urlscan.io logo urlscan.io
SecurityTrails logo

www.zerto.com Open in urlscan Pro
45.60.80.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.readitquik.us/ctt?ms=MzQ4OTAyNAS2&kn=19&r=MjMzMDk2NzUyMDEzS0&b=0&j=MTI2MDEwNDE0NwS2&mt=1&rt=0
Effective URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Submission: On June 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 7 countries across 31 domains to perform 93 HTTP transactions. The main IP is 45.60.80.131, located in United States and belongs to INCAPSULA, US. The main domain is www.zerto.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 26th 2019. Valid for: 2 years.
This is the only time www.zerto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.142.0.45 16509 (AMAZON-02)
1 1 52.201.185.108 14618 (AMAZON-AES)
1 1 52.21.117.204 14618 (AMAZON-AES)
1 40 45.60.80.131 19551 (INCAPSULA)
1 151.101.192.114 54113 (FASTLY)
4 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.54.109.230 16625 (AKAMAI-AS)
3 34.237.111.169 14618 (AMAZON-AES)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 151.101.112.157 54113 (FASTLY)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 23.111.9.64 33438 (HIGHWINDS2)
2 2606:2800:233... 15133 (EDGECAST)
1 163.171.132.119 54994 (QUANTILNE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.48.230.192 16509 (AMAZON-02)
1 151.101.114.109 54113 (FASTLY)
3 184.51.8.93 16625 (AKAMAI-AS)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 34.196.216.149 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 206.19.49.24 7018 (ATT-INTER...)
1 192.28.144.124 15224 (OMNITURE)
4 2.20.250.104 16625 (AKAMAI-AS)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.195 13414 (TWITTER)
93 30
1    18.142.0.45 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-0-45.ap-southeast-1.compute.amazonaws.com
links.readitquik.us
1    52.201.185.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-185-108.compute-1.amazonaws.com
c360.revenu8.com
1    52.21.117.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-117-204.compute-1.amazonaws.com
p.ziffdavisb2b.com
40    45.60.80.131 (United States)

ASN19551 (INCAPSULA, US)
www.zerto.com
1    151.101.192.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
4    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    23.54.109.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-109-230.deploy.static.akamaitechnologies.com
munchkin.marketo.net
3    34.237.111.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-111-169.compute-1.amazonaws.com
zerto.evergage.com
5    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
scout-cdn.salesloft.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cookielaw.org
1    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)
trk.techtarget.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    52.48.230.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-230-192.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
extend.vimeocdn.com
3    184.51.8.93 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-93.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    34.196.216.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-216-149.compute-1.amazonaws.com
scout.salesloft.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)
apt.techtarget.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
743-hbr-773.mktoresp.com
4    2.20.250.104 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-250-104.deploy.static.akamaitechnologies.com
secure.livechatinc.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Domain Requested by
40 www.zerto.com 1 redirects www.zerto.com
6 www.facebook.com www.zerto.com
connect.facebook.net
5 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
www.zerto.com
4 secure.livechatinc.com cdn.livechatinc.com
4 connect.facebook.net www.zerto.com
connect.facebook.net
4 use.fontawesome.com www.zerto.com
use.fontawesome.com
www.google-analytics.com
3 cdn.livechatinc.com www.zerto.com
3 zerto.evergage.com cdn.evgnet.com
2 www.google.de www.zerto.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 scout.salesloft.com scout-cdn.salesloft.com
2 px.ads.linkedin.com 1 redirects www.zerto.com
2 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
2 bat.bing.com www.googletagmanager.com
www.zerto.com
2 munchkin.marketo.net www.zerto.com
munchkin.marketo.net
1 analytics.twitter.com static.ads-twitter.com
1 743-hbr-773.mktoresp.com munchkin.marketo.net
1 apt.techtarget.com www.zerto.com
1 t.co www.zerto.com
1 s.ytimg.com www.youtube.com
1 code.jquery.com cdn.cookielaw.org
1 www.linkedin.com 1 redirects
1 extend.vimeocdn.com www.googletagmanager.com
1 insight.adsrvr.org www.zerto.com
1 www.youtube.com www.googletagmanager.com
1 trk.techtarget.com www.zerto.com
1 scout-cdn.salesloft.com www.zerto.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com www.zerto.com
1 cdn.evgnet.com www.zerto.com
1 p.ziffdavisb2b.com 1 redirects
1 c360.revenu8.com 1 redirects
1 links.readitquik.us 1 redirects
93 35

This site contains links to these domains. Also see Links.

Domain
onetrust.com
www.nist.gov
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
zerto.com
Go Daddy Secure Certificate Authority - G2		 2019-09-26 -
2021-09-26		 2 years crt.sh
cdn.evergage.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-04-27		 2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.evergage.com
Amazon		 2020-03-05 -
2021-04-05		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-23 -
2021-03-23		 a year crt.sh
sni9451gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2021-05-12		 a year crt.sh
trk.techtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-17 -
2022-05-17		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-08 -
2021-04-17		 10 months crt.sh
*.livechatinc.com
DigiCert Secure Site ECC CA-1		 2020-03-12 -
2021-06-11		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
*.techtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-25 -
2021-10-24		 2 years crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-01-02 -
2020-12-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Frame ID: 959DCBE9BF2869F239C7CE8B1ABC098F
Requests: 103 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/g6656611_0/v2/open_chat.cgi?license=6656611&group=0&embedded=1&widget_version=3&unique_groups=1
Frame ID: 05B732B3EDD1CADC7C8BAF481AAC4F22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.readitquik.us/ctt?ms=MzQ4OTAyNAS2&kn=19&r=MjMzMDk2NzUyMDEzS0&b=0&j=MTI2MDEwNDE0NwS2&mt=1&rt=0 HTTP 302
    https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-1... HTTP 303
    https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-1... HTTP 302
    https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware?siteid=RIQSITE HTTP 301
    https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.livechatinc\.com\/.*tracking\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

93
Requests

100 %
HTTPS

43 %
IPv6

31
Domains

35
Subdomains

30
IPs

7
Countries

1436 kB
Transfer

4736 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.readitquik.us/ctt?ms=MzQ4OTAyNAS2&kn=19&r=MjMzMDk2NzUyMDEzS0&b=0&j=MTI2MDEwNDE0NwS2&mt=1&rt=0 HTTP 302
    https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-110620&esp=IBM%20Watson&exid=68&email_id=mpeters@unfi.com&redirect_url=https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware?siteid=RIQSITE HTTP 303
    https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-110620&esp=IBM%20Watson&exid=68&email_id=mpeters@unfi.com&redirect_url=https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware?siteid=RIQSITE HTTP 302
    https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware?siteid=RIQSITE HTTP 301
    https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D14745%26url%3Dhttps%253A%252F%252Fwww.zerto.com%252Fblog%252Fransomware%252Fhow-to-recover-from-ransomware%252F%253Fsiteid%253DRIQSITE%26time%3D1591891565948%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948&liSync=true
Request Chain 83
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&gjid=306479692&_gid=425401785.1591891566&_u=aHDAgEADQ~&z=1315774631 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631&slf_rd=1&random=2709113726
Request Chain 84
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1870004975&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&ul=en-us&de=UTF-8&dt=How%20to%20Recover%20from%20Ransomware%20%7C%20Zerto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Campaigns&ea=Test_impression&el=GA%20Tracking%20%7C%20Experience%201&_u=aHjAAEADQ~&jid=1048924757&gjid=1981724709&cid=26625283.1591891566&tid=UA-18496840-1&_gid=1519229447.1591891566&_r=1&z=1359521909 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_gid=1519229447.1591891566&gjid=1981724709&_v=j82&z=1359521909 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909&slf_rd=1&random=3375067126

