urlscan.io logo urlscan.io
SecurityTrails logo

shadowhammer.kaspersky.com Open in urlscan Pro
82.202.190.125  Public Scan

Go To Rescan Add Verdict Report
URL: https://shadowhammer.kaspersky.com/index.php
Submission: On July 24 via api from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 38 HTTP transactions. The main IP is 82.202.190.125, located in Russian Federation and belongs to KL-KDP, RU. The main domain is shadowhammer.kaspersky.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 1st 2021. Valid for: a year.
This is the only time shadowhammer.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    82.202.190.125 (Russian Federation)

ASN209030 (KL-KDP, RU)
shadowhammer.kaspersky.com
1    93.159.228.11 (Russian Federation)

ASN200107 (KL-EXT, RU)
media.kaspersky.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.240.90.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-90-211.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.214.168.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-168-199.eu-west-1.compute.amazonaws.com
kaspersky.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
1    99.81.11.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Domain Requested by
16 shadowhammer.kaspersky.com shadowhammer.kaspersky.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
shadowhammer.kaspersky.com
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
2 www.facebook.com shadowhammer.kaspersky.com
2 connect.facebook.net shadowhammer.kaspersky.com
connect.facebook.net
2 dpm.demdex.net media.kaspersky.com
shadowhammer.kaspersky.com
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net media.kaspersky.com
1 www.googletagmanager.com shadowhammer.kaspersky.com
1 media.kaspersky.com shadowhammer.kaspersky.com
38 10

This site contains links to these domains. Also see Links.

Domain
securelist.com
www.kaspersky.com
Subject Issuer Validity Valid
shadowhammer.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
media.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-23 -
2022-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://shadowhammer.kaspersky.com/index.php
Frame ID: DA996E3BD02BCDA1118248BCE3241103
Requests: 37 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: E643659F3596179679241CA820461EF3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

711 kB
Transfer

1366 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://cm.everesttech.net/cm/dd?d_uuid=05477865848704373320748314633175633935 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPwpJAAAADhsFg_u

