urlscan.io logo urlscan.io
SecurityTrails logo

noransom.kaspersky.ru Open in urlscan Pro
88.212.254.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://noransom.kaspersky.ru/
Effective URL: https://noransom.kaspersky.ru/
Submission: On July 11 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 4 domains to perform 45 HTTP transactions. The main IP is 88.212.254.118, located in Russian Federation and belongs to UNITEDNET, RU. The main domain is noransom.kaspersky.ru.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 30th 2021. Valid for: a year.
This is the only time noransom.kaspersky.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 88.212.254.118 39134 (UNITEDNET)
6 104.16.93.80 13335 (CLOUDFLAR...)
1 185.85.15.23 200107 (KL-EXT)
1 2001:4860:480... 15169 (GOOGLE)
2 15.188.95.229 16509 (AMAZON-02)
45 6
36    88.212.254.118 (Russian Federation)

ASN39134 (UNITEDNET, RU)
noransom.kaspersky.ru
6    104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)
app-sj06.marketo.com
1    185.85.15.23 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
sgtm.kaspersky.ru
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
37 kaspersky.ru
noransom.kaspersky.ru
sgtm.kaspersky.ru
44 MB
6 marketo.com
app-sj06.marketo.com — Cisco Umbrella Rank: 46143
148 KB
2 omtrdc.net
kaspersky.d3.sc.omtrdc.net — Cisco Umbrella Rank: 258535
566 B
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 129270
49 KB
45 4
Domain Requested by
36 noransom.kaspersky.ru 1 redirects noransom.kaspersky.ru
6 app-sj06.marketo.com noransom.kaspersky.ru
app-sj06.marketo.com
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
1 sgtm.kaspersky.ru media.kaspersky.com
1 media.kaspersky.com noransom.kaspersky.ru
45 5
Subject Issuer Validity Valid
noransom.kaspersky.ru
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-30 -
2022-07-31		 a year crt.sh
app-sj06.marketo.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
media.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-31 -
2023-03-31		 a year crt.sh
sgtm.kaspersky.ru
GTS CA 1D4		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://noransom.kaspersky.ru/
Frame ID: F960D0C237D89EECD6577124F8AE7288
Requests: 44 HTTP requests in this frame

Frame: https://app-sj06.marketo.com/index.php/form/XDFrame
Frame ID: CE30BA411EE07FD03C17BE5983E9692D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Шифровальщики – это не про вас.

Page URL History Show full URLs

  1. http://noransom.kaspersky.ru/ HTTP 301
    https://noransom.kaspersky.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Page Statistics

