Submitted URL: http://shadowhammer.kaspersky.com/
Effective URL: https://shadowhammer.kaspersky.com/
Submission: On March 26 via manual from US

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 52.30.83.11, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is shadowhammer.kaspersky.com.
TLS certificate: Issued by Thawte RSA CA 2018 on March 25th 2019. Valid for: a year.
This is the only time shadowhammer.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 52.30.83.11 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.85.15.23 200107 (KL-EXT)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.31.211.225 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.77.130.155 16509 (AMAZON-02)
2 172.82.228.18 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
29 10
Domain Requested by
16 shadowhammer.kaspersky.com 1 redirects shadowhammer.kaspersky.com
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
shadowhammer.kaspersky.com
2 connect.facebook.net shadowhammer.kaspersky.com
connect.facebook.net
2 dpm.demdex.net media.kaspersky.com
shadowhammer.kaspersky.com
2 www.google-analytics.com www.googletagmanager.com
shadowhammer.kaspersky.com
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net media.kaspersky.com
1 www.facebook.com shadowhammer.kaspersky.com
1 media.kaspersky.com shadowhammer.kaspersky.com
1 www.googletagmanager.com shadowhammer.kaspersky.com
0 cx.atdmt.com Failed
29 11

This site contains links to these domains. Also see Links.

Domain
securelist.com
www.kaspersky.com
Subject Issuer Validity Valid
shadowhammer.kaspersky.com
Thawte RSA CA 2018
2019-03-25 -
2020-03-24
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
media.kaspersky.com
Thawte RSA CA 2018
2018-05-28 -
2019-06-27
a year crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2016-05-04 -
2019-05-23
3 years crt.sh

This page contains 2 frames:

Primary Page: https://shadowhammer.kaspersky.com/
Frame ID: D150A84D04C21A22CA27FADBB600A97B
Requests: 28 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: EEC72B903E255A6F6E2376B1A88F9713
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://shadowhammer.kaspersky.com/ HTTP 301
    https://shadowhammer.kaspersky.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

29
Requests

93 %
HTTPS

40 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

625 kB
Transfer

1093 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shadowhammer.kaspersky.com/ HTTP 301
    https://shadowhammer.kaspersky.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://cm.everesttech.net/cm/dd?d_uuid=84821730878976327883833641381494065948 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XJpnKgAAEVCtJjx0

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
shadowhammer.kaspersky.com/
Redirect Chain
  • http://shadowhammer.kaspersky.com/
  • https://shadowhammer.kaspersky.com/
6 KB
3 KB
Document
General
Full URL
https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
816cb3199d6076e463e46ca6fa9b137dde8731a5844c2a5f0fb65469fa5ddd1d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
shadowhammer.kaspersky.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 26 Mar 2019 17:53:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 26 Mar 2019 17:53:45 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://shadowhammer.kaspersky.com/
X-Frame-Options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
63 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-61587331-55
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
11e726076fccbf4acb36ec4d8e2922e6e1832a602f39506a6ca4e2f3428f1dc7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2019 17:05:14 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24780
x-xss-protection
0
expires
Tue, 26 Mar 2019 17:53:45 GMT
style.css
shadowhammer.kaspersky.com/
63 KB
9 KB
Stylesheet
General
Full URL
https://shadowhammer.kaspersky.com/style.css?v=2
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e68461c3abf919949941f2595106ff2acd4783f77cd48dde23caae208092fe12

Request headers

:path
/style.css?v=2
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Mon, 25 Mar 2019 17:10:03 GMT
server
nginx
etag
W/"5c990b6b-fcf7"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=8640000, public
alert_text.js
shadowhammer.kaspersky.com/gdpr/en-gl/
418 B
484 B
Script
General
Full URL
https://shadowhammer.kaspersky.com/gdpr/en-gl/alert_text.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1b88d0415a46b95e0f98b4fc507228adf846ff2f7b2ac4972c67e899f2c21988

Request headers

:path
/gdpr/en-gl/alert_text.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Mon, 25 Mar 2019 11:25:04 GMT
server
nginx
etag
W/"5c98ba90-1a2"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000, public
alert.js
shadowhammer.kaspersky.com/gdpr/
5 KB
2 KB
Script
General
Full URL
https://shadowhammer.kaspersky.com/gdpr/alert.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1b107799c6b78a5f6f05b5a2858bb8a73ba4c9fb0237c6cf64ec26d08b8b9165

