www.emsisoft.com
Open in
urlscan Pro
104.20.94.33
Public Scan
Submission: On November 25 via manual from US
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 28th 2018. Valid for: 2 years.
This is the only time www.emsisoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 104.20.94.33 104.20.94.33 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 216.158.67.83 216.158.67.83 | 18450 (WEBNX) (WEBNX - WebNX) | |
2 | 2606:4700::68... 2606:4700::6811:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 4 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
21 | 9 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.emsisoft.com | |
static.emsisoft.com |
ASN18450 (WEBNX - WebNX, Inc., US)
PTR: 216-158-67-83.static.webnx.com
file.myfontastic.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
emsisoft.com
www.emsisoft.com static.emsisoft.com |
438 KB |
4 |
google-analytics.com
1 redirects
www.google-analytics.com |
41 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
69 KB |
1 |
ytimg.com
s.ytimg.com |
9 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
183 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
166 B |
1 |
youtube.com
www.youtube.com |
931 B |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
myfontastic.com
file.myfontastic.com |
10 KB |
21 | 10 |
Domain | Requested by | |
---|---|---|
7 | static.emsisoft.com |
www.emsisoft.com
www.google-analytics.com |
4 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com |
4 | www.emsisoft.com |
www.emsisoft.com
www.google-analytics.com |
2 | cdnjs.cloudflare.com |
www.emsisoft.com
www.google-analytics.com |
1 | s.ytimg.com |
www.youtube.com
|
1 | www.google.de |
www.emsisoft.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.youtube.com |
www.emsisoft.com
|
1 | www.googletagmanager.com |
www.emsisoft.com
|
1 | file.myfontastic.com |
www.emsisoft.com
|
21 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.emsisoft.com COMODO RSA Domain Validation Secure Server CA |
2018-05-28 - 2020-06-24 |
2 years | crt.sh |
file.myfontastic.com COMODO RSA Domain Validation Secure Server CA |
2016-10-22 - 2019-10-22 |
3 years | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-11-20 - 2020-05-28 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.emsisoft.com/ransomware-decryption-tools/
Frame ID: 920FC99DBDD901E066433B33EA28B07E
Requests: 22 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Log in
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Community Support
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: News & Updates
Search URL Search Domain Scan URL
Title: Enterprise Security
Search URL Search Domain Scan URL
Title: Protection Guides
Search URL Search Domain Scan URL
Title: Malware Lab
Search URL Search Domain Scan URL
Title: Commentaries
Search URL Search Domain Scan URL
Title: Latest Videos
Search URL Search Domain Scan URL
Title: ID Ransomware
Search URL Search Domain Scan URL
Title: BleepingComputer Ransomware Help forums
Search URL Search Domain Scan URL
Title: NoMoreRansom.org
Search URL Search Domain Scan URL
Title: Contact Coveware Incident Response Now
Search URL Search Domain Scan URL
Title: Support Forum
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1059316270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emsisoft.com%2Fransomware-decryption-tools%2F&ul=en-us&de=UTF-8&dt=Emsisoft%3A%20Free%20Ransomware%20Decryption%20Tools&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEAj~&jid=888025307&gjid=583027538&cid=1144685716.1574700061&tid=UA-226711-1&_gid=1814855122.1574700061&_r=1>m=2wgav9WK8DP7&cg1=other&cd4=1574700060580.79oug05p&cd1=1144685716.1574700061&z=1781428261 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_gid=1814855122.1574700061&gjid=583027538&_v=j79&z=1781428261 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-226711-1&cid=1144685716.1574700061&jid=888025307&_v=j79&z=1781428261&slf_rd=1&random=4148665278
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.emsisoft.com/ransomware-decryption-tools/ |
26 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.css
file.myfontastic.com/n6vo44Re5QaWo8oCKShBs7/ |
9 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.emsisoft.com/ransomware-decryption-tools/css/ |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