45
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

5
Countries

45664 kB
Transfer

46021 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://noransom.kaspersky.ru/ HTTP 301
    https://noransom.kaspersky.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
noransom.kaspersky.ru/
Redirect Chain
  • http://noransom.kaspersky.ru/
  • https://noransom.kaspersky.ru/
63 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
591e432fe6136d8286aa4914a1dd4ae5e506bf2ed1d68eff15118e35fab2b55d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
64854
content-type
text/html
date
Mon, 11 Jul 2022 05:26:40 GMT
etag
"6146d754-fd56"
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 11 Jul 2022 05:26:39 GMT
Location
https://noransom.kaspersky.ru/
Server
nginx
stylesheet.css
noransom.kaspersky.ru/fonts/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/fonts/stylesheet.css
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
0b5384f3121c7b7fe6e5235e198e003449d205b6953d70e4f6eebd9dc7b10a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-4c8"
x-frame-options
SAMEORIGIN
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1224
x-xss-protection
1; mode=block
forms2.min.js
app-sj06.marketo.com/js/forms2/js/ 		206 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
age
2254
etag
"281264-3391f-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
728f2026ce559a0b-FRA
vary
Accept-Encoding
expires
Mon, 11 Jul 2022 09:26:40 GMT
a59e222278b3f5a01d98.css
noransom.kaspersky.ru/_next/static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/css/a59e222278b3f5a01d98.css
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
87072b1e494029be83e9615c2f2ca8c8f11137410dcc778d3351f14e1fecbdc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-83a"
x-frame-options
SAMEORIGIN
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2106
x-xss-protection
1; mode=block
main-7bd6eac02003a6c998dc.js
noransom.kaspersky.ru/_next/static/chunks/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/main-7bd6eac02003a6c998dc.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
a74250733bb230c311c8a8b96765576c6e622cb94c194974886853e01a72f98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-469f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
18079
x-xss-protection
1; mode=block
webpack-95c2b224bccf352ee870.js
noransom.kaspersky.ru/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/webpack-95c2b224bccf352ee870.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-603"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
1539
x-xss-protection
1; mode=block
framework.f783f7e0d786735fc5cd.js
noransom.kaspersky.ru/_next/static/chunks/ 		128 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/framework.f783f7e0d786735fc5cd.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-20005"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
131077
x-xss-protection
1; mode=block
f6078781a05fe1bcb0902d23dbbb2662c8d200b3.5626f1df95c60094a3a6.js
noransom.kaspersky.ru/_next/static/chunks/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/f6078781a05fe1bcb0902d23dbbb2662c8d200b3.5626f1df95c60094a3a6.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
eeb74fa93f3a15000f85f479de91907b3434af7fb90b3e8da2fa73fc670e8571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-9898"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
39064
x-xss-protection
1; mode=block
71247caf95475e3ea7f9a0f8a30beb258b23d005.6c56b48910c0947f0db9.js
noransom.kaspersky.ru/_next/static/chunks/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/71247caf95475e3ea7f9a0f8a30beb258b23d005.6c56b48910c0947f0db9.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e22e1e7406ace3dbe9e2b4978997590d13895f4fab31727284caa5c15acc253e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-aa14"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
43540
x-xss-protection
1; mode=block
_app-bc209a191ba4c843f52e.js
noransom.kaspersky.ru/_next/static/chunks/pages/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/pages/_app-bc209a191ba4c843f52e.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
eb97ea9c3fe240f00fcea8fd8bf04df502024ceb4cf3a69d8447fec239134ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-963"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2403
x-xss-protection
1; mode=block
index-d5536717e88d10f4b3ed.js
noransom.kaspersky.ru/_next/static/chunks/pages/ 		182 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/chunks/pages/index-d5536717e88d10f4b3ed.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
b80dbd424c9b9b16a6b563dc3af8563b8c72aad6eea40161b917c62055416e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-2d6a2"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
186018
x-xss-protection
1; mode=block
hero_photo_small_4.jpg
noransom.kaspersky.ru/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/hero_photo_small_4.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
