urlscan.io logo urlscan.io
SecurityTrails logo

www.cert.pl Open in urlscan Pro
2606:4700:20::6819:1e6d  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Submission: On February 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 115 HTTP transactions. The main IP is 2606:4700:20::6819:1e6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cert.pl.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 24th 2019. Valid for: a year.
This is the only time www.cert.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

81    2606:4700:20::6819:1e6d (United States)

ASN13335 (CLOUDFLARENET, US)
www.cert.pl
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
16    192.30.253.118 (United States)

ASN36459 (GITHUB, US)
PTR: lb-192-30-253-118-iad.github.com
gist.github.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.199.111.154 (United States)

ASN54113 (FASTLY, US)
github.githubassets.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
abs.twimg.com
pbs.twimg.com
3    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
Domain Requested by
81 www.cert.pl www.cert.pl
16 gist.github.com 8 redirects www.cert.pl
7 platform.twitter.com www.cert.pl
platform.twitter.com
5 fonts.gstatic.com www.cert.pl
3 syndication.twitter.com 1 redirects www.cert.pl
3 maps.google.com www.cert.pl
maps.google.com
2 pbs.twimg.com www.cert.pl
2 abs.twimg.com www.cert.pl
platform.twitter.com
1 maps.googleapis.com maps.google.com
1 cdn.syndication.twimg.com platform.twitter.com
1 www.youtube.com www.cert.pl
1 youtube.com 1 redirects
1 github.githubassets.com gist.github.com
1 fonts.googleapis.com www.cert.pl
115 14
Subject Issuer Validity Valid
cert.pl
CloudFlare Inc ECC CA-2		 2019-06-24 -
2020-06-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.github.com
DigiCert SHA2 High Assurance Server CA		 2019-07-08 -
2020-07-16		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.githubassets.com
DigiCert SHA2 High Assurance Server CA		 2018-10-29 -
2020-11-02		 2 years crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.cert.pl/en/news/single/whats-up-emotet/
Frame ID: D52C76B8537F82D9C1FB4AD3A6E53EEE
Requests: 107 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NHGJPlEXssg
Frame ID: F11903F4656851C04A508452FE0A3BE9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.cert.pl
Frame ID: 412CE092F2A525D1B8CF695220A8ED7F
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f6e1.png
Frame ID: 1ED0B3F065FE6A50A590DAD4284400A3
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 449557AFEE1E33281D0C411AE1440A0B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

115
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

14
Subdomains

12
IPs

2
Countries

2218 kB
Transfer

3080 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://gist.github.com/0af2924d1839ada272ecf3d11daee4ba.js HTTP 302
  • https://gist.github.com/nazywam/0af2924d1839ada272ecf3d11daee4ba.js
Request Chain 22
  • https://gist.github.com/51cd6770c8b167151253247e277605b1.js HTTP 302
  • https://gist.github.com/nazywam/51cd6770c8b167151253247e277605b1.js
Request Chain 25
  • https://gist.github.com/d04d62bf89a9000eab11270e061c5083.js HTTP 302
  • https://gist.github.com/nazywam/d04d62bf89a9000eab11270e061c5083.js
Request Chain 26
  • https://gist.github.com/7b645f8038c0ba9507672ec640400821.js HTTP 302
  • https://gist.github.com/nazywam/7b645f8038c0ba9507672ec640400821.js
Request Chain 27
  • https://gist.github.com/f5197961985273f8656a2a99adfb124b.js HTTP 302
  • https://gist.github.com/nazywam/f5197961985273f8656a2a99adfb124b.js
Request Chain 34
  • https://gist.github.com/ca1b5088891760e7e083b52b5a6d4046.js HTTP 302
  • https://gist.github.com/nazywam/ca1b5088891760e7e083b52b5a6d4046.js
Request Chain 37
  • https://gist.github.com/165ccb8e995c587afec44267aff7eb8f.js HTTP 302
  • https://gist.github.com/nazywam/165ccb8e995c587afec44267aff7eb8f.js
Request Chain 38
  • https://gist.github.com/f1f44a6ee479740664dbaab248be644e.js HTTP 302
  • https://gist.github.com/nazywam/f1f44a6ee479740664dbaab248be644e.js
Request Chain 70
  • https://youtube.com/embed/NHGJPlEXssg HTTP 301
  • https://www.youtube.com/embed/NHGJPlEXssg
Request Chain 114
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

