www.emsisoft.com Open in urlscan Pro
104.20.207.62  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.emsisoft.com/ransomware-decryption-tools/	33 KB 13 KB	570ms 532ms	Document text/html	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38f0f72a862c403925f131e79fcf144aa413490020ed71bb2345b5bc3a867209 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers :method GET :authority www.emsisoft.com :scheme https :path /ransomware-decryption-tools/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6IjdYOFhUSCtjRW13bDA0NU5HK01PVUE9PSIsInZhbHVlIjoiMFJCUHhwOVRtZjhRQTNHQW1RRm1XZTVWV3RIbndNaGJLNnI2NFNGVzVaM09qa0hRcHozQXU3U3V3Y05sd1NBMFFqUGJMYkcwVzQweGsxeDBtMGZKbDVvN0dyOVdGYUh0OTh2RmpYRURkSFF1WVM4ZlB2Tk9uK1hXR2hlcVNpNUQiLCJtYWMiOiIxMWIxZDg0ZjU4YWNlMzYyZGJkNTk5YTc5OWMzMmE1ODkzMGFjODdmNDkyOTdiODY1MDVlMjNmNGYyODUzYzE5In0%3D; expires=Sun, 15-Aug-2021 03:14:57 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IkxWejVyT0hGYWJNbVl6dlc3THBBanc9PSIsInZhbHVlIjoiK0F6UXJHaXR3MVllZGRrbEduWFM5cWdwRzZYUVZDbTRER0ZTVHcyUzNac1RkU1J4dmptcTRGeUFGa2VGQlU3NHhHMEk1dWVrK0xEY0xtT052OWRZNmgwQjNBbEp6ei82OVdwQzV5UGY4VWlHVUZZbWYwQkZjdTUwYSt4ZWRnR3ciLCJtYWMiOiI2MzEyM2Y4MzYxNjJiNTkzODMzNmNlYzUwZmZjYjhiNjBhNzI3MjdhNTQxN2JjMWIxYTg4NTcxY2ExYmFkN2YzIn0%3D; expires=Sun, 15-Aug-2021 03:14:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 server cloudflare cf-ray 67ee91a92b75cc36-ZRH content-encoding gzip
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/	26 KB 5 KB	15ms 15ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 695642 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 4839 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-6857" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DhC09hCu38i4z7uNeZTEB%2FlbmTID3wDS34oVAd2f1t4juBDx8BYdOO%2BChEYZ8OUJS0RhXvpIxK%2Bm2h%2Bv8%2FHYIctj2cFGELI0gwF%2B%2Bi5UGSz8WHWMwDcseAFkU7ICNvWT49eNvC31CwtLG%2FuXHI1FnTv"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 67ee91ac7ef03233-FRA expires Fri, 05 Aug 2022 01:14:57 GMT
GET H2	200	app.css www.emsisoft.com/ransomware-decryption-tools/css/	50 KB 9 KB	20ms 20ms	Stylesheet text/css	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdd4d9baca6e07675277d04fdde9b01c64d7007c01ab01363f81cffa58de019c Security Headers Name Value Strict-Transport-Security max-age=0 Request headers :path /ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f pragma no-cache cookie XSRF-TOKEN=eyJpdiI6IjdYOFhUSCtjRW13bDA0NU5HK01PVUE9PSIsInZhbHVlIjoiMFJCUHhwOVRtZjhRQTNHQW1RRm1XZTVWV3RIbndNaGJLNnI2NFNGVzVaM09qa0hRcHozQXU3U3V3Y05sd1NBMFFqUGJMYkcwVzQweGsxeDBtMGZKbDVvN0dyOVdGYUh0OTh2RmpYRURkSFF1WVM4ZlB2Tk9uK1hXR2hlcVNpNUQiLCJtYWMiOiIxMWIxZDg0ZjU4YWNlMzYyZGJkNTk5YTc5OWMzMmE1ODkzMGFjODdmNDkyOTdiODY1MDVlMjNmNGYyODUzYzE5In0%3D; laravel_session=eyJpdiI6IkxWejVyT0hGYWJNbVl6dlc3THBBanc9PSIsInZhbHVlIjoiK0F6UXJHaXR3MVllZGRrbEduWFM5cWdwRzZYUVZDbTRER0ZTVHcyUzNac1RkU1J4dmptcTRGeUFGa2VGQlU3NHhHMEk1dWVrK0xEY0xtT052OWRZNmgwQjNBbEp6ei82OVdwQzV5UGY4VWlHVUZZbWYwQkZjdTUwYSt4ZWRnR3ciLCJtYWMiOiI2MzEyM2Y4MzYxNjJiNTkzODMzNmNlYzUwZmZjYjhiNjBhNzI3MjdhNTQxN2JjMWIxYTg4NTcxY2ExYmFkN2YzIn0%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.emsisoft.com referer https://www.emsisoft.com/ransomware-decryption-tools/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.emsisoft.com/ransomware-decryption-tools/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding gzip cf-cache-status HIT age 379240 cf-polished origSize=50977 strict-transport-security max-age=0 pragma public last-modified Thu, 28 Jan 2021 23:46:31 GMT server cloudflare etag W/"60134cd7-c721" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cf-bgj minify cache-control max-age=315360000 public cf-ray 67ee91ac8ca6cc36-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.svg static.emsisoft.com/images/layout/	2 KB 881 B	35ms 23ms	Image image/svg+xml	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.emsisoft.com/images/layout/logo.svg Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20468f23efd590c59a9e0b0a7546d5ceb7d480ffcb500c7804f1714cd9b289dd Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 665033 strict-transport-security max-age=0 pragma public last-modified Sun, 01 Oct 2017 15:44:29 GMT server cloudflare etag W/"59d10d5d-6fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 600 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate cf-ray 67ee91ac9cadcc36-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	libs.js Show response www.emsisoft.com/ransomware-decryption-tools/js/	122 KB 40 KB	24ms 23ms	Script application/javascript	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06 Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c00efe536b11b6d1f356fdf63029541ec5020cb216384ffc99a41b36116c7f5 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers :path /ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06 pragma no-cache cookie XSRF-TOKEN=eyJpdiI6IjdYOFhUSCtjRW13bDA0NU5HK01PVUE9PSIsInZhbHVlIjoiMFJCUHhwOVRtZjhRQTNHQW1RRm1XZTVWV3RIbndNaGJLNnI2NFNGVzVaM09qa0hRcHozQXU3U3V3Y05sd1NBMFFqUGJMYkcwVzQweGsxeDBtMGZKbDVvN0dyOVdGYUh0OTh2RmpYRURkSFF1WVM4ZlB2Tk9uK1hXR2hlcVNpNUQiLCJtYWMiOiIxMWIxZDg0ZjU4YWNlMzYyZGJkNTk5YTc5OWMzMmE1ODkzMGFjODdmNDkyOTdiODY1MDVlMjNmNGYyODUzYzE5In0%3D; laravel_session=eyJpdiI6IkxWejVyT0hGYWJNbVl6dlc3THBBanc9PSIsInZhbHVlIjoiK0F6UXJHaXR3MVllZGRrbEduWFM5cWdwRzZYUVZDbTRER0ZTVHcyUzNac1RkU1J4dmptcTRGeUFGa2VGQlU3NHhHMEk1dWVrK0xEY0xtT052OWRZNmgwQjNBbEp6ei82OVdwQzV5UGY4VWlHVUZZbWYwQkZjdTUwYSt4ZWRnR3ciLCJtYWMiOiI2MzEyM2Y4MzYxNjJiNTkzODMzNmNlYzUwZmZjYjhiNjBhNzI3MjdhNTQxN2JjMWIxYTg4NTcxY2ExYmFkN2YzIn0%3D accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.emsisoft.com referer https://www.emsisoft.com/ransomware-decryption-tools/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.emsisoft.com/ransomware-decryption-tools/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding gzip cf-cache-status HIT age 6522948 cf-polished origSize=124841 strict-transport-security max-age=0 pragma public last-modified Thu, 28 Jan 2021 23:46:40 GMT server cloudflare etag W/"60134ce0-1e7a9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cf-bgj minify cache-control max-age=315360000 public cf-ray 67ee91ac8ca8cc36-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	161 KB 55 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WK8DP7 Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7cb3a3fe1021b4fcf62caa282bcee6750b9d3dfc6956a3f649b00622c11c13a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56077 x-xss-protection 0 last-modified Sun, 15 Aug 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 15 Aug 2021 01:14:57 GMT
GET H2	200	category-banner-bg.jpg static.emsisoft.com/images/layout/	33 KB 34 KB	18ms 18ms	Image image/jpeg	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.emsisoft.com/images/layout/category-banner-bg.jpg Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89cb7ca3b06169a7c0eaf406c6ef92c24562b3fa975f9f5f5e943d028bf78dbe Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT cf-cache-status HIT age 665003 cf-polished origSize=37285 access-control-max-age 600 strict-transport-security max-age=0 content-length 34293 pragma public last-modified Mon, 19 Mar 2018 10:40:43 GMT server cloudflare etag "5aaf93ab-91a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000, public, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 67ee91acbcb2cc36-ZRH cf-bgj imgq:100,h2pri
GET H2	200	SegoeUI.woff static.emsisoft.com/fonts/	240 KB 238 KB	51ms 19ms	Font application/font-woff	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.emsisoft.com/fonts/SegoeUI.woff Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Origin https://www.emsisoft.com Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 9477498 strict-transport-security max-age=0 pragma public last-modified Sat, 10 Aug 2019 09:49:57 GMT server cloudflare etag W/"5d4e9345-3c054" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 600 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate cf-ray 67ee91acedd123c7-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	faq.jpg static.emsisoft.com/images/layout/components/	69 KB 70 KB	18ms 18ms	Image image/jpeg	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.emsisoft.com/images/layout/components/faq.jpg Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25f6ba7e1938accb6853ede0234f02e9284b8dba5655bacc009e9dd244e20f06 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT cf-cache-status HIT age 9830784 cf-polished origSize=75980 access-control-max-age 600 strict-transport-security max-age=0 content-length 71055 pragma public last-modified Sat, 16 Sep 2017 15:34:08 GMT server cloudflare etag "59bd4470-128cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000, public, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 67ee91acecbbcc36-ZRH cf-bgj imgq:100,h2pri