50cbccd9337e820bc8036741465bf47287d42c8dc49b9e2b5e5a4bdd013afb3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-3b3b8"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
242616
x-xss-protection
1; mode=block
graph_2.png
noransom.kaspersky.ru/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/graph_2.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e2b19d2b128b65d45dadeac96b3248de13e69ed08d6f6ef23c472e91f0ba7470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-c635"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
50741
x-xss-protection
1; mode=block
what-is-a-ransomware.jpg
noransom.kaspersky.ru/ 		12 MB
12 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/what-is-a-ransomware.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
8c355aa29ad119ca7fd039ed97cd666a537b7d972a3fdd4cb1556750cb0b6208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-c590df"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
12947679
x-xss-protection
1; mode=block
protection.jpg
noransom.kaspersky.ru/ 		16 MB
16 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/protection.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
a54864bb66336e52eb3af89210cccdb801b4e7bf8853cbef668f14aa96b0bb3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-f9c871"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
16369777
x-xss-protection
1; mode=block
decrypt.jpg
noransom.kaspersky.ru/ 		15 MB
15 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/decrypt.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
bb8e0001b94d7273b0f6648ae5695308bd16f6410d707d790d1376bf04fe0b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-ec23d7"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
15475671
x-xss-protection
1; mode=block
KTS.png
noransom.kaspersky.ru/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/KTS.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
45c6bd6da54a178e9b03bc8a637c25b133130346340554d22bf95028bd5f9b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-fbe"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
4030
x-xss-protection
1; mode=block
poster_1.png
noransom.kaspersky.ru/useful-materials/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_1.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
465c308ff1842bd86c3c3e33ced09af5737e7df690a7a3ccd37c5af094bd89b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-fd11"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
64785
x-xss-protection
1; mode=block
poster_2.png
noransom.kaspersky.ru/useful-materials/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_2.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
f2550884437f7f08fbe183faa90ebdc1244c8881154fba2231c297dd28fabd19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-e8e8"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
59624
x-xss-protection
1; mode=block
poster_3.png
noransom.kaspersky.ru/useful-materials/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_3.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
15ca4185f40ec009b223140d0f5cc757db50dab3f0891a6898e66f4e6bc090bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-d51f"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
54559
x-xss-protection
1; mode=block
brochure_ksb.png
noransom.kaspersky.ru/useful-materials/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/brochure_ksb.png
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
109eef4d351314bc05fa394d97ddf4b8774cf00c5312851f571b266804561e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-123ee"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
74734
x-xss-protection
1; mode=block
brochure.png
noransom.kaspersky.ru/useful-materials/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/brochure.png?2
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
a5da2899284ad4619aa5cae1b77c2defae35173e42f6ce99662887e0e85dc1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-28afc"
x-frame-options
SAMEORIGIN
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
166652
x-xss-protection
1; mode=block
ransomware-telecommuting-featured-700x460.jpg
noransom.kaspersky.ru/useful-materials/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/ransomware-telecommuting-featured-700x460.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
a86e59d656a4cfceac6e263a660639ee042ded9debe70b97f00584e2fef2ef30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-7434"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
29748
x-xss-protection
1; mode=block
ransomware-collateral-damage-featured-700x460.jpg
noransom.kaspersky.ru/useful-materials/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/ransomware-collateral-damage-featured-700x460.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
3667ed2d49530680b2b97744b1425ee2da4b8ff44179c7c0938d97a6b4837417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-a54f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
42319
x-xss-protection
1; mode=block
lazarus-VHD-ransomware-featured-700x460.jpg