115 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cert.pl/en/news/single/whats-up-emotet/ 		49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06037a3ab10bd52a3de8398b364fbea84b80cbfd920d688298e889eba4ae20f4

Request headers

:method
GET
:authority
www.cert.pl
:scheme
https
:path
/en/news/single/whats-up-emotet/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 19 Feb 2020 22:47:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc75b0707cab59370b00c977238a775251582152461; expires=Fri, 20-Mar-20 22:47:41 GMT; path=/; domain=.cert.pl; HttpOnly; SameSite=Lax; Secure _icl_current_language=en; expires=Thu, 20-Feb-2020 22:47:40 GMT; Max-Age=86400; path=/ _icl_current_language=en; expires=Thu, 20-Feb-2020 22:47:40 GMT; Max-Age=86400; path=/
x-pingback
https://www.cert.pl/xmlrpc.php
link
<https://www.cert.pl/en/wp-json/>; rel="https://api.w.org/" <https://www.cert.pl/en/?p=15867>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
567bc8b25be663d7-FRA
content-encoding
br
language-selector.css
www.cert.pl/wp-content/plugins/sitepress-multilingual-cms/res/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.3
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d874b4407ec18a37af2e5b06320fd0a8143c054aa65bb07369f646981f378bee

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 13:35:00 GMT
server
cloudflare
age
601
etag
W/"17fb-526630a4d2900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcd563d7-FRA
style.min.css
www.cert.pl/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 06:17:49 GMT
server
cloudflare
age
601
etag
W/"a1fb-59839d6e500da-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcd663d7-FRA
wpa-style.css
www.cert.pl/wp-content/plugins/wp-accessibility/css/ 		3 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/wp-accessibility/css/wpa-style.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64310f507a131ccb016a78b2a2d744b0fea04d811e35be097698fb9458714683

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 15:28:26 GMT
server
cloudflare
age
597
etag
W/"a30-59cd04add9ab1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcd863d7-FRA
bootstrap.css
www.cert.pl/wp-content/themes/cert-theme/css/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/css/bootstrap.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Nov 2015 12:44:00 GMT
server
cloudflare
age
601
etag
W/"1deac-5242f105ac400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcd963d7-FRA
style.css
www.cert.pl/wp-content/themes/cert-theme/ 		3 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/style.css?v=632049
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a2096a95586acc732a30954a69c8276586280c61de9025cda0b883bd2540da

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 16 Mar 2016 09:48:00 GMT
server
cloudflare
etag
W/"aca-52e2768c69400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcdb63d7-FRA
style.css
www.cert.pl/wp-content/themes/cert-theme/css/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/css/style.css?v=628805
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df295d3356644acad90718eb9f0d452b64c6b76c40440b79248cc2b7af9ad03

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Jan 2019 13:52:28 GMT
server
cloudflare
etag
W/"96cd-580348563c83a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcdd63d7-FRA
slick.css
www.cert.pl/wp-content/themes/cert-theme/css/ 		2 KB
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/css/slick.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Nov 2015 12:44:00 GMT
server
cloudflare
age
601
etag
W/"6e7-5242f105ac400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcde63d7-FRA
rwd.css
www.cert.pl/wp-content/themes/cert-theme/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/css/rwd.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d35da6a2cd43ec2d1918f50baef79db8a440e27cae4ab22351ccef196681f3c