GET H2	200	DINWebPro-CondBold.woff static.emsisoft.com/fonts/	17 KB 17 KB	47ms 40ms	Font application/font-woff	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.emsisoft.com/fonts/DINWebPro-CondBold.woff Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa01ca9b038471923699e969ba137b5c769df9b184c0067dc1afcd318b0ecd50 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Origin https://www.emsisoft.com Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 2531939 strict-transport-security max-age=0 pragma public last-modified Mon, 23 Jan 2017 09:54:31 GMT server cloudflare etag W/"5885d2d7-4330" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 600 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate cf-ray 67ee91acfdd223c7-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3-29	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/	63 KB 64 KB	30ms 27ms	Font application/octet-stream	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad9764e32f78e55225cbd63a0dcb0722f4ced8eb5dc35575cd4d08b999320d73 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://www.emsisoft.com Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2086510 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 64464 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-fbd0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhyxVEyvk6K%2BUx8hqoAAOfMrGSgJrlryao4%2FGCRaV8nkN2eJU41eIaIvDZ4lmZhtgGaw%2BuAHW3A9Nend8rtlG0vBmkPi87v3ldgKlWZvxSTyr98MbNv6lrW5XCqvW%2BMx0PTwWomwsMR88yeoqhH%2BbjG%2F"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 67ee91acff299716-FRA expires Fri, 05 Aug 2022 01:14:57 GMT
GET H2	200	icomoon.ttf static.emsisoft.com/fonts/	4 KB 4 KB	35ms 29ms	Font application/octet-stream	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.emsisoft.com/fonts/icomoon.ttf?ecqf0r= Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/css/app.css?id=b5627cc9459eaa06b09f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872f6aefd52455a485b477e95040c32c11c6225e01bed6cee949f80a3784f48b Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Origin https://www.emsisoft.com Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:57 GMT vary Accept-Encoding cf-cache-status HIT age 3943313 strict-transport-security max-age=0 content-length 4128 pragma public last-modified Mon, 14 Nov 2016 08:23:25 GMT server cloudflare etag "5829747d-1020" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 600 access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 67ee91acfdd323c7-ZRH expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	auth-state.html Show response my.emsisoft.com/ Frame E9F0	4 KB 2 KB	60ms 59ms	Document text/html	104.20.207.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.emsisoft.com/auth-state.html?lang=en Requested by Host: www.emsisoft.com URL: https://www.emsisoft.com/ransomware-decryption-tools/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.207.62 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 355e11a37e9485885132d665672ee207ceb8f057432f70ea4447585ca0552256 Security Headers Name Value Content-Security-Policy frame-ancestors https://*.emsisoft.com Strict-Transport-Security max-age=0 Request headers :method GET :authority my.emsisoft.com :scheme https :path /auth-state.html?lang=en pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.emsisoft.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.emsisoft.com/ Response headers date Sun, 15 Aug 2021 01:14:58 GMT content-type text/html cache-control no-store, no-cache, must-revalidate content-security-policy frame-ancestors https://*.emsisoft.com last-modified Fri, 13 Aug 2021 04:21:06 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 server cloudflare cf-ray 67ee91b0aec8cc36-ZRH content-encoding gzip
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK8DP7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 77 date Sun, 15 Aug 2021 01:13:41 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Sun, 15 Aug 2021 03:13:41 GMT
GET H3-29	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 882 B	7ms 7ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 00:31:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 2634 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Sun, 15 Aug 2021 01:31:04 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=534001887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emsisoft.com%2Fransomware-decryption-tools%2F&ul=en-us&de=UTF-8&dt=Emsisoft%3A%20Free%20Ransomware%20Decryption%20Tools&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=715768047&gjid=1231530744&cid=943651752.1628990098&tid=UA-226711-1&_gid=1212279933.1628990098&_r=1&gtm=2wg8b0WK8DP7&cg1=other&cd4=1628990098118.gtkdks8nn&cd1=943651752.1628990098&z=694754635 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 15 Aug 2021 01:14:58 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.emsisoft.