noransom.kaspersky.ru/useful-materials/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/lazarus-VHD-ransomware-featured-700x460.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
212b8efcde745c6ec6d6707651f018305041e22c33629dede992e96a6aa1aca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-766e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
30318
x-xss-protection
1; mode=block
ransomware-in-fortnite-cheats-featured-700x459.jpg
noransom.kaspersky.ru/useful-materials/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/ransomware-in-fortnite-cheats-featured-700x459.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e83f5fe19d4cdb6e9c701aee7fcba903118854a720ef038cc39cd08537d94499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-1572e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
87854
x-xss-protection
1; mode=block
poster_10.jpg
noransom.kaspersky.ru/useful-materials/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_10.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
6662af6e4c4dc25387ef0a32650f904914985f08bd1a09b66d22dca7fb5da0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-2df2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
11762
x-xss-protection
1; mode=block
poster_11.jpg
noransom.kaspersky.ru/useful-materials/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_11.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
9cd334c60ce04ba26b00033d70525611d588d43bb647853f5377f9ffdbf0dfdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-7193"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
29075
x-xss-protection
1; mode=block
poster_8.jpg
noransom.kaspersky.ru/useful-materials/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_8.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
6038f16cbd91b5bdb4f72ac60de1b8f9586cbc32c1ab49a4039a6a0f12bbba27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-86e2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
34530
x-xss-protection
1; mode=block
poster_9.jpg
noransom.kaspersky.ru/useful-materials/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_9.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
21dc67a2cb538e0332f57bb0e5bb5dbfa234bf29726c7b69d09b1f689c801344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-309e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
12446
x-xss-protection
1; mode=block
poster_5.jpg
noransom.kaspersky.ru/useful-materials/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noransom.kaspersky.ru/useful-materials/poster_5.jpg
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
4df0e5128e225759e85a918b18eaf4388bd4b62074ec78cfd5c07469f01df7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-74d6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
29910
x-xss-protection
1; mode=block
_buildManifest.js
noransom.kaspersky.ru/_next/static/czg8ovkEXU-0IrwySj0QY/ 		298 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/czg8ovkEXU-0IrwySj0QY/_buildManifest.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
28d47a2a8297fb8662020978b169049b8b23dbee29bf2f3e7116a47b99712f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-12a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
298
x-xss-protection
1; mode=block
_ssgManifest.js
noransom.kaspersky.ru/_next/static/czg8ovkEXU-0IrwySj0QY/ 		76 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/_next/static/czg8ovkEXU-0IrwySj0QY/_ssgManifest.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-4c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
76
x-xss-protection
1; mode=block
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		173 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
42615ac43d6976214cc5f44b505ea0c4b51d372f3ce0e1d719b2d21f302876fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"80ed76741f8ad81:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
alt-svc
h3=":443"; ma=86400
content-length
49416
x-xss-protection
1; mode=block
last-modified
Mon, 27 Jun 2022 12:14:31 GMT
server
x-frame-options
SAMEORIGIN
date
Mon, 11 Jul 2022 05:26:39 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr1/FRA2
accept-ranges
bytes
x-content-type-options
nosniff
id
sgtm.kaspersky.ru/ 		368 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.kaspersky.ru/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1657517200511
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
726ea49ce8ddbcb192bac2163a2afeabf805fd219abe401124b338a1b3ab310b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://noransom.kaspersky.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v036-079b26c03.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 11 Jul 2022 05:26:40 GMT
content-encoding
gzip
x-tid
pyA4FoYSRz8=
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://noransom.kaspersky.ru
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:00 UTC
truncated
/ 		527 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ff90904a6ef0858c6343224b6d96cc80269d867278bce5b3591648647a848a6

