##.kis.scr.kaspersky-labs.com (## seemed to change a couple times.)
I decided to do a little research and it seems that Kaspersky is injecting this in all web pages over regular HTTP connections (not HTTPS connections.) After doing some testing, it was doing so many requests that it was insane, no wonder the speed of pages loading was slow. After coming across a post on Reddit by cjbnc, which describes how to disable this annoying “feature”, I went and changed the settings and retested. Guess what? No more code injection!
Kaspersky’s response to the issue is:
“In order for Plugin-less technology to work, Kaspersky injects the corresponding main.js script into all webpages that are being browsed, this is set to be changed in an upcoming patch to the program.”
I have yet to see any details or find any information that this has been addressed yet (at the date this was posted.)
I recommend (my opinion only!) if you are using Kaspersky Internet Security 2015 and up, is to disable this “feature”. Or you could use another anti-virus/security solution that doesn’t do this type of behavior (again, my opinion only!).