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Dec 2015 09:15:00 GMT
server
cloudflare
age
600
etag
W/"1282-5269bc1fe2d00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fcdf63d7-FRA
codecolorer.css
www.cert.pl/wp-content/plugins/codecolorer/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/codecolorer/codecolorer.css?ver=0.9.16
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4cba689b8ba104d6fe0527ad437a1458d53586bcef4109e2693c62a8cea7545

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Oct 2018 11:04:09 GMT
server
cloudflare
age
601
etag
W/"46b2-577c9b26a5c40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fce063d7-FRA
jquery.js
www.cert.pl/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 12:14:37 GMT
server
cloudflare
age
601
etag
W/"17a69-58cc5ce0db1fd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fce163d7-FRA
jquery-migrate.min.js
www.cert.pl/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 11:29:55 GMT
server
cloudflare
age
601
etag
W/"2748-535dc41b4d2c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fce263d7-FRA
jquery.min.js
www.cert.pl/wp-content/themes/cert-theme/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/js/jquery.min.js?ver=20120206
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
600
etag
W/"176f8-523908c51ff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b4fce363d7-FRA
js
maps.google.com/maps/api/ 		116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?key=AIzaSyD2T3v-cX61NR0b3u-iTJWZwtWyjYSsYUU&sensor=false&ver=20120206
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
87657bdc98818b6ab452ba9f7ed4fa0a9783771a9e1d14cab395d5cca6a8c922
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=31
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38300
x-xss-protection
0
expires
Wed, 19 Feb 2020 23:17:41 GMT
logo.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/logo.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde5645bb8067d85632ec88cf036c885d68e7ba6f02a8a72e4c04ff433c9b7bd

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1390
etag
"1660-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b50ce463d7-FRA
content-length
5728
nask.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/nask.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d193a6a66bc7cf5717c79c663b4118048b7b07aa4bf139fb77cfcb61b1011c

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 29 May 2018 12:27:20 GMT
server
cloudflare
age
1390
etag
"b54-56d575b021a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b50ce563d7-FRA
content-length
2900
mag.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/mag.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24935ac01a4adcf13b8ab80d6d8b42bffa83b5280c82cd79ed18cc1d4deaf5a

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1387
etag
"613-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6563d7-FRA
content-length
1555
emotet2020code_obfu.png
www.cert.pl/wp-content/uploads/2020/02/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020code_obfu.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69aea26c367f48e1804fe755bd72d9db373f12c6d4b43c3738dcf74c0c04ff7

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:12 GMT
server
cloudflare
age
1387
etag
"a42c-59ed700cfaf1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6663d7-FRA
content-length
42028
emotet2020string_data.png
www.cert.pl/wp-content/uploads/2020/02/ 		611 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020string_data.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5a0a1601006fa444bab993f49dc2ddc9a3b22addfed96f9191a19a3e25fb5c

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:14 GMT
server
cloudflare
age
1387
etag
"98cba-59ed700efd8ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6763d7-FRA
content-length
625850
emotet2020string_struct.png
www.cert.pl/wp-content/uploads/2020/02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020string_struct.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27819708b47f6232892c80f619355b32346c103bdf5809ea36153417b190aadd

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:15 GMT
server
cloudflare
age
1389
etag
"4ab9-59ed701040c72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6863d7-FRA
content-length
19129
0af2924d1839ada272ecf3d11daee4ba.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/0af2924d1839ada272ecf3d11daee4ba.js
  • https://gist.github.com/nazywam/0af2924d1839ada272ecf3d11daee4ba.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/0af2924d1839ada272ecf3d11daee4ba.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
5fb55165c38be0ed85c6a020891eb21b4bc39b371369b9b524bf1fd0d3b21d4e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
990
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0E:526F:23F7E5:457C89:5E4DBB0D
X-Frame-Options
deny
ETag
W/"5fb55165c38be0ed85c6a020891eb21b"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:41 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0E:526F:23F7E3:457C87:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/0af2924d1839ada272ecf3d11daee4ba.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
emotet2020api_before.png
www.cert.pl/wp-content/uploads/2020/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020api_before.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc4bc5e3a9aed52ff757522472d6bb3ccd6733681cf85f1e2deb36a5ee54a3c