Request headers

Referer
Origin
https://noransom.kaspersky.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
KasperskySans-Regular.woff
noransom.kaspersky.ru/fonts/WOFF/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/fonts/WOFF/KasperskySans-Regular.woff
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/fonts/stylesheet.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
b3b7d61c5cf6929e34023a7d8f6aa54d029c7da7049290face7ac68ff90c0f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://noransom.kaspersky.ru/fonts/stylesheet.css
Origin
https://noransom.kaspersky.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-b358"
x-frame-options
SAMEORIGIN
content-type
font/woff
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
45912
x-xss-protection
1; mode=block
KasperskySans-Bold.woff
noransom.kaspersky.ru/fonts/WOFF/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/fonts/WOFF/KasperskySans-Bold.woff
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/fonts/stylesheet.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
ce07b97a819d6d3dee686b186e6b59992e39b9a1267321e0ad8ec7544cc5f1bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://noransom.kaspersky.ru/fonts/stylesheet.css
Origin
https://noransom.kaspersky.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-b134"
x-frame-options
SAMEORIGIN
content-type
font/woff
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
45364
x-xss-protection
1; mode=block
KasperskySans-Light.woff
noransom.kaspersky.ru/fonts/WOFF/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://noransom.kaspersky.ru/fonts/WOFF/KasperskySans-Light.woff
Requested by
Host: noransom.kaspersky.ru
URL: https://noransom.kaspersky.ru/fonts/stylesheet.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.212.254.118 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
ea2df8908328671f80ff17a016dcad8d489a09b7f0558b2aec6318c772a8334b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://noransom.kaspersky.ru/fonts/stylesheet.css
Origin
https://noransom.kaspersky.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 06:23:16 GMT
server
nginx
etag
"6146d754-b2dc"
x-frame-options
SAMEORIGIN
content-type
font/woff
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
45788
x-xss-protection
1; mode=block
getForm
app-sj06.marketo.com/index.php/form/ 		58 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/index.php/form/getForm?munchkinId=802-IJN-240&form=7763&url=https%3A%2F%2Fnoransom.kaspersky.ru%2F&callback=jQuery112408865107976879318_1657517200484&_=1657517200485
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccba56bda7690ef64d7d5a3efa080c15c35e8ee3719a728bd188f01be38e8342
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=63113904
cf-ray
728f20281f969a0b-FRA
cached
false
id
kaspersky.d3.sc.omtrdc.net/ 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=32451084388198569672857834030210667631&ts=1657517200695
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://noransom.kaspersky.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Jul 2022 05:26:40 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-4mv8k
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://noransom.kaspersky.ru
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
forms2.css
app-sj06.marketo.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1989
vary
Accept-Encoding
content-length
2623
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
etag
"281267-3437-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
728f202ddd829a0b-FRA
expires
Mon, 11 Jul 2022 09:26:41 GMT
forms2-theme-round.css
app-sj06.marketo.com/js/forms2/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/js/forms2/css/forms2-theme-round.css
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
vary
Accept-Encoding
content-length
968
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
etag
"161656-e46-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
728f202ddd849a0b-FRA
expires
Mon, 11 Jul 2022 09:26:42 GMT
XDFrame
app-sj06.marketo.com/index.php/form/ Frame CE30 		2 KB
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/index.php/form/XDFrame
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf61463cf76f7c32e0a2367b93d373b1f1cc4e16858eefa761ff1523f5ad619a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://noransom.kaspersky.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
728f2031f9a89a0b-FRA
content-encoding
gzip
content-length
653
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 05:26:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=63113904
vary
Accept-Encoding
x-content-type-options
nosniff
forms2.min.js
app-sj06.marketo.com/js/forms2/js/ Frame CE30 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj06.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: app-sj06.marketo.com
URL: https://app-sj06.marketo.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-sj06.marketo.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
age
2256
etag
"281264-3391f-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
728f20333af89a0b-FRA
vary
Accept-Encoding
expires
Mon, 11 Jul 2022 09:26:42 GMT
s38952259873190
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s38952259873190?AQB=1&ndh=1&pf=1&t=11%2F6%2F2022%205%3A26%3A43%201%200&mid=32451084388198569672857834030210667631&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=websites%20%3E%20home&g=https%3A%2F%2Fnoransom.kaspersky.ru%2F&cc=USD&ch=websites&server=noransom.kaspersky.ru&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=websites%20%3E%20home&v9=https%3A%2F%2Fnoransom.kaspersky.ru%2F&c20=url&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20220627%3A292%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fnoransom.kaspersky.ru%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8%20%E2%80%93%20%D1%8D%D1%82%D0%BE%20%D0%BD%D0%B5%20%D0%BF%D1%80%D0%BE%20%D0%B2%D0%B0%D1%81.&v71=v1%3APage%20View%3A%5BNULL%5D&v113=32451084388198569672857834030210667631&v116=%5BNULL%5D&v125=0.8834101659190721_1657517200515&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://noransom.kaspersky.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:26:43 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 12 Jul 2022 05:26:43 GMT
server
jag
xserver
anedge-69c8d8cc76-ssv77
etag
3559491090595741696-4619581484075679683
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 10 Jul 2022 05:26:43 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| MktoForms2 object| prmOm object| kaspersky object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackLRCFallback function| trackMaxymiser function| trackAuditories function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackPageViewOnLoad function| trackPartnerLocatorSearchEvent function| trackProductView function| trackRegistration function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetBusinessType function| omGetGoogleAnalyticsClientId function| omGetHostName function| omGetOrigin function| omGetPageNameFromPath function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omPushEventToDataLayer function| omCreateEventParamsObj function| omPushTrackingObjectToDataLayer function| omPrepareProductsString function| omHandleClick function| omHandleMessage function| e object| sng object| s object| visitorConfigObj function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in object| _uxa number| s_objectID number| s_giq object| webpackJsonp_N_E object| _N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| __BUILD_MANIFEST object| __SSG_MANIFEST function| addCaptchaScript string| firstVal object| jQuery112408865107976879318 object| dataLayer object| s_i_kaspersky-single-suite