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/
Redirect Chain
  • http://links.readitquik.us/ctt?ms=MzQ4OTAyNAS2&kn=19&r=MjMzMDk2NzUyMDEzS0&b=0&j=MTI2MDEwNDE0NwS2&mt=1&rt=0
  • https://c360.revenu8.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-110620&esp=IBM%20Watson&exid=68&email_id=mpeters@unfi.com&redirect_url=https://www.zerto.com/blog...
  • https://p.ziffdavisb2b.com/clicks?action=click&property=RIQ&channel=newsletter&campaign_id=RIQ-031SHL-110620&esp=IBM%20Watson&exid=68&email_id=mpeters@unfi.com&redirect_url=https://www.zerto.com/bl...
  • https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware?siteid=RIQSITE
  • https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
79 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
6955d8d512f2a93ae8fcf71a5e42f5e67ddfc6dbd15334fca6ffa2477d040c26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.zerto.com
:scheme
https
:path
/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
user_continent_code_v2=EU; user_country=France; z_origin_url=www.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%3Fsiteid%3DRIQSITE; visid_incap_1936700=AV6U6iQ+SU+snrrSMotLiWpW4l4AAAAAQUIPAAAAAAAcPfYptXpWtegq1ICrrNbo; incap_ses_392_1936700=3jMKXj7ZdwI2WNdN86lwBWtW4l4AAAAAC2TdGmw3N+8tc50Kz4tjiA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 11 Jun 2020 16:06:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
viewed_blog_posts=%5B39527%5D; expires=Tue, 06-Jan-1970 00:00:00 GMT; Max-Age=0; path=/; domain=www.zerto.com; secure; HttpOnly
link
<https://www.zerto.com/wp-json/>; rel="https://api.w.org/" <https://www.zerto.com/?p=39527>; rel=shortlink
strict-transport-security
max-age=31536000;
x-xss-protection
1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-encoding
gzip
x-cdn
Incapsula
x-iinfo
13-18690287-18690191 PNNN RT(1591891563715 0) q(0 0 0 -1) r(4 5) U12

Redirect headers

status
301
server
nginx
date
Thu, 11 Jun 2020 16:06:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
user_continent_code_v2=EU; expires=Mon, 10-Aug-2020 16:06:04 GMT; Max-Age=5184000; path=/; domain=.www.zerto.com; secure; HttpOnly user_country=France; expires=Mon, 10-Aug-2020 16:06:04 GMT; Max-Age=5184000; path=/; domain=.www.zerto.com; secure; HttpOnly z_origin_url=www.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%3Fsiteid%3DRIQSITE; expires=Fri, 11-Dec-2020 16:06:04 GMT; Max-Age=15811200; path=/; domain=.www.zerto.com; secure viewed_blog_posts=%5B39527%5D; expires=Tue, 06-Jan-1970 00:00:00 GMT; Max-Age=0; path=/; domain=www.zerto.com; secure; HttpOnly visid_incap_1936700=AV6U6iQ+SU+snrrSMotLiWpW4l4AAAAAQUIPAAAAAAAcPfYptXpWtegq1ICrrNbo; expires=Fri, 11 Jun 2021 14:39:02 GMT; HttpOnly; path=/; Domain=.zerto.com; Secure; SameSite=None incap_ses_392_1936700=3jMKXj7ZdwI2WNdN86lwBWtW4l4AAAAAC2TdGmw3N+8tc50Kz4tjiA==; path=/; Domain=.zerto.com; Secure; SameSite=None
expires
Thu, 11 Jun 2020 17:06:04 GMT
cache-control
max-age=3600
x-redirect-by
WordPress
location
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
strict-transport-security
max-age=31536000;
x-xss-protection
1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-cdn
Incapsula
x-iinfo
13-18690190-18690191 NNNN CT(81 162 0) RT(1591891562974 0) q(0 0 3 0) r(7 7) U11
jquery-3.3.1.min.js
www.zerto.com/wp-content/themes/zerto_com/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/jquery/jquery-3.3.1.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-15391"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690346-0 0CNN RT(1591891564315 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
30313
main.min.js
www.zerto.com/wp-content/themes/zerto_com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/main.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
375b016d99c0b2aa2d2a6f652f12f1c3d731e34e8ca3b08303d0624689b4d3a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 18:25:26 GMT
x-cdn
Incapsula
age
687297
etag
"5e67db96-1697"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690347-0 0CNN RT(1591891564316 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
2423
algoliasearch.min.js
www.zerto.com/wp-content/themes/zerto_com/third-party/algolia/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/third-party/algolia/algoliasearch.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fd5b2297eefb99b9fc104f646dfeca660410da7e1c654498ff93844a1dbc8f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687296
etag
"5e4598f2-10afc"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690348-0 0CNN RT(1591891564318 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
18520
style.css
www.zerto.com/wp-content/themes/zerto_com/css/ 		263 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
366c4d8b59212c111553bc3d194832a209c0875bff102e3854d60cd2c5816f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 19:22:22 GMT
x-cdn
Incapsula
age
687297
etag
W/"5e7a5dee-41ce5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
status
200
x-iinfo
13-18690345-0 0CNN RT(1591891564313 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
36143
lazyload.min.js
www.zerto.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-1883"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690397-0 0CNN RT(1591891564571 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
2356
evergage.min.js
cdn.evgnet.com/beacon/zerto/engage/scripts/ 		438 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/zerto/engage/scripts/evergage.min.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b8077a67da145f96005ad0156c2d9567aea714f1cff09c53ea5d2a31d0ccc24