static.emsisoft.com/images/layout/ |
2 KB 881 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_decryptor_blue.svg
static.emsisoft.com/images/layout/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libs.js
www.emsisoft.com/ransomware-decryption-tools/js/ |
105 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
108 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
859 B 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 928 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SegoeUI.woff
static.emsisoft.com/fonts/ |
240 KB 238 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
322 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-image.png
www.emsisoft.com/ransomware-decryption-tools/assets/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
category-banner-bg.jpg
static.emsisoft.com/images/layout/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faq.jpg
static.emsisoft.com/images/layout/components/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINWebPro-CondBold.woff
static.emsisoft.com/fonts/ |
17 KB 17 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/ |
63 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.ttf
static.emsisoft.com/fonts/ |
4 KB 5 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflBhcOGP/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
58 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| setCookie string| valueSource string| valueMedium object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| google_optimize function| validateFile function| htmlDecode function| $ function| jQuery function| swal function| sweetAlert8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.emsisoft.com/ | Name: _gat_UA-226711-1 Value: 1 |
|
.emsisoft.com/ | Name: _gid Value: GA1.2.1814855122.1574700061 |
|
.emsisoft.com/ | Name: _ga Value: GA1.2.1144685716.1574700061 |
|
www.emsisoft.com/ | Name: first_touch_source Value: (direct) |
|
www.emsisoft.com/ | Name: laravel_session Value: eyJpdiI6ImhaXC9yUHZ5ZjVuTFwvcnNkZFpOS2daQT09IiwidmFsdWUiOiJWTXdmSXp6OFV0N0RnaUxISDBqeVR3cTQ0MEM2M09QYUpXM1ZRM2RhTGJNaUJHc1FlZ2tZTURnZDNuNFArb0RqbUZhWmxFMGRzd29sUjVaekZ5OXpGdz09IiwibWFjIjoiZGYzMzJhYzU2M2M2M2E5OTZjOGRlZTI3N2RmZTE1ODAwYzJiOGQxMjY1ODRlZDczMzg3MmM1MDYxZDYwMzBjYiJ9 |
|
www.emsisoft.com/ | Name: first_touch_medium Value: (none) |
|
www.emsisoft.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Ildoa3U3RkRSTmg5VnJBQWI1aHI1dVE9PSIsInZhbHVlIjoiM1pUazIwY3FuczBzaVZ6c2ZndGZra1NFQUNBODE0NnlqaDNGZU0yeWtGVWd0TmJCTnQ1eXNCMUZUckJ3WEF1WDZNSXVrQlMxY0J5U3ZpbCtYVFk3NHc9PSIsIm1hYyI6ImZjYTYwN2YzYWEzZDkzZGI2N2RiYTdlYTEzZmZmNjdlYzg5ZjEwODg4YTdmYjlmMDBiMjgyODYzNzljMjZmMjAifQ%3D%3D |
|
.emsisoft.com/ | Name: __cfduid Value: de5a45425e3e15b48eb9e0a3a3d36e62e1574700059 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
file.myfontastic.com
s.ytimg.com
static.emsisoft.com
stats.g.doubleclick.net
www.emsisoft.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.20.94.33
216.158.67.83
2606:4700::6811:4004
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9a
120ca06ac8ae1220517b15fac3b1c4052724be9a37ac15a95989ab553087165c
145ad561a3947e073c8b20cf87da9d8d099a76d6c64af46c2c62b8a79726686a
1ee956e60f5c0d621a90cabdada26b76742a42df8c1b0752bcf1983fabf94d98
20468f23efd590c59a9e0b0a7546d5ceb7d480ffcb500c7804f1714cd9b289dd
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
47fe73d90b030a1436ae7c5f02aed8590947736235de0a448f0748c578f80f98
521116d0b37c3a133c399d25a01d15341bbf2f45b842066a3c2776b5108e95b5
5287f40dc556263f2423d3f43ce5a3f479168a268cce542fd1903272a285fb34
7c10c36f3a313df426fadf98397730c2608571b33c6a46f143617de56e047bdd
872f6aefd52455a485b477e95040c32c11c6225e01bed6cee949f80a3784f48b
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a38673e2579f3e68a803094dded66791062970b8da251c2671ffc2d151f04cce
ae26cac8e1c15eabfd1c0446c4bf2d487fbcf4026400794e775dfb42b5c60604
ae6d20916a01c3e2ae826009996f92011b637ab6d62e1643dc91dae57ecb55d3
c867f8c2c28a8372957c87705ed512ce96406ae2dcdaf07371002860dc454f1d
ca4e351a403d62734861d639256194ba48a1b724196ab0af669f683536f2237f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7788c7a3b908e728d3a65a3a1d29ad2c23aa0ce8bcee03122d33c8b89f7bd68
fa01ca9b038471923699e969ba137b5c769df9b184c0067dc1afcd318b0ecd50