urlscan.io logo urlscan.io
SecurityTrails logo

www.emsisoft.com Open in urlscan Pro
104.20.94.33  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Submission: On November 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 104.20.94.33, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.emsisoft.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 28th 2018. Valid for: 2 years.
This is the only time www.emsisoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.20.94.33 13335 (CLOUDFLAR...)
1 216.158.67.83 18450 (WEBNX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 9
11    104.20.94.33 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.emsisoft.com
static.emsisoft.com
1    216.158.67.83 (Los Angeles, United States)

ASN18450 (WEBNX - WebNX, Inc., US)
PTR: 216-158-67-83.static.webnx.com
file.myfontastic.com
2    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
7 static.emsisoft.com www.emsisoft.com
www.google-analytics.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
4 www.emsisoft.com www.emsisoft.com
www.google-analytics.com
2 cdnjs.cloudflare.com www.emsisoft.com
www.google-analytics.com
1 s.ytimg.com www.youtube.com
1 www.google.de www.emsisoft.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.youtube.com www.emsisoft.com
1 www.googletagmanager.com www.emsisoft.com
1 file.myfontastic.com www.emsisoft.com
21 11
Subject Issuer Validity Valid
*.emsisoft.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-28 -
2020-06-24		 2 years crt.sh
file.myfontastic.com
COMODO RSA Domain Validation Secure Server CA		 2016-10-22 -
2019-10-22		 3 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-20 -
2020-05-28		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.emsisoft.com/ransomware-decryption-tools/
Frame ID: 920FC99DBDD901E066433B33EA28B07E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

21
Requests

95 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

599 kB
Transfer

889 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1059316270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emsisoft.com%2Fransomware-decryption-tools%2F&ul=en-us&de=UTF-8&dt=Emsisoft%3A%20Free%20Ransomware%20Decryption%20Tools&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEAj~&jid=888025307&gjid=583027538&cid=1144685716.1574700061&tid=UA-226711-1&_gid=1814855122.1574700061&_r=1&gtm=2wgav9WK8DP7&cg1=other&cd4=1574700060580.79oug05p&cd1=1144685716.1574700061&z=1781428261 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_gid=1814855122.1574700061&gjid=583027538&_v=j79&z=1781428261 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261&slf_rd=1&random=4148665278

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.emsisoft.com/ransomware-decryption-tools/ 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
521116d0b37c3a133c399d25a01d15341bbf2f45b842066a3c2776b5108e95b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.emsisoft.com
:scheme
https
:path
/ransomware-decryption-tools/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 25 Nov 2019 16:41:00 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de5a45425e3e15b48eb9e0a3a3d36e62e1574700059; expires=Wed, 25-Dec-19 16:40:59 GMT; path=/; domain=.emsisoft.com; HttpOnly XSRF-TOKEN=eyJpdiI6Ildoa3U3RkRSTmg5VnJBQWI1aHI1dVE9PSIsInZhbHVlIjoiM1pUazIwY3FuczBzaVZ6c2ZndGZra1NFQUNBODE0NnlqaDNGZU0yeWtGVWd0TmJCTnQ1eXNCMUZUckJ3WEF1WDZNSXVrQlMxY0J5U3ZpbCtYVFk3NHc9PSIsIm1hYyI6ImZjYTYwN2YzYWEzZDkzZGI2N2RiYTdlYTEzZmZmNjdlYzg5ZjEwODg4YTdmYjlmMDBiMjgyODYzNzljMjZmMjAifQ%3D%3D; expires=Mon, 25-Nov-2019 18:41:00 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImhaXC9yUHZ5ZjVuTFwvcnNkZFpOS2daQT09IiwidmFsdWUiOiJWTXdmSXp6OFV0N0RnaUxISDBqeVR3cTQ0MEM2M09QYUpXM1ZRM2RhTGJNaUJHc1FlZ2tZTURnZDNuNFArb0RqbUZhWmxFMGRzd29sUjVaekZ5OXpGdz09IiwibWFjIjoiZGYzMzJhYzU2M2M2M2E5OTZjOGRlZTI3N2RmZTE1ODAwYzJiOGQxMjY1ODRlZDczMzg3MmM1MDYxZDYwMzBjYiJ9; expires=Mon, 25-Nov-2019 18:41:00 GMT; Max-Age=7200; path=/; HttpOnly
cache-control
no-cache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53b5114ebff4c83b-AMS
content-encoding
gzip
icons.css
file.myfontastic.com/n6vo44Re5QaWo8oCKShBs7/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://file.myfontastic.com/n6vo44Re5QaWo8oCKShBs7/icons.css
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.158.67.83 Los Angeles, United States, ASN18450 (WEBNX - WebNX, Inc., US),
Reverse DNS
216-158-67-83.static.webnx.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47fe73d90b030a1436ae7c5f02aed8590947736235de0a448f0748c578f80f98