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
i0bNqAS.Sxd3g6HaaCyoP81Aa3kacsNq
content-encoding
gzip
etag
"d8d23af5a6aef68fdb34594ec0048338"
age
118
x-cache
HIT, HIT
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
3A152364DF583AF5
x-amz-id-2
7kMx1g+RwQvgzmepIjBkFtc458qbQQYPEb9JH51EMJajBcY2zBf8kevbc/+enciWkJ4nxQEn9Vw=
x-served-by
cache-dca17731-DCA, cache-cdg20764-CDG
x-amz-meta-evergage-sum
99d7ee2c31f7bc29817786c55acfd58961e3497c
accept-ranges
bytes
last-modified
Mon, 08 Jun 2020 21:19:31 GMT
server
AmazonS3
x-timer
S1591891565.056231,VS0,VE79
date
Thu, 11 Jun 2020 16:06:05 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=120
content-length
126450
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
13
x-cache-hits
1, 1
mediaelementplayer-legacy.min.css
www.zerto.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
etag
W/"5e4598f2-2ca1"
vary
Accept-Encoding
content-type
text/css
status
200
x-iinfo
13-18690352-18681235 2NNN RT(1591891564332 0) q(0 0 0 -1) r(3 3) U18
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
wp-mediaelement.min.css
www.zerto.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.4.1
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
etag
W/"5e4598f2-105a"
vary
Accept-Encoding
content-type
text/css
status
200
x-iinfo
13-18690354-18689050 2NNN RT(1591891564334 0) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
popper.min.js
www.zerto.com/wp-content/themes/zerto_com/js/bootstrap/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/bootstrap/popper.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-4f71"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690355-0 0CNN RT(1591891564337 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
7239
jquery.waypoints.min.js
www.zerto.com/wp-content/themes/zerto_com/js/waypoints/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/waypoints/jquery.waypoints.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-2344"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690356-0 0CNN RT(1591891564340 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
2753
bootstrap.min.js
www.zerto.com/wp-content/themes/zerto_com/js/bootstrap/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/bootstrap/bootstrap.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-c75f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690357-0 0CNN RT(1591891564341 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
14085
3e8880b877.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/3e8880b877.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
532471b0e648fa56a9a23b51e6844f062ebe60f12e5f7d4ef2663aa15914e865

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 23:58:52 GMT
server
NetDNA-cache/2.2
x-amz-request-id
180B99692650B9B1
etag
W/"ca2b523289d799eac56c5d94f195c10f"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
axm8nxBiq28szeR4D7LNlXnaM62fG8hrM+zDB12M/9fSt5e/CtDmUwVslNg8FaS7RCuytGtL37w=
simpleLightbox.min.js
www.zerto.com/wp-content/themes/zerto_com/js/simple-lightbox/dist/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/simple-lightbox/dist/simpleLightbox.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d6dc97993d7e4803aeb35d0e9a24f0393eceb43de5f7ff0f0e437f1b05aea4e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-1a5d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690398-0 0CNN RT(1591891564573 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
2331
jquery.touchSwipe.min.js
www.zerto.com/wp-content/themes/zerto_com/js/touch-swipe/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/touch-swipe/jquery.touchSwipe.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-4fa0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690358-0 0CNN RT(1591891564342 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
5048
lazysizes.min.js
www.zerto.com/wp-content/themes/zerto_com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/lazysizes.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-1a5d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690399-0 0CNN RT(1591891564574 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
3153
autocomplete.min.js
www.zerto.com/wp-content/themes/zerto_com/third-party/algolia/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/third-party/algolia/autocomplete.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cecec3e8a7048b8b187393dd12d13ea11aa7a657e956ba0a5ff7e6889b33cac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-dd92"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690419-0 0CNN RT(1591891564635 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
17824
mediaelement-and-player.min.js
www.zerto.com/wp-includes/js/mediaelement/ 		157 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
etag
"5e4598f2-272c5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690359-18689028 2NYN RT(1591891564350 0) q(0 0 0 -1) r(2 2) U18
cache-control
max-age=31536000
accept-ranges
bytes, bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
mediaelement-migrate.min.js
www.zerto.com/wp-includes/js/mediaelement/ 		1 KB
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.4.1
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
etag
"5e4598f2-4a9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690363-18687633 2NYN RT(1591891564355 0) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=31536000
accept-ranges
bytes, bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
wp-mediaelement.min.js
www.zerto.com/wp-includes/js/mediaelement/ 		907 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.4.1
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Tue, 21 Apr 2020 01:22:11 GMT
server
nginx
etag
"5e9e4ac3-38b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690365-18678968 2NYN RT(1591891564364 0) q(0 0 0 -1) r(3 3) U18
cache-control
max-age=31536000
accept-ranges
bytes, bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
vimeo.min.js
www.zerto.com/wp-includes/js/mediaelement/renderers/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.13-9993131
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
05646c77d23cb095804c65c8815a7a13dda750a6b4e5d1b5b93e98f17f17cec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
etag
"5e4598f2-1870"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690366-18690367 2NYN RT(1591891564367 0) q(0 0 0 -1) r(0 1) U18
cache-control
max-age=31536000
accept-ranges
bytes, bytes
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
livechat.min.js
www.zerto.com/wp-content/themes/zerto_com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/livechat.min.js?ver=4.2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5417bace47bd861af298d63fceb4536da0faeaac75e427c9b9ebaa269cab6017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
618574
etag
"5e4598f2-a56"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
status
200
x-iinfo
13-18690420-0 0CNN RT(1591891564636 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
934
_Incapsula_Resource
www.zerto.com/ 		137 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1647160030
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
82ffc7702b5fa9e8b4e60228e3e25bfdb8d35bdfff40bea528d7fef9645d892c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19958
content-type
application/javascript
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
gtm.js
www.googletagmanager.com/ 		202 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5acfeb2df54ad14d9299b6a794f29335ba2b92f05a3083b0d4881fef683a3f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58005
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jun 2020 16:06:05 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
source-sans-pro-v11-latin-600.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-600.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
605801
etag
"5e4598f2-3da8"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690402-0 0CNN RT(1591891564587 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
15784
MaterialIcons-Regular.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/material-icons/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/material-icons/MaterialIcons-Regular.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
605801
etag
"5e4598f2-ad0c"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690404-0 0CNN RT(1591891564588 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
44300
source-sans-pro-v11-latin-700.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-700.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687296
etag
"5e4598f2-3c78"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690405-0 0CNN RT(1591891564589 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
15480
source-sans-pro-v11-latin-300.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-300.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1851a4758fa23827c8ef2d994b9bf4b8d0b3b54570f55cb5e5d5e7836a69b502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-3d94"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690406-0 0CNN RT(1591891564590 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
15764
source-sans-pro-v11-latin-regular.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687296
etag
"5e4598f2-3e24"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690415-0 0CNN RT(1591891564606 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
15908
source-sans-pro-v11-latin-italic.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-italic.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687296
etag
"5e4598f2-3a20"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690424-0 0CNN RT(1591891564671 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
14880
Blog_Ransomware_Gartner_1500x400.png.webp
www.zerto.com/wp-content/uploads/2020/05/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-content/uploads/2020/05/Blog_Ransomware_Gartner_1500x400.png.webp
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
81ff6d5b61bfd0bd4f7825f953d1e61962da3723f58aa3c87bae9e9c0c0a2fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 16:39:53 GMT
server
nginx
etag
"5eb97fd9-152b2"
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
x-iinfo
13-18690430-18690191 PNNN RT(1591891564696 0) q(0 0 0 -1) r(2 2) U18
x-xss-protection
1
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
86706
x-cdn
Incapsula
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18f670c55099b0297f8ddcd2643c875e7e110735c243132be3024987a570a1a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
IS-13882_Blog_HowToRecoverFromRansomware.png.webp
www.zerto.com/wp-content/uploads/2020/05/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-content/uploads/2020/05/IS-13882_Blog_HowToRecoverFromRansomware.png.webp
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d8abb2a0494a7265818b0e49d22208a87621567f9fc944a5fe16311891b00eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 16:42:01 GMT
server
nginx
etag
"5eb98059-45a8"
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
x-iinfo
13-18690433-18690434 NNNY CT(0 0 0) RT(1591891564704 0) q(0 0 0 -1) r(1 1) U18
x-xss-protection
1
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
17832
x-cdn
Incapsula
GijsbertJvD_Headshot.jpg.webp
www.zerto.com/wp-content/uploads/2020/04/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-content/uploads/2020/04/GijsbertJvD_Headshot.jpg.webp
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf597bfed3976fcbf1d89fdfa1dd79da6e8f7c0b01df0b9d0cf02551c6657b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Apr 2020 15:08:01 GMT
server
nginx
etag
"5e99c651-751a"
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
x-iinfo
13-18690435-18690436 NNNY CT(0 0 0) RT(1591891564704 0) q(0 0 0 -1) r(1 1) U18
x-xss-protection
1
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
29978
x-cdn
Incapsula
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
source-sans-pro-v11-latin-700italic.woff2
www.zerto.com/wp-content/themes/zerto_com/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/fonts/source-sans-pro-v11-latin-700italic.woff2
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b94e08c9b69058f64f5dfa72109abb0bc7fe5a7546bee87d092ffa5d97f60269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/wp-content/themes/zerto_com/css/style.css?ver=4.2
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
549735
etag
"5e4598f2-39d8"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/octet-stream
status
200
x-iinfo
13-18690445-0 0CNN RT(1591891564751 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
14808
How-to-Recovery-from-Ransomware-5-min-Demo-FINALv2.mp4
www.zerto.com/wp-content/uploads/2020/05/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/uploads/2020/05/How-to-Recovery-from-Ransomware-5-min-Demo-FINALv2.mp4?_=1
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
last-modified
Mon, 11 May 2020 15:41:24 GMT
server
nginx
status
206
etag
"5eb97224-10a511b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
video/mp4
Content-Range
bytes 0-17453338/17453339
x-iinfo
13-18690450-18690451 NNNY CT(0 0 0) RT(1591891564823 0) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=31536000
accept-ranges
bytes
Content-Length
17453339
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
simpleLightbox.min.css
www.zerto.com/wp-content/themes/zerto_com/js/simple-lightbox/dist/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/js/simple-lightbox/dist/simpleLightbox.min.css
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3512254c44de3da60d37964e07be6792fec821c402da6af843e98dfd3f18e1c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
W/"5e4598f2-14bb"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
status
200
x-iinfo
13-18690454-0 0CNN RT(1591891564826 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
1135
lightslider.min.css
www.zerto.com/wp-content/themes/zerto_com/third-party/light-slider/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/third-party/light-slider/css/lightslider.min.css
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f64c34c7206517e031701d5fa6ec49a7222145edd41bdf0694faa8c8da1bd118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
W/"5e4598f2-1574"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
status
200
x-iinfo
13-18690455-0 0CNN RT(1591891564834 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
1356
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.109.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-109-230.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 02:45:45 GMT
Server
Apache
ETag
"aa520b8aca3502dbdbf62462e6f4be67:1585881945"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
751
twreceiver
zerto.evergage.com/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zerto.evergage.com/twreceiver?_r=236686&_ak=zerto&_ds=engage&.anonId=3156d06c64e3bc82&_anon=true&action=Blog&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&title=How+to+Recover+from+Ransomware+%7C+Zerto&.itemAction=View+Item&.item=%7B%22type%22%3A%22b%22%2C%22_id%22%3A%22POSTID-39527%22%2C%22name%22%3A%22How+to+Recover+from+Ransomware%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%22%2C%22imageUrl%22%3A%22https%3A%2F%2Fwww.zerto.com%2Fwp-content%2Fuploads%2F2020%2F01%2FIS-13793_Ransomware_Gartner_1600x700_hpbg.png%22%2C%22description%22%3A%22Ransomware+cyberattacks+are+everywhere+in+the+news%3A+In+Taiwan%2C+major+gas+stations+were+unable+to+process+payments.+Increasingly+targeted+during+the+current+pandemic%2C+hospitals+and+medical+facilitie...%22%2C%22published%22%3A%222020-05-11T15%3A46%3A31%2B00%3A00%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22RANSOMWARE%22%7D%5D%2C%22tags%22%3A%5B%7B%22type%22%3A%22t%22%2C%22tagType%22%3A%22Image%22%2C%22_id%22%3Atrue%7D%5D%7D&.pt=26&.bt=217&.btdns=2&.pv=&.bv=13
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/zerto/engage/scripts/evergage.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.111.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-111-169.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
5697fc746b6b416653c4e3b1bf569acb5cc0325f04835bb29a573376c1ee7d13