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 89 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-226711-1&cid=943651752.1628990098&jid=715768047&gjid=1231530744&_gid=1212279933.1628990098&_u=aGBAAEAiAAAAAC~&z=1760786454 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 15 Aug 2021 01:14:58 GMT content-type text/plain access-control-allow-origin https://www.emsisoft.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 254 B	17ms 17ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-226711-1&cid=943651752.1628990098&jid=715768047&_u=aGBAAEAiAAAAAC~&z=966363440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 15 Aug 2021 01:14:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	18ms 17ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-226711-1&cid=943651752.1628990098&jid=715768047&_u=aGBAAEAiAAAAAC~&z=966363440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 15 Aug 2021 01:14:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	js Show response www.google-analytics.com/gtm/	96 KB 38 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-P7CT5ZH&t=gtm46&cid=943651752.1628990098 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e19e156f8d79d150d9aa128dac906a655187e932d8f0d4a088885348d8d512c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 01:14:58 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39157 x-xss-protection 0 last-modified Sun, 15 Aug 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 15 Aug 2021 01:14:58 GMT
GET H3-29	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK8DP7 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.emsisoft.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 5904 date Sat, 14 Aug 2021 23:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Sun, 15 Aug 2021 01:36:34 GMT

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| validateFile function| htmlDecode function| Parallax function| $ function| jQuery function| swal function| sweetAlert object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| setCookie string| valueSource string| valueMedium function| gtag object| gaplugins object| gaGlobal object| gaData object| google_optimize

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.emsisoft.com/	1970-01-19 20:29:50	Name: _gat_UA-226711-1 Value: 1
			.emsisoft.com/	1970-01-19 22:39:26	Name: _gcl_au Value: 1.1.673072678.1628990098
			.emsisoft.com/	1970-01-19 20:31:16	Name: _gid Value: GA1.2.1212279933.1628990098
			www.emsisoft.com/	1970-01-20 05:02:28	Name: first_touch_source Value: (direct)
			.emsisoft.com/	1970-01-20 14:01:02	Name: _ga Value: GA1.2.943651752.1628990098
			www.emsisoft.com/	1970-01-20 05:02:28	Name: first_touch_medium Value: (none)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06(Line 1) Message: jQuery.Deferred exception: Cannot read property 'getAttribute' of undefined TypeError: Cannot read property 'getAttribute' of undefined at Object.data (https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06:1:6185) at new e (https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06:1:8095) at HTMLDocument.<anonymous> (https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06:1:124794) at u (https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06:1:47424) at c (https://www.emsisoft.com/ransomware-decryption-tools/js/libs.js?id=4f44f4575864ff923b06:1:47737) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
my.emsisoft.com
static.emsisoft.com
stats.g.doubleclick.net
www.emsisoft.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.20.207.62
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c08::9d
20468f23efd590c59a9e0b0a7546d5ceb7d480ffcb500c7804f1714cd9b289dd
25f6ba7e1938accb6853ede0234f02e9284b8dba5655bacc009e9dd244e20f06
355e11a37e9485885132d665672ee207ceb8f057432f70ea4447585ca0552256
38f0f72a862c403925f131e79fcf144aa413490020ed71bb2345b5bc3a867209
7cb3a3fe1021b4fcf62caa282bcee6750b9d3dfc6956a3f649b00622c11c13a3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872f6aefd52455a485b477e95040c32c11c6225e01bed6cee949f80a3784f48b
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
89cb7ca3b06169a7c0eaf406c6ef92c24562b3fa975f9f5f5e943d028bf78dbe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9c00efe536b11b6d1f356fdf63029541ec5020cb216384ffc99a41b36116c7f5
ad9764e32f78e55225cbd63a0dcb0722f4ced8eb5dc35575cd4d08b999320d73
cdd4d9baca6e07675277d04fdde9b01c64d7007c01ab01363f81cffa58de019c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19e156f8d79d150d9aa128dac906a655187e932d8f0d4a088885348d8d512c9
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa01ca9b038471923699e969ba137b5c769df9b184c0067dc1afcd318b0ecd50