www.nomoreransom.org
Open in
urlscan Pro
52.222.149.252
Public Scan
Submission: On May 22 via api from US
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 9th 2019. Valid for: a year.
This is the only time www.nomoreransom.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 52.222.149.252 52.222.149.252 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9d | 15169 (GOOGLE) (GOOGLE) | |
16 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-252.fra53.r.cloudfront.net
www.nomoreransom.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nomoreransom.org
www.nomoreransom.org |
356 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
99 B |
16 | 3 |
Domain | Requested by | |
---|---|---|
14 | www.nomoreransom.org |
www.nomoreransom.org
|
2 | www.google-analytics.com |
1 redirects
www.nomoreransom.org
|
1 | stats.g.doubleclick.net |
www.nomoreransom.org
|
16 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nomoreransom.org GlobalSign RSA OV SSL CA 2018 |
2019-09-09 - 2020-10-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.nomoreransom.org/
Frame ID: 6C3EE84F1D0D595FE66B90B55FD37260
Requests: 16 HTTP requests in this frame
Screenshot
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1072240842&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nomoreransom.org%2F&ul=en-us&de=UTF-8&dt=The%20No%20More%20Ransom%20Project&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1680005529&gjid=141475751&cid=1134785869.1590120188&tid=UA-61587331-39&_gid=422090826.1590120188&_r=1&z=1527486798 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61587331-39&cid=1134785869.1590120188&jid=1680005529&_gid=422090826.1590120188&gjid=141475751&_v=j82&z=1527486798
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.nomoreransom.org/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
www.nomoreransom.org/assets/css/ |
2 KB 1016 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.nomoreransom.org/assets/css/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
www.nomoreransom.org/assets/img/ |
18 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
www.nomoreransom.org/assets/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
www.nomoreransom.org/assets/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.js
www.nomoreransom.org/assets/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-bg.jpg
www.nomoreransom.org/assets/img/slides_and_banners/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_3.png
www.nomoreransom.org/assets/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b52-webfont.woff
www.nomoreransom.org/assets/fonts/ |
124 KB 125 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-regular-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-light-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
37 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.nomoreransom.org/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-bold-webfont.woff2
www.nomoreransom.org/assets/fonts/ |
38 KB 39 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| ransomFilter string| cookie_translation string| cookie_close string| cookie_moreinfo function| cookieinfo object| cbinstance string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nomoreransom.org/ | Name: _gid Value: GA1.2.422090826.1590120188 |
|
.nomoreransom.org/ | Name: _gat Value: 1 |
|
.nomoreransom.org/ | Name: _ga Value: GA1.2.1134785869.1590120188 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
stats.g.doubleclick.net
www.google-analytics.com
www.nomoreransom.org
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9d
52.222.149.252
0ef6aa90e8125366170a1b07ec6f04da94be383d4e75a9334025027b7494cc8b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
518c5e87f716fff4402e2d5e321ddaf506e1588bd7765410cce22c73b1d69ef1
659ebe79422bc9fe13e768ff54462233086a47f50d8617392227b9876ade160f
79391f9f548ee9f88e82e58e5be1d7925e25d174c58f7e96aea27610c23ea336
7f4b06a7fdbfb965696fbd255e5b0d349ed67b82a96d2a4c6238bb6360102931
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859cb31b63f9449d8c6c90868b83ce857da4176836b4e51459007735a2e86cb1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
94657510b89dac37fe3dbecf192a4a582c9239b5c31861df8672b36bcd4e3150
a13ce21c487970ebfb8615b80207af9ffbf96f9b4c7c679e4348211fe1a30944
baaeebbe73aecdb80214a15316b92d9c7181cca2ba2ae7810fa4e6c1bb8844f8
cd2af77afcebe707343a62043678559b2a4d0d788c0d37fe36d8c392ce112c6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f799a153d6aeb1d93bc52f67490b222e7719c81cb59086cc5848adde63422f09
fb3ebd5ef18d519c381c469a58c77a1d4d4c1be6809a840bf6c94c9605309d2d