Request headers

:path
/gdpr/alert.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Mon, 25 Mar 2019 11:25:04 GMT
server
nginx
etag
W/"5c98ba90-1500"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000, public
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/
148 KB
42 KB
Script
General
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.85.15.23 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
/ Kaspersky Labs Kaspersky Labs
Resource Hash
806ac6da503b30d8853d3fbfd3aca05c0107bf3033053190fbd9380e20baa691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/tracking/omniture/s_code_single_suite.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
media.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"0cca5d8fbe2d41:0"
x-powered-by
Kaspersky Labs Kaspersky Labs
status
200
content-length
42247
x-xss-protection
1; mode=block
last-modified
Mon, 25 Mar 2019 11:14:00 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 26 Mar 2019 17:53:44 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr1/FRA3
accept-ranges
bytes
x-content-type-options
nosniff
jquery.min.js
shadowhammer.kaspersky.com/
85 KB
30 KB
Script
General
Full URL
https://shadowhammer.kaspersky.com/jquery.min.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

:path
/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 16:01:06 GMT
server
nginx
etag
W/"5c9506c2-1538e"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000, public
jquery.maskedinput.min.js
shadowhammer.kaspersky.com/
4 KB
2 KB
Script
General
Full URL
https://shadowhammer.kaspersky.com/jquery.maskedinput.min.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

Request headers

:path
/jquery.maskedinput.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 16:01:06 GMT
server
nginx
etag
W/"5c9506c2-10e4"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000, public
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-61587331-55
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
409
date
Tue, 26 Mar 2019 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 26 Mar 2019 19:46:56 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=980236314&t=pageview&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=383430364&gjid=798913542&cid=2081152860.1553622826&tid=UA-61587331-55&_gid=1262861644.1553622826&_r=1&gtm=2ou3i1&z=898498513
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Mar 2019 17:53:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/
368 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1553622825825
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.211.225 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-211-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
03f51639d8908bce6611561122cfe35f836a9b28deacb26ea9b9d62a209a9a97

Request headers

Referer
https://shadowhammer.kaspersky.com/
Origin
https://shadowhammer.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v025-0d616dc46.edge-irl1.demdex.com 5.50.0.20190319164038 4ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
gAH4MkLpQYw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://shadowhammer.kaspersky.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
52 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15216
x-xss-protection
0
pragma
public
x-fb-debug
HItLQ3gPSSyEqSFCZ2rNui63foSaxUC/c0W1wi1c5mCRvjuCKNrlbf8SyUSY0ix9PZjXkit1hQO8L/VtZGkJaw==
date
Tue, 26 Mar 2019 17:53:45 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Page1.png
shadowhammer.kaspersky.com/shadow/dekstop/
19 KB
20 KB
Image
General
Full URL
https://shadowhammer.kaspersky.com/shadow/dekstop/Page1.png
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91ac3ef819699299040311f5f9d63415fbf19688df9a326d369a873873bbbf1d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/shadow/dekstop/Page1.png
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-4bc3"
content-type
image/png
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
19395
expires
Thu, 31 Dec 2037 23:55:55 GMT
Logo_kaspersky_white.svg
shadowhammer.kaspersky.com/icons/
6 KB
3 KB
Image
General
Full URL
https://shadowhammer.kaspersky.com/icons/Logo_kaspersky_white.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
52f61cfa9b063d74ca4654a5f8b51b74feca3b380791bd8d96145415136cde76
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/icons/Logo_kaspersky_white.svg
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
W/"5c93a438-1782"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
expires
Thu, 31 Dec 2037 23:55:55 GMT
exclamation.svg
shadowhammer.kaspersky.com/icons/
701 B
1 KB
Image
General
Full URL
https://shadowhammer.kaspersky.com/icons/exclamation.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91ddba821cdaaf11fc3b1fc1427fe1d25b7a61fd67e64601964c5ec24ce611c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/icons/exclamation.svg
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
W/"5c93a438-2bd"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
expires
Thu, 31 Dec 2037 23:55:55 GMT
Logo_kaspersky_color.svg
shadowhammer.kaspersky.com/icons/
13 KB
4 KB
Image
General
Full URL
https://shadowhammer.kaspersky.com/icons/Logo_kaspersky_color.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3710ef961a666de16cde821ab0bbaa6bb5b94802e11fffd3b242f4cc675000f0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/icons/Logo_kaspersky_color.svg
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
W/"5c93a438-3447"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
expires
Thu, 31 Dec 2037 23:55:55 GMT
MuseoSansCyrl-500.otf
shadowhammer.kaspersky.com/fonts/
104 KB
105 KB
Font
General
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-500.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d5a600b788e00dc9a494d22cc2f4f5b6a6bcde4e3812202699ab737ef2e85b1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/fonts/MuseoSansCyrl-500.otf
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
origin
https://shadowhammer.kaspersky.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Origin
https://shadowhammer.kaspersky.com