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:08 GMT
server
cloudflare
age
1388
etag
"10064-59ed7009287f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6963d7-FRA
content-length
65636
emotet2020hash_fun.png
www.cert.pl/wp-content/uploads/2020/02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020hash_fun.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985159f70ba79c7cb1d4e4ddbe8e41473280f5debf3d50d5105028c451e820bf

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:13 GMT
server
cloudflare
age
1388
etag
"5ca7-59ed700dc5145"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6a63d7-FRA
content-length
23719
51cd6770c8b167151253247e277605b1.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/51cd6770c8b167151253247e277605b1.js
  • https://gist.github.com/nazywam/51cd6770c8b167151253247e277605b1.js
13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/51cd6770c8b167151253247e277605b1.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
2afbf9a896af5059004fc5ade2ff4d9075f59ea5ccba03758d93d91ad1a94547
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
1636
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0C:1A12:7319E1:C28823:5E4DBB0D
X-Frame-Options
deny
ETag
W/"2afbf9a896af5059004fc5ade2ff4d90"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:41 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0C:1A12:7319DA:C28822:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/51cd6770c8b167151253247e277605b1.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
emotet2020api_after.png
www.cert.pl/wp-content/uploads/2020/02/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020api_after.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c62f3bc047bde0e0fe2a407d7bbff968bc52b14fe00970491f19cfe9ac79283

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:07 GMT
server
cloudflare
age
1386
etag
"131bd-59ed7008326b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6b63d7-FRA
content-length
78269
emotet2020delete_previous.png
www.cert.pl/wp-content/uploads/2020/02/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020delete_previous.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7f2e78857f617d6b6ddb87f3345687f550731f2dc01110cc359cdfd031bad5

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:13 GMT
server
cloudflare
age
1389
etag
"1c46e-59ed700e51b1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6c63d7-FRA
content-length
115822
d04d62bf89a9000eab11270e061c5083.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/d04d62bf89a9000eab11270e061c5083.js
  • https://gist.github.com/nazywam/d04d62bf89a9000eab11270e061c5083.js
4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/d04d62bf89a9000eab11270e061c5083.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
bdd965cef6e5f0034f6e7acd5f600c0fd38d271fe9f23bd95995deddf13ca0c3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
973
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB16:4648:76F8FF:C9F219:5E4DBB0E
X-Frame-Options
deny
ETag
W/"bdd965cef6e5f0034f6e7acd5f600c0f"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB16:4648:76F8F8:C9F215:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/d04d62bf89a9000eab11270e061c5083.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
7b645f8038c0ba9507672ec640400821.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/7b645f8038c0ba9507672ec640400821.js
  • https://gist.github.com/nazywam/7b645f8038c0ba9507672ec640400821.js
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/7b645f8038c0ba9507672ec640400821.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
61435a0a0bf357d17101fd2f9b43f162be7fa020490e034a365364b66949ca99
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
1088
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB14:5270:3DA3A8:71BC4B:5E4DBB0E
X-Frame-Options
deny
ETag
W/"61435a0a0bf357d17101fd2f9b43f162"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB14:5270:3DA3A4:71BC49:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/7b645f8038c0ba9507672ec640400821.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
f5197961985273f8656a2a99adfb124b.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/f5197961985273f8656a2a99adfb124b.js
  • https://gist.github.com/nazywam/f5197961985273f8656a2a99adfb124b.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/f5197961985273f8656a2a99adfb124b.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
615d0e95557245d247f5b80292f55724d645851559905b61b7530cd3c7184244
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
850
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB18:6D66:71C15F:C11BC3:5E4DBB0E
X-Frame-Options
deny
ETag
W/"615d0e95557245d247f5b80292f55724"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB18:6D66:71C156:C11BBF:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/f5197961985273f8656a2a99adfb124b.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
emotet2020fetch_c2.png
www.cert.pl/wp-content/uploads/2020/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020fetch_c2.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384f41a2614ca0d4888406e41715996d2549c696482e78b1479ad1f873b2048f