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
shadowhammer.kaspersky.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PHP/7.4.21 PleskLin
Resource Hash
74b8c9d51b6e93c62ab748b4b0a4f5ea7806c48b4a0354fa6c626abe46375c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
shadowhammer.kaspersky.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 24 Jul 2021 14:52:19 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/7.4.21 PleskLin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=15768000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
br
style.css
shadowhammer.kaspersky.com/ 		63 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/style.css?v=2
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a865a58b0bfa9bd0900710e2cb57f9c85acccc4bf9a2f8cd1a16011544ecb3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:19 GMT
content-encoding
br
etag
W/"60c23494-fda9"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
alert_text.js
shadowhammer.kaspersky.com/gdpr/en-gl/ 		418 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/gdpr/en-gl/alert_text.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1b88d0415a46b95e0f98b4fc507228adf846ff2f7b2ac4972c67e899f2c21988
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:19 GMT
content-encoding
br
etag
W/"60c23494-1a2"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
alert.js
shadowhammer.kaspersky.com/gdpr/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/gdpr/alert.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1b107799c6b78a5f6f05b5a2858bb8a73ba4c9fb0237c6cf64ec26d08b8b9165
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
content-encoding
br
etag
W/"60c23494-1500"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		171 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
93.159.228.11 , Russian Federation, ASN200107 (KL-EXT, RU),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
776585b3281f79ee4026c72e4729a7bf631325328f7a1c8c9516d3375d12cd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"08fccd5c377d71:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
content-length
48941
x-xss-protection
1; mode=block
last-modified
Tue, 13 Jul 2021 08:48:22 GMT
server
x-frame-options
SAMEORIGIN
date
Sat, 24 Jul 2021 14:52:19 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
msk2/FRA2
accept-ranges
bytes
x-content-type-options
nosniff
jquery.min.js
shadowhammer.kaspersky.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/jquery.min.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:19 GMT
content-encoding
br
etag
W/"60c23494-15d9d"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.maskedinput.min.js
shadowhammer.kaspersky.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/jquery.maskedinput.min.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:19 GMT
content-encoding
br
etag
W/"60c23494-10e4"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
events.js
shadowhammer.kaspersky.com/ 		1 KB
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/events.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
94f10b713c8d805abd2e470f914d5c1c5559c1c0faae37029dcc2958f5d4dd73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://shadowhammer.kaspersky.com/index.php
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:19 GMT
content-encoding
br
etag
W/"60c23494-431"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		192 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14c9f3fbc8670169dc013b09ab06d30a3f155cb542307a1ff75c27ecd7ee01d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:52:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65720
x-xss-protection
0
last-modified
Sat, 24 Jul 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Jul 2021 14:52:20 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K974KNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
7049
date
Sat, 24 Jul 2021 12:54:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sat, 24 Jul 2021 14:54:51 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&aip=1&a=29139025&t=pageview&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=850386460&gjid=851585539&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&_r=1&gtm=2wg7l1K974KNN&z=1896419602
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 14:52:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shadowhammer.kaspersky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1627138340168
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.90.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-90-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
51f2b3982532c9753c9059ed40081b4057809922990f89420b9abfa3d4bce39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v012-045d9dd59.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
mOJs2g7VS78=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://shadowhammer.kaspersky.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Page1.png
shadowhammer.kaspersky.com/shadow/dekstop/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shadowhammer.kaspersky.com/shadow/dekstop/Page1.png
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
91ac3ef819699299040311f5f9d63415fbf19688df9a326d369a873873bbbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-4bc3"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
19395
kaspersky_logo_white.svg
shadowhammer.kaspersky.com/icons/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shadowhammer.kaspersky.com/icons/kaspersky_logo_white.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6670587c6c6f7eaea610366096842e6256d42aa527149b0627416005f81f3390
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-d79"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Connection
keep-alive
accept-ranges
bytes
Content-Length
3449
exclamation.svg
shadowhammer.kaspersky.com/icons/ 		701 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shadowhammer.kaspersky.com/icons/exclamation.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
91ddba821cdaaf11fc3b1fc1427fe1d25b7a61fd67e64601964c5ec24ce611c3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-2bd"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Connection
keep-alive
accept-ranges
bytes
Content-Length
701
kaspersky_logo_green.svg
shadowhammer.kaspersky.com/icons/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shadowhammer.kaspersky.com/icons/kaspersky_logo_green.svg
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
814f6458d81ef30a5d67fe75f61a3ab41ebd1bd309363d1de94f7e1cc88c40fd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-d7b"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
image/svg+xml
Connection
keep-alive
accept-ranges
bytes
Content-Length
3451
MuseoSansCyrl-500.otf
shadowhammer.kaspersky.com/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-500.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1d5a600b788e00dc9a494d22cc2f4f5b6a6bcde4e3812202699ab737ef2e85b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://shadowhammer.kaspersky.com
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Origin
https://shadowhammer.kaspersky.com
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-1a07c"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
106620
MuseoSansCyrl-100.otf
shadowhammer.kaspersky.com/fonts/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-100.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
31fd609600e422dcc28a340d5b31973a2a353db5c10f468a58cab71aefdf60c9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://shadowhammer.kaspersky.com
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Origin
https://shadowhammer.kaspersky.com
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-19534"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
103732
MuseoSansCyrl-300.otf
shadowhammer.kaspersky.com/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/fonts/MuseoSansCyrl-300.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9cf33e0daa53ce735137dafb006f1161c173cec381c57afe89ae99ae39bab345
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://shadowhammer.kaspersky.com
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Origin
https://shadowhammer.kaspersky.com
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-19fcc"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
106444
GothamPro-Light.otf
shadowhammer.kaspersky.com/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/fonts/GothamPro-Light.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ca97417eed7f403851267408d2669f99e3963b38e45398f9a11a5964541bf4f6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://shadowhammer.kaspersky.com
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Origin
https://shadowhammer.kaspersky.com
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-d174"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
53620
GothamPro-Bold.otf
shadowhammer.kaspersky.com/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shadowhammer.kaspersky.com/fonts/GothamPro-Bold.otf
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
82.202.190.125 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bb5e14ba302694ae7baa7727ae96da8d4a8ca15893e71ddae9e821244a90fc73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://shadowhammer.kaspersky.com