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:06 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.zerto.com
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
3225
3e8880b877.css
use.fontawesome.com/ 		1 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/3e8880b877.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/3e8880b877.js?ver=4.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
835efedb8a9dc07e1a88cd16fa295e86a67e453e1d592e01171ab3127f1ace24

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2016 23:58:52 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9BE962E5AE81C9F9
etag
W/"86719797e48632ff89c75eafab6efa3d"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
17CZK6gcp329BKs8W9Dl4Ulu8YiE2QwpWXRUMDjFPpMZ9NBrr/eOu0rWyL9e8c3hATZsves3Kd4=
_Incapsula_Resource
www.zerto.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/_Incapsula_Resource?SWKMTFSR=1&e=0.47106842045590724
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5187
date
Thu, 11 Jun 2020 14:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 16:39:38 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=48793
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
age
66867
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4064-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1591891566.798874,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref
Ref A: C34C6E9AD0D846ACA251A9FFF06F66CB Ref B: FRAEDGE1210 Ref C: 2020-06-11T16:06:05Z
status
200
etag
"804946b8613fd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7791
fbevents.js
connect.facebook.net/en_US/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
WqwJFceSBB5KwpyXqOTU8WP8Fjo5UtUSrt9ls1V/akgpveJUWFXRWuzcH/DxKfLJ2gC2GFajq7dsNDsak17rfA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 16:06:05 GMT, Thu, 11 Jun 2020 16:06:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 18:38:20 GMT
server
NetDNA-cache/2.2
x-amz-request-id
D08D3BAC42C04074
etag
W/"f39a9ee69f7c11a788f004f2b71ace38"
x-cache
HIT
content-type
application/javascript
status
200
x-amz-id-2
pymoP4ajGxwUkEVe+W41yBxMsX8pIosSR8syQ5OdiMjNW/n2FYldZ1UvGTFiAh8tlwnXHi/Exqc=
30fda618-2156-45f9-92a9-637e979fbb47.js
cdn.cookielaw.org/consent/ 		93 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/30fda618-2156-45f9-92a9-637e979fbb47.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC2) /
Resource Hash
763634dc9dc761c1a5daf6a415e57fd7f65d15e53c5cc6c2d1fe8407452e0a71