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:04 GMT
server
cloudflare
age
1388
etag
"755d-59ed70058009a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6e63d7-FRA
content-length
30045
emotet2020c2_data.png
www.cert.pl/wp-content/uploads/2020/02/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020c2_data.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b68afe0703c7d808f46d90a97bf6b34c9ffededb8f290a408c93404bf25316

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 12:48:22 GMT
server
cloudflare
age
1389
etag
"1d59d-59ed9164913b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d6f63d7-FRA
content-length
120221
emotet2020path_generation.png
www.cert.pl/wp-content/uploads/2020/02/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020path_generation.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef936cd6784995adb54527b5ffae2f34f0ae95e3983947a95e187bc89d398e65

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:06 GMT
server
cloudflare
age
1387
etag
"e4ef-59ed70078e5e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7063d7-FRA
content-length
58607
emotet2020file_upload.png
www.cert.pl/wp-content/uploads/2020/02/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020file_upload.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e381e8030b550ac4061a1fe31f578538d9e5efe2273df9fdc20ec397c150916

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:05 GMT
server
cloudflare
age
1387
etag
"17b7d-59ed7006df937"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7163d7-FRA
content-length
97149
emotet2020traffic.png
www.cert.pl/wp-content/uploads/2020/02/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020traffic.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569ba4abba77e7a7589395fec1cc49d2e72a47f06d6d205941485799fc1af75e

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:08 GMT
server
cloudflare
age
1387
etag
"1e2e0-59ed7009bfda7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7463d7-FRA
content-length
123616
emotet2020packet_encryption.png
www.cert.pl/wp-content/uploads/2020/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020packet_encryption.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdad779856ca45b5b17f2d991c6e41b4622f0dfb5be0e802156cdcb8f7f1238e

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:16 GMT
server
cloudflare
age
1389
etag
"74a2-59ed7010def85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7563d7-FRA
content-length
29858
ca1b5088891760e7e083b52b5a6d4046.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/ca1b5088891760e7e083b52b5a6d4046.js
  • https://gist.github.com/nazywam/ca1b5088891760e7e083b52b5a6d4046.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/ca1b5088891760e7e083b52b5a6d4046.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
55362ad9ea4c423263358b5d9919d1b1a17e45e17ae0d6570040f5a49f5db369
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
735
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB12:2F3E:6D15B1:BB76DE:5E4DBB0E
X-Frame-Options
deny
ETag
W/"55362ad9ea4c423263358b5d9919d1b1"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB12:2F3E:6D15A9:BB76D9:5E4DBB0D
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/ca1b5088891760e7e083b52b5a6d4046.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
emotet2020packet_struct.png
www.cert.pl/wp-content/uploads/2020/02/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020packet_struct.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4c4d9bccfda5e0acd0d206a18b27968e41379b45ad5bf5c06f87fe4e0a7488

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:11 GMT
server
cloudflare
age
1388
etag
"116ae-59ed700c629c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7663d7-FRA
content-length
71342
emotet2020uncompress.png
www.cert.pl/wp-content/uploads/2020/02/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020uncompress.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15caae626d59e2db3e7aecda27e4dfcc623de900b2d01e5c4ee1b3a838c3586