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 Nov 2019 16:41:00 GMT
Last-Modified
Fri, 10 Mar 2017 14:24:33 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"58c2b721-252b"
Content-Type
text/css
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9515
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
br
cf-cache-status
HIT
age
19333988
cf-ray
53b511527e2f5a12-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
W/"5afd4910-6857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sat, 04 Apr 2020 22:07:44 GMT
cache-control
max-age=30672000
timing-allow-origin
*
served-in-seconds
0.017
app.css
www.emsisoft.com/ransomware-decryption-tools/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
145ad561a3947e073c8b20cf87da9d8d099a76d6c64af46c2c62b8a79726686a

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2865192
status
200
last-modified
Wed, 23 Oct 2019 12:09:00 GMT
pragma
public
cf-bgj
minify
server
cloudflare
etag
W/"5db042dc-91e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
cf-ray
53b511527affc83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
static.emsisoft.com/images/layout/ 		2 KB
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.emsisoft.com/images/layout/logo.svg
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20468f23efd590c59a9e0b0a7546d5ceb7d480ffcb500c7804f1714cd9b289dd

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10825238
status
200
access-control-max-age
600
pragma
public
last-modified
Sun, 01 Oct 2017 15:44:29 GMT
server
cloudflare
etag
W/"59d10d5d-6fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
cf-ray
53b511528b38c83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_decryptor_blue.svg
static.emsisoft.com/images/layout/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.emsisoft.com/images/layout/logo_decryptor_blue.svg
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae26cac8e1c15eabfd1c0446c4bf2d487fbcf4026400794e775dfb42b5c60604

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10015998
status
200
access-control-max-age
600
pragma
public
last-modified
Thu, 01 Aug 2019 18:07:40 GMT
server
cloudflare
etag
W/"5d432a6c-f06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
cf-ray
53b511528b39c83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
libs.js
www.emsisoft.com/ransomware-decryption-tools/js/ 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=65fe7db99a57a3e26617
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4e351a403d62734861d639256194ba48a1b724196ab0af669f683536f2237f

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2856197
cf-polished
origSize=107244
status
200
cf-bgj
minify
pragma
public
last-modified
Wed, 23 Oct 2019 14:30:59 GMT
server
cloudflare
etag
W/"5db06423-1a2ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
cf-ray
53b511527b06c83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WK8DP7
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7788c7a3b908e728d3a65a3a1d29ad2c23aa0ce8bcee03122d33c8b89f7bd68
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
br
last-modified
Mon, 25 Nov 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
33240
x-xss-protection
0
expires
Mon, 25 Nov 2019 16:41:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK8DP7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
443
date
Mon, 25 Nov 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 25 Nov 2019 18:33:37 GMT
iframe_api
www.youtube.com/ 		859 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
c867f8c2c28a8372957c87705ed512ce96406ae2dcdaf07371002860dc454f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 15:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3428
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Mon, 25 Nov 2019 16:43:52 GMT
SegoeUI.woff
static.emsisoft.com/fonts/ 		240 KB
238 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.emsisoft.com/fonts/SegoeUI.woff
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
Origin
https://www.emsisoft.com

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5302867
status
200
access-control-max-age
600
pragma
public
last-modified
Sat, 10 Aug 2019 09:49:57 GMT
server
cloudflare
etag
W/"5d4e9345-3c054"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
cf-ray
53b511531e1dc83f-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		322 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a38673e2579f3e68a803094dded66791062970b8da251c2671ffc2d151f04cce