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
content-md5
OYq8FwwjQevGN53mA2OCvw==
age
5826
x-cache
HIT
status
200
content-length
16961
x-ms-lease-status
unlocked
last-modified
Wed, 25 Sep 2019 19:02:11 GMT
server
ECAcc (frc/8FC2)
etag
0x8D741EADEC36F59
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
327ef89e-601e-004d-34fc-3f1e04000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Thu, 11 Jun 2020 20:06:05 GMT
tracking.js
trk.techtarget.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jun 2019 20:11:17 GMT
Server
PWS/8.3.1.0.8
Age
529
X-Ws-Request-Id
5ee2566d_PSdgflkfFRA2sg7_1486-64888
Content-Type
text/javascript
Via
1.1 VMmgasbIAD1am50:2 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2gb73:3 (W)
Cache-Control
max-age=600
X-Px
ht PSdgflkfFRA2gb73FRA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1711
Expires
Thu, 11 Jun 2020 16:07:16 GMT
iframe_api
www.youtube.com/ 		859 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
99e284e9078aab7f8a549004e37526b6c2bac29724234ea1430865cbdd63f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=3td7qc5&ct=0:rhe10e5&fmt=3
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.230.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-230-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Thu, 11 Jun 2020 16:06:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
7500545.js
extend.vimeocdn.com/ga/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extend.vimeocdn.com/ga/7500545.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9FMFS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
age
10768295
x-cache
HIT
status
200
x-cache-hits
476817
content-length
5672
x-served-by
cache-hhn4072-HHN
x-vimeo-dc
ge
last-modified
Wed, 05 Feb 2020 15:32:49 GMT
server
Apache
x-timer
S1591891566.919977,VS0,VE0
etag
"43cc-59dd5de6f8a40"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Feb 2030 00:54:32 GMT
mejs-controls.svg
www.zerto.com/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-includes/js/mediaelement/mejs-controls.svg
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.zerto.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5e4598f2-11f6"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
x-iinfo
13-18690488-18690191 PNNN RT(1591891565188 0) q(0 0 0 -1) r(1 1) U18
x-xss-protection
1
strict-transport-security
max-age=31536000;
x-cdn
Incapsula
tracking.js
cdn.livechatinc.com/ 		216 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/wp-content/themes/zerto_com/js/livechat.min.js?ver=4.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.51.8.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-93.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
628bb4d4d48b28095ae842603180c3a6fa55764e088739acf30ae64b8812f2da

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
x8ofoc0p_8R3eUPIpbuvMei5Qj02kCr8
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 11:47:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53
Date
Thu, 11 Jun 2020 16:06:05 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Content-Length
60138
X-Amz-Cf-Id
SNZ3JNMY4_6u3OTkWTDDJZOugHM6JvuHRE5h2vkNrkL4rmzn2CqSIg==
Expires
Fri, 12 Jun 2020 00:06:05 GMT
zerto-main-logo.png
www.zerto.com/wp-content/themes/zerto_com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/zerto-main-logo.png
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
12128b96dbcd4b4b6d786c3326b8466957a53b968eca59fbe85635a2c932b11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
687297
etag
"5e4598f2-fdb"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
status
200
x-iinfo
13-18690489-0 0CNN RT(1591891565191 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
4059
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
How-to-Recovery-from-Ransomware-5-min-Demo-FINALv2.mp4
www.zerto.com/wp-content/uploads/2020/05/ 		240 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.zerto.com/wp-content/uploads/2020/05/How-to-Recovery-from-Ransomware-5-min-Demo-FINALv2.mp4?_=1
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
last-modified
Mon, 11 May 2020 15:41:24 GMT
server
nginx
status
206
etag
"5eb97224-10a511b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
video/mp4
Content-Range
bytes 0-17453338/17453339
x-iinfo
13-18690493-18690436 PNNy RT(1591891565223 0) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=31536000
accept-ranges
bytes
Content-Length
17453339
x-cdn
Incapsula
expires
Fri, 11 Jun 2021 16:06:05 GMT
munchkin.js
munchkin.marketo.net/158/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/158/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.109.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-109-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jan 2020 03:01:21 GMT
Server
AkamaiNetStorage
ETag
"67df7eb9e9e68638308f14367dddec10:1580180481"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4686
Expires
Sat, 19 Sep 2020 16:06:05 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D14745%26url%3Dhttps%253A%252F%252Fwww.zerto.com%252Fblog%252Fransomware%252Fhow-t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948&liSync=true
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948&liSync=true
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
lVzUDfKIFxaAvHJ5xCoAAA==

Redirect headers

strict-transport-security
max-age=2592000
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
ql5qBfKIFxbw7is/ZCsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: C016825B4F4945188F0051C62F9D67BD Ref B: FRAEDGE1306 Ref C: 2020-06-11T16:06:06Z
date
Thu, 11 Jun 2020 16:06:06 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14745&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&time=1591891565948&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://use.fontawesome.com/3e8880b877.css
Origin
https://www.zerto.com

Response headers

date
Thu, 11 Jun 2020 16:06:05 GMT
last-modified
Mon, 17 Jul 2017 16:24:59 GMT
server
NetDNA-cache/2.2
status
200
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
77160
js
www.google-analytics.com/gtm/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MTMH48C&t=gtm1&cid=26625283.1591891566
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce8b571c52bd12189f267e06c760ffaec91aeb76591c8db4d02c5be8b752c6c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28093
x-xss-protection
0
expires
Thu, 11 Jun 2020 16:06:06 GMT
0
bat.bing.com/action/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5104449&Ver=2&mid=4334326d-2341-6172-1d33-5d5adb433431&sid=de32e5a9-1ccb-e0a9-5371-8c299dc1f0dd&vid=462a8dfc-04df-2a67-5ee5-5575ffbb183a-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20to%20Recover%20from%20Ransomware%20%7C%20Zerto&p=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&r=&lt=3244&evt=pageLoad&msclkid=N&sv=1&rn=749509
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 11 Jun 2020 16:06:06 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: A3238FD9D7F248ED908B0D167BDEB0D7 Ref B: FRAEDGE1210 Ref C: 2020-06-11T16:06:06Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
743446279091909
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/743446279091909?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ae863f7da699fa79005af109fc0c1f85ea529e8daba0824728d49f1f8734be6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131700
x-xss-protection
0
pragma
public
x-fb-debug
HXpajXePajm3H0pCLxlp8HTQu6e4mDq4fFkgAQ2xyNDSjknHJ2WdXHffoHZoo7qpBo2VrcBDF/6xnnbMssd9UA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 16:06:06 GMT, Thu, 11 Jun 2020 16:06:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
r
scout.salesloft.com/ 		41 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDY5MX0.xpqIj1UhWU6K3gtMAG69JTZTiGRdBhMVjjjMEjLeLCk
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-216-149.compute-1.amazonaws.com
Software
/
Resource Hash
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
status
200
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zerto.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
a3e6f8c641914bd00078c9dcee150000
optanon.css
cdn.cookielaw.org/skins/5.5.0/default_flat_bottom_two_button_white/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.5.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/30fda618-2156-45f9-92a9-637e979fbb47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F13) /
Resource Hash
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Jun 2020 16:06:06 GMT
content-encoding
gzip
content-md5
Q8pyBJFyxJ3WYpHLdidjRQ==
age
3605
x-cache
HIT
status
200
content-length
5561
x-ms-lease-status
unlocked
last-modified
Thu, 19 Sep 2019 20:24:09 GMT
server
ECAcc (frc/8F13)
etag
0x8D73D3F541AAF43
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
dfa8cec4-e01e-013e-6101-402892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Thu, 11 Jun 2020 20:06:06 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/30fda618-2156-45f9-92a9-637e979fbb47.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Origin
https://www.zerto.com