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Feb 2020 10:19:11 GMT
server
cloudflare
age
1387
etag
"d428-59ed700bc94d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7763d7-FRA
content-length
54312
165ccb8e995c587afec44267aff7eb8f.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/165ccb8e995c587afec44267aff7eb8f.js
  • https://gist.github.com/nazywam/165ccb8e995c587afec44267aff7eb8f.js
13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/165ccb8e995c587afec44267aff7eb8f.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
97e3e620efe5080761e7ac531d9e38e141f9b520950d33fe6698bf2e0dad9cc3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
1406
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0E:526F:23F7E8:457C90:5E4DBB0E
X-Frame-Options
deny
ETag
W/"97e3e620efe5080761e7ac531d9e38e1"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0E:526F:23F7E6:457C8D:5E4DBB0E
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/165ccb8e995c587afec44267aff7eb8f.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
f1f44a6ee479740664dbaab248be644e.js
gist.github.com/nazywam/
Redirect Chain
  • https://gist.github.com/f1f44a6ee479740664dbaab248be644e.js
  • https://gist.github.com/nazywam/f1f44a6ee479740664dbaab248be644e.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/nazywam/f1f44a6ee479740664dbaab248be644e.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.30.253.118 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-192-30-253-118-iad.github.com
Software
GitHub.com /
Resource Hash
cc1a91f1b7d6196d368488ce6bef93f1252e6c74fb72d47f86fd8a7d99856eff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cert.pl/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
845
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB12:2F3E:6D15BA:BB76EF:5E4DBB0E
X-Frame-Options
deny
ETag
W/"cc1a91f1b7d6196d368488ce6bef93f1"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges
bytes

Redirect headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
X-Content-Type-Options
nosniff
Age
0
Status
302 Found
Vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length
133
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
CB0C:1A12:7319E8:C2882F:5E4DBB0E
X-Frame-Options
deny
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Location
https://gist.github.com/nazywam/f1f44a6ee479740664dbaab248be644e.js
Cache-Control
no-cache
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
emotet2020hello_packet_struct.png
www.cert.pl/wp-content/uploads/2020/02/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2020/02/emotet2020hello_packet_struct.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f9c3dd5018019289cdc8913203ec139c620a728aacc2e5be38719b94f8271d

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Feb 2020 09:18:27 GMT
server
cloudflare
age
1386
etag
"1540b-59eea456aa2dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7863d7-FRA
content-length
87051
twitter.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/twitter.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a00c6ecad47187aa858123743ebe003f6c28457f2826a1f89cde242ebc08328

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1386
etag
"e3f-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7963d7-FRA
content-length
3647
fb.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/fb.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eaad93e8bcf94977b91053bf8ecf0910a07ec22af2106fc816973d546a620ab

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1386
etag
"ba3-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7a63d7-FRA
content-length
2979
git.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/git.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956fcfddb7ae5b576ba76a258ed10eb9f9be2c45ee634acaea0dbf15ebc314be

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1389
etag
"b3a-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7b63d7-FRA
content-length
2874
logo_footer.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/logo_footer.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0b847e470f5f76afe857fd85648bb60650f0a6d9f770e5628f9c379cb184cb

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1386
etag
"c6f-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7c63d7-FRA
content-length
3183
footer_1.png
www.cert.pl/wp-content/uploads/2015/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2015/11/footer_1.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c7711cf44d086850c4dacc1427bafef762201878eb6ca54ab4c0f6891e434e

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2015 13:02:00 GMT
server
cloudflare
age
1387
etag
"ddc-523a27fd6a200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7d63d7-FRA
content-length
3548
footer_2.png
www.cert.pl/wp-content/uploads/2015/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2015/11/footer_2.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c92b89f27bb45c5db310b20706a37e2a56539a739d8400f5f926f8b3a44293

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2015 13:02:00 GMT
server
cloudflare
age
6880
etag
"158a-523a27fd6a200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7e63d7-FRA
content-length
5514
footer_3.png
www.cert.pl/wp-content/uploads/2015/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2015/11/footer_3.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e5a4057cce9a3cb096fcf95470f8b76aa66d0a25513ddcb3834b12f7abfacd

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2015 13:02:00 GMT
server
cloudflare
age
1387
etag
"22d2-523a27fd6a200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d7f63d7-FRA
content-length
8914
en_horizontal_cef_logo-1.png
www.cert.pl/wp-content/uploads/2019/02/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/uploads/2019/02/en_horizontal_cef_logo-1.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88cd5656c40002a2343c31aeab4263e311eb120b5f4c61141043a6837552800

