maxymiser.net/platform/eu/api/mmpackage-1.25.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9582686.fls.doubleclick.net
a.tribalfusion.com
accdn.lpsnmedia.net
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api-router.kaspersky-labs.com
apps.mypurecloud.com
bat.bing.com
c.contentsquare.net
cdn.marketlinc.com
cm.everesttech.net
cobrowse.mypurecloud.com
connect.facebook.net
d.impactradius-event.com
dpm.demdex.net
ib.adnxs.com
jadserve.postrelease.com
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
loadus.exelator.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
media.kaspersky.com
ove1.marketlinc.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
resources.xg4ken.com
s.amazon-adsystem.com
s.tribalfusion.com
service.maxymiser.net
snap.licdn.com
stats.g.doubleclick.net
t.contentsquare.net
t.myvisualiq.net
tapestry.tapad.com
unpkg.com
usa.kaspersky.com
va.idp.liveperson.net
va.v.liveperson.net
visitor-scoring.marketlinc.com
vt.myvisualiq.net
w.usabilla.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
108.174.10.14
142.250.181.226
15.236.176.210
172.217.21.166
178.249.97.23
178.249.97.98
178.249.97.99
18.195.250.85
18.204.167.233
18.64.79.109
185.33.221.90
185.85.15.23
208.89.12.87
208.89.15.170
209.54.180.144
23.36.238.7
2600:9000:2057:2c00:17:2e54:9a00:93a1
2600:9000:214f:de00:13:ed6c:11c0:93a1
2606:4700::6810:7caf
2606:4700::6812:c05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2004
2a00:1450:400c:c08::9c
2a00:1450:400f:801::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
34.199.207.17
34.238.109.52
34.243.89.47
34.248.81.51
34.250.134.201
34.254.143.3
35.186.249.72
35.227.248.159
50.18.209.150
52.222.236.107
54.211.99.89
54.75.68.230
54.76.34.70
65.9.61.33
77.74.178.40
95.100.153.169
0735ee6c98acd32f3bd6949c7acf8ab1a51df4b8e623ad605ee1c421d18fe083
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111d8a6835fb4301f39ff644e0e163c071f9cb7fa432ad4f8678c5048e1caa79
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
175e2018415e3e13c7a1a5aa5ad67ca4e0bf754489bbf35d2eeb647bcff4bf04
19714b127696958ae4ba21a02028b0ae5590727c08cd0658ada679ee61b0e1f1
1c812505dac7d946ac523df1a3ac19e9e5b7161d299762c020b2c2677a43c3b8
1e409fa9e07033dae0a8f18b622dc384b77218ec4cf94af59575c5bb9d55b9ff
25566ed07b5ff1f8cdecce4f3fd2804992290c25cb4d0d7277f892d150f7ef42
262b08c68dad3508f75a9e6ce95971857633b364c70ec303abf151340df35924
2fb3831e5dc54a7986aa5341f2fa6059eecf0e44de909aa24791f720c368d50c
42ac77b9dcbdd5babce87afde9b3dc5826a9144bbf3781f360ac697c885e0060
42da5645360f8148bbba20cf35c8be5fa929deac9d43062fd3b580827ce2a51a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c6bd6da54a178e9b03bc8a637c25b133130346340554d22bf95028bd5f9b1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f2897a105173fa28c7a9d8a2dec18fd0c8adec81ba3772a471f63587f6d3378
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
534b62c0b19e4904331062bcc7202a3f2c823b1d54333e78b3e262b304d29055
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e70b2e71dba6966f8bc2a07b9b9ed05a395cfc63373e8b00159c81ce9687b2
559cdea2eee7916741bdd86ae0bdecfff092e3a884cba42274ce69855247ff09
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577ade1db7dd4005d0ce1e132504655446df9ffdd83d80b98699c28a692dc33f
59cd7afa1fc8b7762fb5ae77a9c84278b96f3559d097274cd766bda573509dd6
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5c665a75ce13001a0bb6cab3ee959b2f043a672b615876000f764c912649d3ed
60f9b992130b179601e0710bac4742708f71e8df9fad48da085119afa560a9ae
647add3da4c8d6e4e0fad11f0a0d53df3ef7ab621778d06ad4daa359d9145b5c
64cd3f93cf6921ad2a8718cca709c44d41919e3aa8c8354ded3b22322fa9065e
65062d3b53a3009de2283222a9aa84951eec5ad9c77755d37fd7a855287ec6dd
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