Response headers

Date
Thu, 11 Jun 2020 16:06:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1591891566.dop101.fr8.shc,1591891566.dop101.fr8.t,1591891566.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl_t-EQa/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl_t-EQa/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f925b6e79c9db6aef97728f7c4799d0a6b2de63f02b85f5f6623bb7fcb9e3c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 08:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114057
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25703
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 00:29:02 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 18 Jun 2020 08:25:09 GMT
adsct
t.co/i/ 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw7hv&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Thu, 11 Jun 2020 16:06:06 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
29e291fd440f87f8fd243e57da7982ad
x-transaction
00aad86d0089a431
expires
Tue, 31 Mar 1981 05:00:00 GMT
activity.gif
apt.techtarget.com/activity/ 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=1284840&version=2.0&ref=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&r=1591891566163
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:06 GMT
Last-Modified
Tue, 26 Mar 2019 18:30:29 GMT
ETag
"2b-5850384029cff"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
43
visitWebPage
743-hbr-773.mktoresp.com/webevents/ 		2 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://743-hbr-773.mktoresp.com/webevents/visitWebPage?_mchNc=1591891566182&_mchCn=&_mchId=743-HBR-773&_mchTk=_mch-zerto.com-1591891566181-48242&_mchHo=www.zerto.com&_mchPo=&_mchRu=%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F&_mchPc=https%3A&_mchVr=158&_mchEcid=&_mchHa=&_mchRe=&_mchQp=siteid%3DRIQSITE
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/158/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 Jun 2020 16:06:06 GMT
Content-Encoding
gzip
Server
akka-http/10.1.11
Transfer-Encoding
chunked
X-Request-Id
5e1bacfc-ca70-4cbf-87de-937c000c88bf
Content-Type
text/plain; charset=UTF-8
get_dynamic_config.js
secure.livechatinc.com/licence/6656611/v2/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/6656611/v2/get_dynamic_config.js?t=1591891566218&referrer=&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&params=page%3Dhttps%253A%252F%252Fwww.zerto.com%252Fblog%252Fransomware%252Fhow-to-recover-from-ransomware%252F%253Fsiteid%253DRIQSITE&channel_type=code&jsonp=__lc_data_610844
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.250.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-250-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bcd5dd025ef07d9f3cb33adfdb55f732a233d619e25251c643fb88fb9347012f

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 16:06:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Expose-Headers
X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control
max-age=0, no-cache, no-store
X-RateLimit-Reset
1591891571
X-RateLimit-Remaining
4999
Connection
keep-alive
Content-Length
551
Expires
Thu, 11 Jun 2020 16:06:06 GMT
msreceiver
zerto.evergage.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zerto.evergage.com/msreceiver?_r=807556&_ak=zerto&_ds=engage&.anonId=3156d06c64e3bc82&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22LmBA0%22%2C%22stat%22%3A%22i%22%7D%2C%7B%22type%22%3A%22m%22%2C%22id%22%3A%221kVAg%22%2C%22stat%22%3A%22i%22%2C%22eid%22%3A%22LmBA0%22%7D%5D%5D&.bv=13
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/zerto/engage/scripts/evergage.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.111.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-111-169.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.zerto.com
Date
Thu, 11 Jun 2020 16:06:06 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Timing-Allow-Origin
*
collect
www.google-analytics.com/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1870004975&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&ul=en-us&de=UTF-8&dt=How%20to%20Recover%20from%20Ransomware%20%7C%20Zerto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEADQ~&jid=260961266&gjid=306479692&cid=26625283.1591891566&tid=UA-18496840-1&_gid=425401785.1591891566&gtm=2wg640P9FMFS&z=909671021
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 09:01:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25473
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&gjid=306479692&_gid=425401785.1591891566&_u=aHDAgEADQ~&z=1315774631
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631&slf_rd=1&random=2709113726
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631&slf_rd=1&random=2709113726
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 16:06:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 16:06:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=260961266&_v=j82&z=1315774631&slf_rd=1&random=2709113726
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1870004975&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&ul=en-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_gid=1519229447.1591891566&gjid=1981724709&_v=j82&z=1359521909
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909&slf_rd=1&random=3375067126
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909&slf_rd=1&random=3375067126
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 16:06:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 16:06:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18496840-1&cid=26625283.1591891566&jid=1048924757&_v=j82&z=1359521909&slf_rd=1&random=3375067126
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1870004975&t=event&ni=true&_s=2&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&ul=en-us&de=UTF-8&dt=How%20to%20Recover%20from%20Ransomware%20%7C%20Zerto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Evergage&ea=setB2BData&_u=aHjAAEADQ~&jid=&gjid=&cid=26625283.1591891566&tid=UA-18496840-1&_gid=1519229447.1591891566&z=1460366239
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 09:01:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25473
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
scout.salesloft.com/ 		48 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.216.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-216-149.compute-1.amazonaws.com
Software
/
Resource Hash
b03f8dc9617358d90b376017cf2f0a51d91288298c637b8d0abad089125e2d8d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
status
200
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zerto.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
3b3e021a31837f7acea882cbecf1f3a3
1732489520098165
connect.facebook.net/signals/config/ 		516 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1732489520098165?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
41c98625aadde7c3f38141b7ef804bd57612ef12d9a13d8abf5d5085afe05d89
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131673
x-xss-protection
0
pragma
public
x-fb-debug
2wXjOoJj7L7j28LS5CTSzGzMOB4RzjFLcPXziNU//PN/B//QUjqqNb+G87acY5b/bzCNQrFvWg4+DhU0d82CFQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 16:06:06 GMT, Thu, 11 Jun 2020 16:06:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=743446279091909&ev=PageView&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&rl=&if=false&ts=1591891566460&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591891566459.1300985651&it=1591891566064&coo=false&rqm=GET
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT, Thu, 11 Jun 2020 16:06:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 16:06:06 GMT
488763638293255
connect.facebook.net/signals/config/ 		516 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/488763638293255?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f30a683e8c0db56e5d78137239a1718b347c4b04ba2d9281dd4f95fac05cce1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
/Ejotg+cKfxhcSIBvADdILnUImIu+DCMrztDFoH++NNv2XLrfwedCltewrEaIH8bQSkJaxn4NCpRc/uoCD8QsQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 11 Jun 2020 16:06:06 GMT, Thu, 11 Jun 2020 16:06:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1732489520098165&ev=PageView&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&rl=&if=false&ts=1591891566558&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1591891566459.1300985651&it=1591891566064&coo=false&rqm=GET
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT, Thu, 11 Jun 2020 16:06:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 16:06:06 GMT
get_dynamic_config.js
secure.livechatinc.com/licence/g6656611_0/v2/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/g6656611_0/v2/get_dynamic_config.js?t=1591891566752&referrer=&url=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&params=page%3Dhttps%253A%252F%252Fwww.zerto.com%252Fblog%252Fransomware%252Fhow-to-recover-from-ransomware%252F%253Fsiteid%253DRIQSITE&channel_type=code&jsonp=__lc_data_159913&groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.250.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-250-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
185bda1f109eede8af6b2d45e1af13d43b481e2f642cb15fb1dfcbaae5dbcaea