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-1a07c"
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
106620
expires
Thu, 31 Dec 2037 23:55:55 GMT
MuseoSansCyrl-100.otf
shadowhammer.kaspersky.com/fonts/
101 KB
102 KB
Font
General
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-100.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31fd609600e422dcc28a340d5b31973a2a353db5c10f468a58cab71aefdf60c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/fonts/MuseoSansCyrl-100.otf
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
origin
https://shadowhammer.kaspersky.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Origin
https://shadowhammer.kaspersky.com

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-19534"
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
103732
expires
Thu, 31 Dec 2037 23:55:55 GMT
MuseoSansCyrl-300.otf
shadowhammer.kaspersky.com/fonts/
104 KB
105 KB
Font
General
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-300.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9cf33e0daa53ce735137dafb006f1161c173cec381c57afe89ae99ae39bab345
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/fonts/MuseoSansCyrl-300.otf
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
origin
https://shadowhammer.kaspersky.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Origin
https://shadowhammer.kaspersky.com

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-19fcc"
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
106444
expires
Thu, 31 Dec 2037 23:55:55 GMT
GothamPro-Light.otf
shadowhammer.kaspersky.com/fonts/
52 KB
53 KB
Font
General
Full URL
https://shadowhammer.kaspersky.com/fonts/GothamPro-Light.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ca97417eed7f403851267408d2669f99e3963b38e45398f9a11a5964541bf4f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/fonts/GothamPro-Light.otf
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
origin
https://shadowhammer.kaspersky.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Origin
https://shadowhammer.kaspersky.com

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-d174"
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
53620
expires
Thu, 31 Dec 2037 23:55:55 GMT
GothamPro-Bold.otf
shadowhammer.kaspersky.com/fonts/
37 KB
38 KB
Font
General
Full URL
https://shadowhammer.kaspersky.com/fonts/GothamPro-Bold.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.83.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-83-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb5e14ba302694ae7baa7727ae96da8d4a8ca15893e71ddae9e821244a90fc73
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'

Request headers

:path
/fonts/GothamPro-Bold.otf
pragma
no-cache
cookie
_ga=GA1.2.2081152860.1553622826; _gid=GA1.2.1262861644.1553622826; _gat_gtag_UA_61587331_55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1406116232%7CMCIDTS%7C17982%7CvVersion%7C2.5.0
origin
https://shadowhammer.kaspersky.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shadowhammer.kaspersky.com
referer
https://shadowhammer.kaspersky.com/style.css?v=2
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Origin
https://shadowhammer.kaspersky.com