Accept-Encoding
gzip, deflate, br
Host
shadowhammer.kaspersky.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
Cookie
_gcl_au=1.1.1459367951.1627138340; _ga=GA1.2.478937178.1627138340; _gid=GA1.2.894884977.1627138340; _gat_UA-61587331-55=1; AMCV_983502BE532960BE0A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C18833%7CvVersion%7C4.4.0; _cs_mk=0.3487188235927561_1627138340171
Connection
keep-alive
Origin
https://shadowhammer.kaspersky.com
Referer
https://shadowhammer.kaspersky.com/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 14:52:20 GMT
etag
"60c23494-92f4"
last-modified
Thu, 10 Jun 2021 15:49:40 GMT
Server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
37620
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JS%20Errors&ea=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27language%27%20of%20null%2C%20at%20line%203&el=https%3A%2F%2Fshadowhammer.kaspersky.com%2Fgdpr%2Falert.js&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=2036795158
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
gWcMte0g2YoN+70wpPRxh6TEE50IPA4JstQ2UUVzCPh8g59DRqbY7H368qz96zWuSVbPL8nbyIxUxMhxcJ5rYQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sat, 24 Jul 2021 14:52:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
839281392784015
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/839281392784015?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60a52a0afc35381c94175d69f5b6dda4061fe0e0e96c519b09d208aed0b062f5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75921
x-xss-protection
0
pragma
public
x-fb-debug
1GTk9WmobP85h2dRVjnxpgJYkdpixZLsv4EP9Ba6FDoWDwNeo4OhKfnuu9zUO89uwYOmLglgMdrULmJ+02Wj3w==
x-frame-options
DENY
date
Sat, 24 Jul 2021 14:52:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&rl=&if=false&ts=1627138340330&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627138340329.825860639&it=1627138340290&coo=false&rqm=GET
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:52:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 24 Jul 2021 14:52:20 GMT
dest5.html
kaspersky.demdex.net/ Frame E643 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.168.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-168-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
kaspersky.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shadowhammer.kaspersky.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=05477865848704373320748314633175633935
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shadowhammer.kaspersky.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sat, 24 Jul 2021 14:52:20 GMT
DCS
dcs-prod-irl1-2-v012-053bbcc6f.edge-irl1.demdex.com 6.3.1.20210623115127
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 2 Jul 2021 08:59:53 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
Xvntw78tQN0=
Content-Length
2791
Connection
keep-alive
id
kaspersky.d3.sc.omtrdc.net/ 		2 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=07027784955834489740304109110365568597&ts=1627138340354
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Jul 2021 14:52:20 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-58944c9887-bqrv2
vary
Origin
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://shadowhammer.kaspersky.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YPwpJAAAADhsFg_u
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=05477865848704373320748314633175633935
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPwpJAAAADhsFg_u
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPwpJAAAADhsFg_u
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.90.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-90-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0924b2ac2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
il+jH8BnRz8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPwpJAAAADhsFg_u
Date
Sat, 24 Jul 2021 14:52:20 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=Microdata&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&rl=&if=false&ts=1627138340833&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shadow%20Hammer%20APT%20MAC%20Check%22%2C%22meta%3Akeywords%22%3A%22asus%2C%20live%20update%2C%20kaspersky%2C%20kaspersky%2C%20great%2C%20check%2C%20mac%2C%20address%2C%20shadow%20hammer%22%2C%22meta%3Adescription%22%3A%22Were%20you%20targeted%20by%20the%20Shadow%20Hammer%20APT%20in%20the%20incident%20with%20ASUS%20Live%20Update%3F%20Check%20your%20MAC%20address%20to%20find%20out!%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Shadow%20Hammer%20APT%20MAC%20Check%22%2C%22og%3Adescription%22%3A%22Check%20your%20MAC%20address%20to%20find%20out%20if%20you%20were%20targeted%20by%20the%20Shadow%20Hammer%20APT%20in%20the%20incident%20with%20ASUS%20Live%20Update.%22%2C%22og%3Aurl%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627138340329.825860639&it=1627138340290&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: shadowhammer.kaspersky.com
URL: https://shadowhammer.kaspersky.com/index.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:52:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 24 Jul 2021 14:52:20 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=10%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=756379170
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=20%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=2070184699
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=30%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=1114987925
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=40%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=397925106
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=1161070233
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=60%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=31475240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=70%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=1878424809
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=29139025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&ul=en-us&de=UTF-8&dt=Shadow%20Hammer%20APT%20MAC%20Check&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ACTIONS&ea=makeActions%20%2F%20%5BPage%5D%20%2F%20Vertical%20Scroll&el=80%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=478937178.1627138340&tid=UA-61587331-55&_gid=894884977.1627138340&gtm=2wg7l1K974KNN&z=576774143
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Jul 2021 00:45:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
s01605833581223
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.0/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.0/s01605833581223?AQB=1&ndh=1&pf=1&t=24%2F6%2F2021%2016%3A52%3A24%206%20-120&mid=07027784955834489740304109110365568597&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=Home%20%3E%20index&g=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&cc=USD&ch=Home&server=shadowhammer.kaspersky.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=Home%20%3E%20index&v9=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&c20=url&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20210713%3A274%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fshadowhammer.kaspersky.com%2Findex.php&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=Shadow%20Hammer%20APT%20MAC%20Check&v71=v1%3APage%20View%3A%5BNULL%5D&v113=07027784955834489740304109110365568597&v116=478937178.1627138340&v125=0.3487188235927561_1627138340171&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowhammer.kaspersky.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 14:52:24 GMT
x-content-type-options
nosniff
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 25 Jul 2021 14:52:24 GMT
server
jag
xserver
anedge-58944c9887-vv85r
etag
3494252987907964928-4619853951075244231
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 23 Jul 2021 14:52:24 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| gdprStrings object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| prmOm object| kaspersky object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackLRCFallback function| trackMaxymiser function| trackAuditories function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackPageViewOnLoad function| trackPartnerLocatorSearchEvent function| trackProductView function| trackRegistration function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omAddSpaces function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetBusinessType function| omGetGoogleAnalyticsClientId function| omGetHostName function| omGetOrigin function| omGetPageNameFromPath function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omPushEventToDataLayer function| omCreateEventParamsObj function| omPushTrackingObjectToDataLayer function| omPrepareProductsString function| omHandleClick function| omHandleMessage function| e object| sng object| s function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in object| _uxa number| s_objectID number| s_giq function| $ function| jQuery function| onYouTubeIframeAPIReady function| fbq function| _fbq object| s_i_kaspersky-single-suite