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 16:06:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Expose-Headers
X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control
max-age=0, no-cache, no-store
X-RateLimit-Reset
1591891571
X-RateLimit-Remaining
4998
Connection
keep-alive
Content-Length
551
Expires
Thu, 11 Jun 2020 16:06:06 GMT
get_static_config.0.1884.5.5.1724.61.171.125.6.10.25.7.7.js
secure.livechatinc.com/licence/g6656611_0/v2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/g6656611_0/v2/get_static_config.0.1884.5.5.1724.61.171.125.6.10.25.7.7.js?&jsonp=__lc_data_static_config&groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.250.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-250-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ad5573cfa3b702ec3bd336f52310f594e1845c39704c58a412c6c65050c76c1

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 16:06:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://api.chat.io
Access-Control-Expose-Headers
location
Cache-Control
public, max-age=125
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept
Content-Length
1969
Expires
Thu, 11 Jun 2020 16:08:12 GMT
/
www.facebook.com/tr/ 		0
105 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMAJwc5aMBXTE3TyT

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 11 Jun 2020 16:06:07 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.zerto.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryrth6RLXZY4vQ4Dyp

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 11 Jun 2020 16:06:07 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.zerto.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ 		44 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=488763638293255&ev=PageView&dl=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE&rl=&if=false&ts=1591891567473&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1591891566459.1300985651&it=1591891566064&coo=false&rqm=GET
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:07 GMT, Thu, 11 Jun 2020 16:06:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 16:06:07 GMT
open_chat.cgi
secure.livechatinc.com/licence/g6656611_0/v2/ Frame 05B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/g6656611_0/v2/open_chat.cgi?license=6656611&group=0&embedded=1&widget_version=3&unique_groups=1
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.250.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-250-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
secure.livechatinc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__livechat=lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1591891566%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1591891566.a3b6e77034%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE

Response headers

Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Content-Encoding
gzip
Expires
Thu, 11 Jun 2020 16:06:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 11 Jun 2020 16:06:07 GMT
Content-Length
1513
Connection
keep-alive
chat_with_us_red.png
www.zerto.com/wp-content/themes/zerto_com/images/ 		919 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zerto.com/wp-content/themes/zerto_com/images/chat_with_us_red.png
Requested by
Host: www.zerto.com
URL: https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.80.131 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c9af62b06b2e5a05b21f482fc3b1b3757ae1450565114e5b9305e7ea9102b017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:06 GMT
last-modified
Thu, 13 Feb 2020 18:44:02 GMT
x-cdn
Incapsula
age
458714
etag
"5e4598f2-397"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
status
200
x-iinfo
13-18690757-0 0CNN RT(1591891566908 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=31536000, public
content-length
919
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryOfnOvBGmhHt7stm3

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 11 Jun 2020 16:06:07 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.zerto.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
adsct
analytics.twitter.com/i/ 		31 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw7hv&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.zerto.com%2Fblog%2Fransomware%2Fhow-to-recover-from-ransomware%2F%3Fsiteid%3DRIQSITE
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 16:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
115
pragma
no-cache
last-modified
Thu, 11 Jun 2020 16:06:08 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
017bba3c238136bc132d3f01dfa0c067
x-transaction
00fd7855004976e9
expires
Tue, 31 Mar 1981 05:00:00 GMT
pr
zerto.evergage.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zerto.evergage.com/pr?_r=211879&_ak=zerto&_ds=engage&.anonId=05eed1cd73c0655d&_anon=true&.item=%7B%22_id%22%3A%22POSTID-39527%22%2C%22type%22%3A%22b%22%7D&action=Blog&.top=3560&.dt=3244&.lt=5871&.tt=516&.ttdns=11
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/zerto/engage/scripts/evergage.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.111.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-111-169.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.zerto.com
Date
Thu, 11 Jun 2020 16:06:08 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Timing-Allow-Origin
*
new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 		11 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.51.8.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-93.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Fd28HDfEGNIiQLnbsXY26uGu4aBLIZqj
Last-Modified
Mon, 23 Mar 2020 13:21:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"a37211a6cfcda45352d5abcff1e446bb"
Content-Type
application/octet-stream
Content-Range
bytes 0-11403/11404
Cache-Control
max-age=31536000
Date
Thu, 11 Jun 2020 16:06:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
11404
X-Amz-Cf-Id
EVfdsfcrmJwFqsNdm-AF9yPo8EOJNv7Zy0REBiTJOhNrs3QcKCIHiw==
Expires
Fri, 11 Jun 2021 16:06:10 GMT
/
cdn.livechatinc.com/cloud/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2F6656611%2F0%2Fec%2F704630e2a7a69d4e2a1c0624f357446a.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.51.8.93 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-93.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
31f431f97148eacf678d2599aa4e2b6609ac6c0683b101b8037b8fde4134f842

Request headers

Referer
https://www.zerto.com/blog/ransomware/how-to-recover-from-ransomware/?siteid=RIQSITE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
xmgQAWUMXCLI5C.R5jO.h4ty.f49Dg5L
Last-Modified
Wed, 27 Jul 2016 14:40:46 GMT
Server
AmazonS3
x-amz-request-id
424A905F085ACA40
ETag
"e0e6ff91b95fd6dc279e32665c5f0ac2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=52758257
Date
Thu, 11 Jun 2020 16:06:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5311
x-amz-id-2
tP7HUI77ST6Qab1Gn85Oje9ytTBRPetXRKMGorJdl4p7EnTWRS6QQsPUtrCa6EjmOexhdFBTqjw=
Expires
Sat, 12 Feb 2022 07:10:27 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| w3tc_lazyload object| lazyLoadOptions object| evergageLog function| ajq object| _aaq object| _aaqi object| Evergage function| evergageBeforeSiteConfigExecution object| evergageSiteConfig string| evergageSiteWideStyles number| evergageBeaconParseTimeStart object| evergageJSON function| $ function| jQuery object| jQuery18008414627948261386 number| evergageReshowPersonalizedSectionsTimeout object| Apptegic object| ApptegicTwoWay number| evergageBeaconParseTimeEnd object| Arrive function| check_webp_feature function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList object| dataLayer string| share_title function| share function| cb function| raf function| Cookies object| wp function| Popper function| Waypoint object| bootstrap function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch object| main_vars object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| google_tag_manager function| postscribe object| lc_vars object| FontAwesomeCdnConfig string| cssUrl function| SimpleLightbox object| lazySizesConfig object| lazySizes function| autocomplete object| site_settings object| monthNames function| _defineProperty function| scrollToY function| requestAnimFrame object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| twq object| uetq function| fbq function| _fbq function| setCookie function| getParam object| gclid undefined| gclsrc string| SLScoutObject function| slscout object| techtargetic function| onYouTubeIframeAPIReady number| loaded object| __lc object| LC_API string| waypointContextKey number| _zid function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| twttr function| UET undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| YT object| YTConfig function| onYTReady object| MunchkinTracker number| __lc_inited object| AutoInvitation object| PersonalInvitation object| __lc_script_version function| __lc_data_610844 function| __lc_data_159913 function| __lc_data_static_config object| Vimeo function| __vimeoRefresh object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google_optimize function| arrive function| unbindArrive function| leave function| unbindLeave