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
header-image.png
www.emsisoft.com/ransomware-decryption-tools/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.emsisoft.com/ransomware-decryption-tools/assets/images/header-image.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee956e60f5c0d621a90cabdada26b76742a42df8c1b0752bcf1983fabf94d98

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
cf-cache-status
HIT
age
9999189
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
12841
pragma
public
last-modified
Mon, 22 Jul 2019 15:18:20 GMT
server
cloudflare
etag
"5d35d3bc-3229"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
53b51152dbdfc83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
category-banner-bg.jpg
static.emsisoft.com/images/layout/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.emsisoft.com/images/layout/category-banner-bg.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c10c36f3a313df426fadf98397730c2608571b33c6a46f143617de56e047bdd

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
19684930
cf-polished
origSize=37285
status
200
cf-bgj
imgq:100
content-length
36431
pragma
public
last-modified
Mon, 19 Mar 2018 10:40:43 GMT
server
cloudflare
etag
"5aaf93ab-91a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
53b51152dbeac83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
faq.jpg
static.emsisoft.com/images/layout/components/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.emsisoft.com/images/layout/components/faq.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5287f40dc556263f2423d3f43ce5a3f479168a268cce542fd1903272a285fb34

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
24067030
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
75980
pragma
public
last-modified
Sat, 16 Sep 2017 15:34:08 GMT
server
cloudflare
etag
"59bd4470-128cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
53b51152dbf1c83b-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
DINWebPro-CondBold.woff
static.emsisoft.com/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.emsisoft.com/fonts/DINWebPro-CondBold.woff
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa01ca9b038471923699e969ba137b5c769df9b184c0067dc1afcd318b0ecd50

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
Origin
https://www.emsisoft.com

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5303952
status
200
access-control-max-age
600
pragma
public
last-modified
Mon, 23 Jan 2017 09:54:31 GMT
server
cloudflare
etag
W/"5885d2d7-4330"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
cf-ray
53b511531e24c83f-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://www.emsisoft.com

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
cf-cache-status
HIT
age
4773853
cf-ray
53b51152d892cbb4-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
content-length
64464
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-fbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 05 Aug 2020 01:32:55 GMT
cache-control
max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
served-in-seconds
0.000
icomoon.ttf
static.emsisoft.com/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.emsisoft.com/fonts/icomoon.ttf?ecqf0r=
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
872f6aefd52455a485b477e95040c32c11c6225e01bed6cee949f80a3784f48b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=1fe523235ec0d4c0c363
Origin
https://www.emsisoft.com

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1756976
status
200
content-length
4128
pragma
public
last-modified
Mon, 14 Nov 2016 08:23:25 GMT
server
cloudflare
etag
"5829747d-1020"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
53b511531e21c83f-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1059316270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emsisoft.com%2Fransomware-decryption-tools%2F&ul=en-us&de=UTF-8&dt=Emsisoft%3A%20Free%20Ranso...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_gid=1814855122.1574700061&gjid=583027538&_v=j79&z=1781428261
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261&slf_rd=1&random=4148665278
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261&slf_rd=1&random=4148665278
Requested by
Host: www.emsisoft.com
URL: https://www.emsisoft.com/ransomware-decryption-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Nov 2019 16:41:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Nov 2019 16:41:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261&slf_rd=1&random=4148665278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflBhcOGP/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflBhcOGP/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae6d20916a01c3e2ae826009996f92011b637ab6d62e1643dc91dae57ecb55d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 18:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251468
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8703
x-xss-protection
0
last-modified
Fri, 22 Nov 2019 13:29:55 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 30 Nov 2019 18:49:52 GMT
js
www.google-analytics.com/gtm/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P7CT5ZH&t=gtm34&cid=1144685716.1574700061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
120ca06ac8ae1220517b15fac3b1c4052724be9a37ac15a95989ab553087165c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.emsisoft.com/ransomware-decryption-tools/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 16:41:00 GMT
content-encoding
br
last-modified
Mon, 25 Nov 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
21998
x-xss-protection
0
expires
Mon, 25 Nov 2019 16:41:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| setCookie string| valueSource string| valueMedium object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| google_optimize function| validateFile function| htmlDecode function| $ function| jQuery function| swal function| sweetAlert