9 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 05477865848704373320748314633175633935
.kaspersky.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18833%7CMCMID%7C07027784955834489740304109110365568597%7CMCAAMLH-1627743140%7C6%7CMCAAMB-1627743140%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1627145540s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18840%7CvVersion%7C4.4.0
.kaspersky.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.kaspersky.com/ Name: _gat_UA-61587331-55
Value: 1
.kaspersky.com/ Name: _cs_mk
Value: 0.3487188235927561_1627138340171
.kaspersky.com/ Name: _fbp
Value: fb.1.1627138340329.825860639
.kaspersky.com/ Name: _gid
Value: GA1.2.894884977.1627138340
.kaspersky.com/ Name: _ga
Value: GA1.2.478937178.1627138340
.kaspersky.com/ Name: _gcl_au
Value: 1.1.1459367951.1627138340

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
connect.facebook.net
dpm.demdex.net
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
media.kaspersky.com
shadowhammer.kaspersky.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
15.236.176.210
2a00:1450:4001:80f::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.240.90.211
52.214.168.199
82.202.190.125
93.159.228.11
99.81.11.244
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c9f3fbc8670169dc013b09ab06d30a3f155cb542307a1ff75c27ecd7ee01d2
1b107799c6b78a5f6f05b5a2858bb8a73ba4c9fb0237c6cf64ec26d08b8b9165
1b88d0415a46b95e0f98b4fc507228adf846ff2f7b2ac4972c67e899f2c21988
1d5a600b788e00dc9a494d22cc2f4f5b6a6bcde4e3812202699ab737ef2e85b1
31fd609600e422dcc28a340d5b31973a2a353db5c10f468a58cab71aefdf60c9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
51f2b3982532c9753c9059ed40081b4057809922990f89420b9abfa3d4bce39c
60a52a0afc35381c94175d69f5b6dda4061fe0e0e96c519b09d208aed0b062f5
6670587c6c6f7eaea610366096842e6256d42aa527149b0627416005f81f3390
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74b8c9d51b6e93c62ab748b4b0a4f5ea7806c48b4a0354fa6c626abe46375c6e
776585b3281f79ee4026c72e4729a7bf631325328f7a1c8c9516d3375d12cd6d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
814f6458d81ef30a5d67fe75f61a3ab41ebd1bd309363d1de94f7e1cc88c40fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91ac3ef819699299040311f5f9d63415fbf19688df9a326d369a873873bbbf1d
91ddba821cdaaf11fc3b1fc1427fe1d25b7a61fd67e64601964c5ec24ce611c3
94f10b713c8d805abd2e470f914d5c1c5559c1c0faae37029dcc2958f5d4dd73
9cf33e0daa53ce735137dafb006f1161c173cec381c57afe89ae99ae39bab345
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a865a58b0bfa9bd0900710e2cb57f9c85acccc4bf9a2f8cd1a16011544ecb3c8
bb5e14ba302694ae7baa7727ae96da8d4a8ca15893e71ddae9e821244a90fc73
ca97417eed7f403851267408d2669f99e3963b38e45398f9a11a5964541bf4f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e