www.nomoreransom.org
Open in
urlscan Pro
65.9.77.28
Public Scan
Effective URL: https://www.nomoreransom.org/
Submission: On June 30 via manual from US
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 21st 2020. Valid for: a year.
This is the only time www.nomoreransom.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 65.9.77.28 65.9.77.28 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c08::9d | 15169 (GOOGLE) (GOOGLE) | |
17 | 3 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
nomoreransom.org
1 redirects
www.nomoreransom.org |
356 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
464 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
15 | www.nomoreransom.org |
1 redirects
www.nomoreransom.org
|
2 | www.google-analytics.com |
www.nomoreransom.org
www.google-analytics.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nomoreransom.org GlobalSign RSA OV SSL CA 2018 |
2020-10-21 - 2021-11-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.nomoreransom.org/
Frame ID: 84B957E36313FD3F16F0A880AB79A157
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.nomoreransom.org/
HTTP 301
https://www.nomoreransom.org/ Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.nomoreransom.org/
HTTP 301
https://www.nomoreransom.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.nomoreransom.org/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
www.nomoreransom.org/assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.nomoreransom.org/assets/css/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
www.nomoreransom.org/assets/img/ |
18 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
www.nomoreransom.org/assets/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
www.nomoreransom.org/assets/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.js
www.nomoreransom.org/assets/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-bg.jpg
www.nomoreransom.org/assets/img/slides_and_banners/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-light-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_3.png
www.nomoreransom.org/assets/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-regular-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b52-webfont.woff
www.nomoreransom.org/assets/fonts/ |
124 KB 125 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.nomoreransom.org/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-bold-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
38 KB 39 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 464 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ransomFilter string| cookie_translation string| cookie_close string| cookie_moreinfo function| cookieinfo object| cbinstance string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nomoreransom.org/ | Name: _gid Value: GA1.2.892512621.1625064084 |
|
.nomoreransom.org/ | Name: _gat Value: 1 |
|
.nomoreransom.org/ | Name: _ga Value: GA1.2.1989106544.1625064084 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
stats.g.doubleclick.net
www.google-analytics.com
www.nomoreransom.org
2a00:1450:4001:80f::200e
2a00:1450:400c:c08::9d
65.9.77.28
0ef6aa90e8125366170a1b07ec6f04da94be383d4e75a9334025027b7494cc8b
4e53e933ce90b8f7de1bddce05cc7549853b643f26a881c056d842a27254d198
518c5e87f716fff4402e2d5e321ddaf506e1588bd7765410cce22c73b1d69ef1
659ebe79422bc9fe13e768ff54462233086a47f50d8617392227b9876ade160f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
79391f9f548ee9f88e82e58e5be1d7925e25d174c58f7e96aea27610c23ea336
7f4b06a7fdbfb965696fbd255e5b0d349ed67b82a96d2a4c6238bb6360102931
859cb31b63f9449d8c6c90868b83ce857da4176836b4e51459007735a2e86cb1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a13ce21c487970ebfb8615b80207af9ffbf96f9b4c7c679e4348211fe1a30944
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
baaeebbe73aecdb80214a15316b92d9c7181cca2ba2ae7810fa4e6c1bb8844f8
cd2af77afcebe707343a62043678559b2a4d0d788c0d37fe36d8c392ce112c6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f799a153d6aeb1d93bc52f67490b222e7719c81cb59086cc5848adde63422f09
fb3ebd5ef18d519c381c469a58c77a1d4d4c1be6809a840bf6c94c9605309d2d