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Thu, 21 Mar 2019 14:48:24 GMT
server
nginx
etag
"5c93a438-92f4"
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
content-security-policy
default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
accept-ranges
bytes
content-length
37620
expires
Thu, 31 Dec 2037 23:55:55 GMT
839281392784015
connect.facebook.net/signals/config/
186 KB
45 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/839281392784015?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b8d6776acb992987d577251973ac2c9d8c48c507f5482549875fb233d1e40fa0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
46033
x-xss-protection
0
pragma
public
x-fb-debug
TDhPzJNDF/XwSpga7TATIPi9eH5CnJ1kxHOZT9IQYMyZbTOwtTQKPmd3aHTsbZBs5Xisnma+n0X9SHdVGSNl8w==
date
Tue, 26 Mar 2019 17:53:45 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
294 B
Image
General
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&rl=&if=false&ts=1553622825969&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=30&fbp=fb.1.1553622825968.2112153449&it=1553622825901&coo=false&rqm=GET
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 17:53:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 26 Mar 2019 17:53:45 GMT
Cookie set dest5.html
kaspersky.demdex.net/ Frame EEC7
0
0
Document
General
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.130.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
kaspersky.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://shadowhammer.kaspersky.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=84821730878976327883833641381494065948
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 22 Mar 2019 09:57:42 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=84821730878976327883833641381494065948;Path=/;Domain=.demdex.net;Expires=Sun, 22-Sep-2019 17:53:46 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
JGus3nJpQU0=
Content-Length
2764
Connection
keep-alive
id
kaspersky.d3.sc.omtrdc.net/
3 B
490 B
XHR
General
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=89296164342738407184281006969714943302&ts=1553622826009
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.228.18 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d3.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowhammer.kaspersky.com/
Origin
https://shadowhammer.kaspersky.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 26 Mar 2019 17:53:46 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC/2.0.0
xserver
www21
Vary
Origin
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://shadowhammer.kaspersky.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
3
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XJpnKgAAEVCtJjx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=84821730878976327883833641381494065948
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XJpnKgAAEVCtJjx0
42 B
769 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XJpnKgAAEVCtJjx0
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.211.225 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-211-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v025-09fb6bdfe.edge-irl1.demdex.com 5.50.0.20190319164038 3ms
Pragma
no-cache
X-TID
dFemeZg8Qvk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 26 Mar 2019 17:53:46 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XJpnKgAAEVCtJjx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
s37784241827592
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.6.0/
43 B
591 B
Image
General
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.6.0/s37784241827592?AQB=1&ndh=1&pf=1&t=26%2F2%2F2019%2017%3A53%3A46%202%200&mid=89296164342738407184281006969714943302&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=%5BNULL%5D&g=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&cc=USD&ch=%5BNULL%5D&server=shadowhammer.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=%5BNULL%5D&v9=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&c20=undefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined%3Aundefined&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20s.t%3Ap&c30=v1%3A20190325%3A215%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=Shadow%20Hammer%20APT%20MAC%20Check&v71=v1%3APage%20View%3A%5BNULL%5D&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.228.18 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d3.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 17:53:46 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 27 Mar 2019 17:53:46 GMT
Server
Omniture DC/2.0.0
xserver
www21
ETag
"3336379614081646592-4824552580350782884"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 25 Mar 2019 17:53:46 GMT
/
www.facebook.com/tr/
0
0

/
cx.atdmt.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=839281392784015&ev=Microdata&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2F&rl=&if=false&ts=1553622826473&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Shadow%20Hammer%20APT%20MAC%20Check%22%2C%22og%3Adescription%22%3A%22Check%20your%20MAC%20address%20to%20find%20out%20if%20you%20were%20targeted%20by%20the%20Shadow%20Hammer%20APT%20in%20the%20incident%20with%20ASUS%20Live%20Update.%22%2C%22og%3Aurl%22%3A%22%22%7D&cd[Meta]=%7B%22title%22%3A%22Shadow%20Hammer%20APT%20MAC%20Check%22%2C%22meta%3Akeywords%22%3A%22asus%2C%20live%20update%2C%20kaspersky%2C%20kaspersky%20lab%2C%20great%2C%20check%2C%20mac%2C%20address%2C%20shadow%20hammer%22%2C%22meta%3Adescription%22%3A%22Were%20you%20targeted%20by%20the%20Shadow%20Hammer%20APT%20in%20the%20incident%20with%20ASUS%20Live%20Update%3F%20Check%20your%20MAC%20address%20to%20find%20out!%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.42&r=stable&ec=1&o=30&fbp=fb.1.1553622825968.2112153449&it=1553622825901&coo=false&es=automatic&rqm=GET
Domain
cx.atdmt.com
URL
https://cx.atdmt.com/?c=6461183946819090715&f=AYzsPhjB0wcrWF7nBsIHdiXdnbNrixqW37N87XzkGnrtunc628tmwGNTm71_0eYO4CWlYECLreVV3dNLS_Gt-e8Q&id=839281392784015&l=3&v=0