6 Cookies

Domain/Path Name / Value
.app-sj06.marketo.com/ Name: __cf_bm
Value: sQSKG9Swq4LuYSp5WMTRSLSBs.jQzxOzUAp8NJsF6Zc-1657517200-0-AfE/T1Hj/xPma1DkKL8bKw12iLfgDqi7YU2eqGVYoRMcxyJWBPtYK8q8EtFpDfeRGyqyNAuZ75HI3wRjkkuWTtc=
.kaspersky.ru/ Name: _cs_mk
Value: 0.8834101659190721_1657517200515
.kaspersky.ru/ Name: demdex
Value: 25451201075902740773023029459908262453
.kaspersky.ru/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.kaspersky.ru/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: -1727308122%7CMCMID%7C32451084388198569672857834030210667631%7CMCAAMLH-1658122000%7C6%7CMCAAMB-1658122000%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657524400s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.kaspersky.ru/ Name: s_cc
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-sj06.marketo.com
kaspersky.d3.sc.omtrdc.net
media.kaspersky.com
noransom.kaspersky.ru
sgtm.kaspersky.ru
104.16.93.80
15.188.95.229
185.85.15.23
2001:4860:4802:38::15
88.212.254.118
0b5384f3121c7b7fe6e5235e198e003449d205b6953d70e4f6eebd9dc7b10a03
109eef4d351314bc05fa394d97ddf4b8774cf00c5312851f571b266804561e1b
15ca4185f40ec009b223140d0f5cc757db50dab3f0891a6898e66f4e6bc090bc
17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08
1ff90904a6ef0858c6343224b6d96cc80269d867278bce5b3591648647a848a6
212b8efcde745c6ec6d6707651f018305041e22c33629dede992e96a6aa1aca3
21dc67a2cb538e0332f57bb0e5bb5dbfa234bf29726c7b69d09b1f689c801344
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
28d47a2a8297fb8662020978b169049b8b23dbee29bf2f3e7116a47b99712f16
3667ed2d49530680b2b97744b1425ee2da4b8ff44179c7c0938d97a6b4837417
42615ac43d6976214cc5f44b505ea0c4b51d372f3ce0e1d719b2d21f302876fe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c6bd6da54a178e9b03bc8a637c25b133130346340554d22bf95028bd5f9b1a
465c308ff1842bd86c3c3e33ced09af5737e7df690a7a3ccd37c5af094bd89b7
4df0e5128e225759e85a918b18eaf4388bd4b62074ec78cfd5c07469f01df7c1
50cbccd9337e820bc8036741465bf47287d42c8dc49b9e2b5e5a4bdd013afb3f
591e432fe6136d8286aa4914a1dd4ae5e506bf2ed1d68eff15118e35fab2b55d
6038f16cbd91b5bdb4f72ac60de1b8f9586cbc32c1ab49a4039a6a0f12bbba27
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
6662af6e4c4dc25387ef0a32650f904914985f08bd1a09b66d22dca7fb5da0d4
726ea49ce8ddbcb192bac2163a2afeabf805fd219abe401124b338a1b3ab310b
87072b1e494029be83e9615c2f2ca8c8f11137410dcc778d3351f14e1fecbdc4
8c355aa29ad119ca7fd039ed97cd666a537b7d972a3fdd4cb1556750cb0b6208
9cd334c60ce04ba26b00033d70525611d588d43bb647853f5377f9ffdbf0dfdc
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a54864bb66336e52eb3af89210cccdb801b4e7bf8853cbef668f14aa96b0bb3a
a5da2899284ad4619aa5cae1b77c2defae35173e42f6ce99662887e0e85dc1e8
a74250733bb230c311c8a8b96765576c6e622cb94c194974886853e01a72f98a
a86e59d656a4cfceac6e263a660639ee042ded9debe70b97f00584e2fef2ef30
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
b3b7d61c5cf6929e34023a7d8f6aa54d029c7da7049290face7ac68ff90c0f6d
b80dbd424c9b9b16a6b563dc3af8563b8c72aad6eea40161b917c62055416e25
bb8e0001b94d7273b0f6648ae5695308bd16f6410d707d790d1376bf04fe0b07
ccba56bda7690ef64d7d5a3efa080c15c35e8ee3719a728bd188f01be38e8342
ce07b97a819d6d3dee686b186e6b59992e39b9a1267321e0ad8ec7544cc5f1bc
cf61463cf76f7c32e0a2367b93d373b1f1cc4e16858eefa761ff1523f5ad619a
e22e1e7406ace3dbe9e2b4978997590d13895f4fab31727284caa5c15acc253e
e2b19d2b128b65d45dadeac96b3248de13e69ed08d6f6ef23c472e91f0ba7470
e83f5fe19d4cdb6e9c701aee7fcba903118854a720ef038cc39cd08537d94499
ea2df8908328671f80ff17a016dcad8d489a09b7f0558b2aec6318c772a8334b
eb97ea9c3fe240f00fcea8fd8bf04df502024ceb4cf3a69d8447fec239134ced
eeb74fa93f3a15000f85f479de91907b3434af7fb90b3e8da2fa73fc670e8571
f2550884437f7f08fbe183faa90ebdc1244c8881154fba2231c297dd28fabd19