7aaf4727a2b360e8504f0d6d610dcacaee9def6b26adb81756128a25fd462ff3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e514fe47356ff339bedd39de463ba37db90d9ef6b1020b9e9ca56cb0a627348
8197beade425ff2cc9267289cf9976d139ecb5aa79d9be72d44f777f8aa6666e
8258bc9ecc62e87fa9802e48956d2fcc86d1c95083219b41ea0e2d49ed767a36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8862261d427b09c41c5d68552687a0bafc3499f83dd34aeeaaf851af87de5394
888c0c86599cfca3d29403b34a3b3eb6b118985bf7da74532253766d38ded024
8d441244d917bb7c31744bd00f592f7867843df46a92482efc552ea74e85bae2
918b47e43dba912a5896b63da0c2188e2ce7ffa11e7520828124d3dabf314093
948e25467f3fd203e42fde7a02ec1f7b6971f8b277f918e54b47cddb786b7020
97f058586c1d1b08be01ab989c2fe48c6d45a1bbe853b286593cdebf98907cd0
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1003eb701127cec668264584453aa02ccc8547ab7367365e3f44dfd7564fe2e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a20593808728baadac540299489cd4216d7c0a7819e55859d12970d006d92059
ab7db7060334c6b60bcbe42c911f90ce189506549d7c09802243c21d2a524a0a
ac63716a755cb58f9930d686c3e7fe419c1e6edbb8a50e4d6c9c4fda57ef6ce6
ae3515054086be405f7626a8b9e42cb73788f028eebd9b2038c5d568b89350d4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
b006338f0c403152e33a13f60f23863dbf3f6a5dbd7df80dda6c80f136674877
b05cee14152e8be9b02666a35b78ac2fef8db446f4808597c76317bcdb8e4e7d
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b31bdb6d9d79c79835ee019b91489191535cca0576ef8ffe12ce287178a61087
b8f782217f076f4fc9f8dbb820ab2aa04a3af2a14246936feaa275e726cca97e
bb1780f1573aa8579acc8801f790c39d7caca8876ba9cf5cbda582d93def4ba2
bb65425245986103b4d8d71bdd7e403a074365190f0ab674702d5fa91dbc38c0
bc65c1ffad7a97913d2f8cb1090dd6032f5195399ab272e6cd9eb607115953cf
bd4641c201d76eae011cc3b1da2cb3cba9f07e9e5c064f37fab3dda7ce055f62
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c889fd7eaaf92befd3cdc722ab748d12802dece8e0df6e4fd22938b9f7ba3598
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c99bfe6da2e9383e42b49aa5fc16f2bf3dbb1f4096e5b8c11bc2d8261fcb4e1d
cab21cd92570cbeba315fea113ee5c06b3f6de012e2b32883901f322e7e09de9
cc4e54ad634616d85953bbc4d344a399355aaa67e0d1ce43b42499566ef0a3f4
d097588c37cd462ffb27423804f4a05d11da20845601158c4afc10aa95ad0f4b
d24473901a107c5ed987832d86736def4ed253427f702db59cd5f4208572645f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
dfff48fba10c55918711c4bc2868154379f6348c7facdcefca870d512877cc11
e103f511fd4575a0b9ac5b7a798959dd03c9c2eb158e2111ac26fe56c208d077
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86f7686f9ed6a53e17a3b99796d79ca19a1478349004210abd3db4f170bdcc8
e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b
ece9461b67448fd9efc75ad4bbf3c6a2f0d0aea477046e8822068aee283160d6
ee9fbb51c7b51efda9f11867fce07256731088456c60cdaf3546394959806568
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2094013499e7abe81e124144e0808db432fe02025ff4f2bd0049171c0a0c1f7
f2917aa9003a092a4a3de1b4fe5f3c704e03f75e7f1b4f21973ab5ff6065e55e
f2d93058b573566d1970ee894c9b413b6982ac99938f76918e6b7aa109363285
f5accb9c1606101e17c582132a77348b26b9c479b8c1f1248f12673b86429d44
f7dab0061921848e572d8389f8bedb735dcfed05b4c3baef528d43284f16c190
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff8134457874c6e964b9496bd40f86f916336505f28f80be566c055810b4b67d

usa.kaspersky.com Open in urlscan Pro 77.74.178.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

90 %HTTPS

32 %IPv6

34 Domains

51 Subdomains

44 IPs

9 Countries

2590 kBTransfer

6813 kBSize

57 Cookies

53 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usa.kaspersky.com Open in urlscan Pro
77.74.178.40 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

90 %
HTTPS

32 %
IPv6

34
Domains

51
Subdomains

44
IPs

9
Countries

2590 kB
Transfer

6813 kB
Size

57
Cookies

115 HTTP transactions
2 data transactions