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gdprStrings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| prmOm object| kaspersky object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackMaxymiser function| trackAddToCart function| trackCheckoutFormFilling function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackPageView function| trackRegistration function| trackRemoveFromCart function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omAddSpaces function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetHostName function| omGetOrigin function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omTransmitToDataLayer function| omGetProductsString function| omHandleClick function| omHandleMessage object| s function| AppMeasurement function| s_gi function| s_pgicq function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq function| fbq function| _fbq function| $ function| jQuery object| __core-js_shared__ object| s_i_kaspersky-single-suite

8 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 84821730878976327883833641381494065948
.kaspersky.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1406116232%7CMCIDTS%7C17982%7CMCMID%7C89296164342738407184281006969714943302%7CMCAAMLH-1554227625%7C6%7CMCAAMB-1554227625%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1553630026s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17989%7CvVersion%7C2.5.0
.kaspersky.com/ Name: s_cc
Value: true
.kaspersky.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.kaspersky.com/ Name: _gid
Value: GA1.2.1262861644.1553622826
.kaspersky.com/ Name: _fbp
Value: fb.1.1553622825968.2112153449
.kaspersky.com/ Name: _gat_gtag_UA_61587331_55
Value: 1
.kaspersky.com/ Name: _ga
Value: GA1.2.2081152860.1553622826

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://s7.addthis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://s7.addthis.com https://www.googletagmanager.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://media.kaspersky.com/ https://connect.facebook.net/; img-src 'self' data: https://www.google-analytics.com https://kaspersky.d3.sc.omtrdc.net/ https://www.facebook.com/ https://cm.everesttech.net/ https://dpm.demdex.net/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://m.addthisedge.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://s7.addthis.com https://www.youtube.com https://www.google.com https://kaspersky.demdex.net/; connect-src https://dpm.demdex.net/ https://kaspersky.d3.sc.omtrdc.net/;object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
connect.facebook.net
cx.atdmt.com
dpm.demdex.net
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
media.kaspersky.com
shadowhammer.kaspersky.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
cx.atdmt.com
www.facebook.com
172.82.228.18
185.85.15.23
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.30.83.11
52.31.211.225
54.77.130.155
66.117.28.86
03f51639d8908bce6611561122cfe35f836a9b28deacb26ea9b9d62a209a9a97
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e726076fccbf4acb36ec4d8e2922e6e1832a602f39506a6ca4e2f3428f1dc7
1b107799c6b78a5f6f05b5a2858bb8a73ba4c9fb0237c6cf64ec26d08b8b9165
1b88d0415a46b95e0f98b4fc507228adf846ff2f7b2ac4972c67e899f2c21988
1d5a600b788e00dc9a494d22cc2f4f5b6a6bcde4e3812202699ab737ef2e85b1
31fd609600e422dcc28a340d5b31973a2a353db5c10f468a58cab71aefdf60c9
3710ef961a666de16cde821ab0bbaa6bb5b94802e11fffd3b242f4cc675000f0
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
52f61cfa9b063d74ca4654a5f8b51b74feca3b380791bd8d96145415136cde76
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
806ac6da503b30d8853d3fbfd3aca05c0107bf3033053190fbd9380e20baa691
816cb3199d6076e463e46ca6fa9b137dde8731a5844c2a5f0fb65469fa5ddd1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91ac3ef819699299040311f5f9d63415fbf19688df9a326d369a873873bbbf1d
91ddba821cdaaf11fc3b1fc1427fe1d25b7a61fd67e64601964c5ec24ce611c3
9cf33e0daa53ce735137dafb006f1161c173cec381c57afe89ae99ae39bab345
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b8d6776acb992987d577251973ac2c9d8c48c507f5482549875fb233d1e40fa0
bb5e14ba302694ae7baa7727ae96da8d4a8ca15893e71ddae9e821244a90fc73
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca97417eed7f403851267408d2669f99e3963b38e45398f9a11a5964541bf4f6
e68461c3abf919949941f2595106ff2acd4783f77cd48dde23caae208092fe12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62