2 Cookies

Domain/Path Name / Value
.www.zerto.com/ Name: OptanonConsent
Value: groups=0_43805%3A1%2C1%3A1%2C105%3A1%2C2%3A1%2C107%3A1%2C3%3A1%2C4%3A1%2C123%3A1%2C0_43828%3A1%2C0_43799%3A1%2C0_43813%3A1%2C0_43817%3A1%2C0_43815%3A1%2C0_43827%3A1%2C0_43800%3A1%2C0_43812%3A1%2C0_43816%3A1%2C0_43814%3A1%2C101%3A1%2C102%3A1%2C103%3A1%2C104%3A1%2C106%3A1%2C108%3A1%2C109%3A1%2C110%3A1%2C111%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C124%3A1%2C125%3A1%2C126%3A1&datestamp=Thu+Jun+11+2020+18%3A06%3A08+GMT%2B0200+(Central+European+Summer+Time)&version=5.5.0
.zerto.com/ Name: _fbp
Value: fb.1.1591891567976.415511552

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.zerto.com/wp-content/themes/zerto_com/js/livechat.min.js?ver=4.2(Line 1)
Message:
window.LC_API.on_before_load
console-api log URL: https://www.zerto.com/wp-content/themes/zerto_com/js/livechat.min.js?ver=4.2(Line 1)
Message:
false false
console-api log URL: https://www.zerto.com/wp-content/themes/zerto_com/js/livechat.min.js?ver=4.2(Line 1)
Message:
Chat state changed to: online_for_chat

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

743-hbr-773.mktoresp.com
analytics.twitter.com
apt.techtarget.com
bat.bing.com
c360.revenu8.com
cdn.cookielaw.org
cdn.evgnet.com
cdn.livechatinc.com
code.jquery.com
connect.facebook.net
extend.vimeocdn.com
insight.adsrvr.org
links.readitquik.us
munchkin.marketo.net
p.ziffdavisb2b.com
px.ads.linkedin.com
s.ytimg.com
scout-cdn.salesloft.com
scout.salesloft.com
secure.livechatinc.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trk.techtarget.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.youtube.com
www.zerto.com
zerto.evergage.com
104.244.42.195
104.244.42.5
151.101.112.157
151.101.114.109
151.101.192.114
163.171.132.119
18.142.0.45
184.51.8.93
192.28.144.124
2.20.250.104
2001:4de0:ac19::1:b:3a
206.19.49.24
23.111.9.35
23.111.9.64
23.54.109.230
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:815::2004
2a00:1450:4001:821::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9c
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.196.216.149
34.237.111.169
45.60.80.131
52.201.185.108
52.21.117.204
52.48.230.192
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
05646c77d23cb095804c65c8815a7a13dda750a6b4e5d1b5b93e98f17f17cec2
0f925b6e79c9db6aef97728f7c4799d0a6b2de63f02b85f5f6623bb7fcb9e3c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12128b96dbcd4b4b6d786c3326b8466957a53b968eca59fbe85635a2c932b11c
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1851a4758fa23827c8ef2d994b9bf4b8d0b3b54570f55cb5e5d5e7836a69b502
185bda1f109eede8af6b2d45e1af13d43b481e2f642cb15fb1dfcbaae5dbcaea
18f670c55099b0297f8ddcd2643c875e7e110735c243132be3024987a570a1a2
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1ae863f7da699fa79005af109fc0c1f85ea529e8daba0824728d49f1f8734be6
1b8077a67da145f96005ad0156c2d9567aea714f1cff09c53ea5d2a31d0ccc24
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
2ad5573cfa3b702ec3bd336f52310f594e1845c39704c58a412c6c65050c76c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31f431f97148eacf678d2599aa4e2b6609ac6c0683b101b8037b8fde4134f842
3512254c44de3da60d37964e07be6792fec821c402da6af843e98dfd3f18e1c9
366c4d8b59212c111553bc3d194832a209c0875bff102e3854d60cd2c5816f72
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
375b016d99c0b2aa2d2a6f652f12f1c3d731e34e8ca3b08303d0624689b4d3a5
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354
41c98625aadde7c3f38141b7ef804bd57612ef12d9a13d8abf5d5085afe05d89
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
532471b0e648fa56a9a23b51e6844f062ebe60f12e5f7d4ef2663aa15914e865
5417bace47bd861af298d63fceb4536da0faeaac75e427c9b9ebaa269cab6017
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5697fc746b6b416653c4e3b1bf569acb5cc0325f04835bb29a573376c1ee7d13
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5acfeb2df54ad14d9299b6a794f29335ba2b92f05a3083b0d4881fef683a3f9d
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4
628bb4d4d48b28095ae842603180c3a6fa55764e088739acf30ae64b8812f2da
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6955d8d512f2a93ae8fcf71a5e42f5e67ddfc6dbd15334fca6ffa2477d040c26
763634dc9dc761c1a5daf6a415e57fd7f65d15e53c5cc6c2d1fe8407452e0a71
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
81ff6d5b61bfd0bd4f7825f953d1e61962da3723f58aa3c87bae9e9c0c0a2fc7
82ffc7702b5fa9e8b4e60228e3e25bfdb8d35bdfff40bea528d7fef9645d892c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835efedb8a9dc07e1a88cd16fa295e86a67e453e1d592e01171ab3127f1ace24
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99e284e9078aab7f8a549004e37526b6c2bac29724234ea1430865cbdd63f8d3
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9f30a683e8c0db56e5d78137239a1718b347c4b04ba2d9281dd4f95fac05cce1
a676114870402c6a9d389e103b299df064cc92871c08210ca56f32768cd9da3d
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
b03f8dc9617358d90b376017cf2f0a51d91288298c637b8d0abad089125e2d8d
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b94e08c9b69058f64f5dfa72109abb0bc7fe5a7546bee87d092ffa5d97f60269
bbf597bfed3976fcbf1d89fdfa1dd79da6e8f7c0b01df0b9d0cf02551c6657b0
bcd5dd025ef07d9f3cb33adfdb55f732a233d619e25251c643fb88fb9347012f
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8
c9af62b06b2e5a05b21f482fc3b1b3757ae1450565114e5b9305e7ea9102b017
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
ce8b571c52bd12189f267e06c760ffaec91aeb76591c8db4d02c5be8b752c6c3
cecec3e8a7048b8b187393dd12d13ea11aa7a657e956ba0a5ff7e6889b33cac8
d6dc97993d7e4803aeb35d0e9a24f0393eceb43de5f7ff0f0e437f1b05aea4e2
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
d8abb2a0494a7265818b0e49d22208a87621567f9fc944a5fe16311891b00eef
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b
f64c34c7206517e031701d5fa6ec49a7222145edd41bdf0694faa8c8da1bd118
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fd5b2297eefb99b9fc104f646dfeca660410da7e1c654498ff93844a1dbc8f35