8 Cookies

Domain/Path Name / Value
.emsisoft.com/ Name: _gat_UA-226711-1
Value: 1
.emsisoft.com/ Name: _gid
Value: GA1.2.1814855122.1574700061
.emsisoft.com/ Name: _ga
Value: GA1.2.1144685716.1574700061
www.emsisoft.com/ Name: first_touch_source
Value: (direct)
www.emsisoft.com/ Name: laravel_session
Value: eyJpdiI6ImhaXC9yUHZ5ZjVuTFwvcnNkZFpOS2daQT09IiwidmFsdWUiOiJWTXdmSXp6OFV0N0RnaUxISDBqeVR3cTQ0MEM2M09QYUpXM1ZRM2RhTGJNaUJHc1FlZ2tZTURnZDNuNFArb0RqbUZhWmxFMGRzd29sUjVaekZ5OXpGdz09IiwibWFjIjoiZGYzMzJhYzU2M2M2M2E5OTZjOGRlZTI3N2RmZTE1ODAwYzJiOGQxMjY1ODRlZDczMzg3MmM1MDYxZDYwMzBjYiJ9
www.emsisoft.com/ Name: first_touch_medium
Value: (none)
www.emsisoft.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ildoa3U3RkRSTmg5VnJBQWI1aHI1dVE9PSIsInZhbHVlIjoiM1pUazIwY3FuczBzaVZ6c2ZndGZra1NFQUNBODE0NnlqaDNGZU0yeWtGVWd0TmJCTnQ1eXNCMUZUckJ3WEF1WDZNSXVrQlMxY0J5U3ZpbCtYVFk3NHc9PSIsIm1hYyI6ImZjYTYwN2YzYWEzZDkzZGI2N2RiYTdlYTEzZmZmNjdlYzg5ZjEwODg4YTdmYjlmMDBiMjgyODYzNzljMjZmMjAifQ%3D%3D
.emsisoft.com/ Name: __cfduid
Value: de5a45425e3e15b48eb9e0a3a3d36e62e1574700059

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
file.myfontastic.com
s.ytimg.com
static.emsisoft.com
stats.g.doubleclick.net
www.emsisoft.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.20.94.33
216.158.67.83
2606:4700::6811:4004
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9a
120ca06ac8ae1220517b15fac3b1c4052724be9a37ac15a95989ab553087165c
145ad561a3947e073c8b20cf87da9d8d099a76d6c64af46c2c62b8a79726686a
1ee956e60f5c0d621a90cabdada26b76742a42df8c1b0752bcf1983fabf94d98
20468f23efd590c59a9e0b0a7546d5ceb7d480ffcb500c7804f1714cd9b289dd
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
47fe73d90b030a1436ae7c5f02aed8590947736235de0a448f0748c578f80f98
521116d0b37c3a133c399d25a01d15341bbf2f45b842066a3c2776b5108e95b5
5287f40dc556263f2423d3f43ce5a3f479168a268cce542fd1903272a285fb34
7c10c36f3a313df426fadf98397730c2608571b33c6a46f143617de56e047bdd
872f6aefd52455a485b477e95040c32c11c6225e01bed6cee949f80a3784f48b
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a38673e2579f3e68a803094dded66791062970b8da251c2671ffc2d151f04cce
ae26cac8e1c15eabfd1c0446c4bf2d487fbcf4026400794e775dfb42b5c60604
ae6d20916a01c3e2ae826009996f92011b637ab6d62e1643dc91dae57ecb55d3
c867f8c2c28a8372957c87705ed512ce96406ae2dcdaf07371002860dc454f1d
ca4e351a403d62734861d639256194ba48a1b724196ab0af669f683536f2237f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7788c7a3b908e728d3a65a3a1d29ad2c23aa0ce8bcee03122d33c8b89f7bd68
fa01ca9b038471923699e969ba137b5c769df9b184c0067dc1afcd318b0ecd50