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Feb 2019 13:12:53 GMT
server
cloudflare
age
1389
etag
"7dea-5822ae1e66fa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d8063d7-FRA
content-length
32234
socialshareprivacy.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/ 		567 B
255 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/socialshareprivacy.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2881200b4a3a31e8b5f433fb27d9235a161486d8c2450430353a24026323c182

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
598
etag
W/"237-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5a63d7-FRA
longdesc.button.js
www.cert.pl/wp-content/plugins/wp-accessibility/js/ 		1 KB
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e67a666330e9e3593ced84585ca04a77066360514a2617da5abfb15167d03fd

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 15:28:26 GMT
server
cloudflare
age
597
etag
W/"44b-59cd04addaa51-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5b63d7-FRA
current-menu-item.js
www.cert.pl/wp-content/plugins/wp-accessibility/js/ 		138 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/wp-accessibility/js/current-menu-item.js?ver=1.0
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 15:28:26 GMT
server
cloudflare
age
597
etag
W/"8a-59cd04addaa51-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5c63d7-FRA
navigation.js
www.cert.pl/wp-content/themes/cert-theme/js/ 		2 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/js/navigation.js?ver=20120206
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Oct 2015 12:51:00 GMT
server
cloudflare
age
599
etag
W/"8e7-52315879c3500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5d63d7-FRA
slick.min.js
www.cert.pl/wp-content/themes/cert-theme/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/js/slick.min.js?ver=20120206
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
598
etag
W/"9ccf-523908c51ff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5e63d7-FRA
skip-link-focus-fix.js
www.cert.pl/wp-content/themes/cert-theme/js/ 		903 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2cb1695948a80c7f945fa3bc8805a7ce02bb248e061ece8a34b975a16008e0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Oct 2015 12:51:00 GMT
server
cloudflare
age
597
etag
W/"387-52315879c3500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d5f63d7-FRA
gdpr.js
www.cert.pl/wp-content/themes/cert-theme/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/js/gdpr.js?ver=20181024
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39a392ec8f34f2e7d2b5d60bee6fbf2f89a45dd951fba92eb3eed8da1649311

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Oct 2018 11:09:03 GMT
server
cloudflare
age
599
etag
W/"1480-5790ba16671c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d6063d7-FRA
wp-embed.min.js
www.cert.pl/wp-includes/js/ 		1 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-includes/js/wp-embed.min.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 06:17:49 GMT
server
cloudflare
age
597
etag
W/"577-59839d6e6e532-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d6163d7-FRA
sitepress.js
www.cert.pl/wp-content/plugins/sitepress-multilingual-cms/res/js/ 		732 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3341bec0a8f34b5a80b44ece0d34db5d8e064e3e570cd405b031a1bcd4f5daa

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 13:35:00 GMT
server
cloudflare
age
598
etag
W/"2dc-526630a4d2900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d6263d7-FRA
jquery.socialshareprivacy.min.js
www.cert.pl/wp-content/plugins/ssp/scripts/javascripts/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/javascripts/jquery.socialshareprivacy.min.js?ver=1.0.0
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a650f4a755f80b22ceaa03172b9b24a42f53028b82dafb07b4e3e3ced4d2553

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 09:49:00 GMT
server
cloudflare
age
597
etag
W/"a415-52673ffe75b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d6363d7-FRA
autoload.js
www.cert.pl/wp-content/plugins/ssp/scripts/javascripts/ 		153 B
198 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/javascripts/autoload.js?ver=1.0.0
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f5c27611c0671ce3ed55912d6daf2d9f6cb8f78d3901d3a206a646961af05bb

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
598
etag
W/"99-52663d9b9bf00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
cf-ray
567bc8b60d6463d7-FRA
css
fonts.googleapis.com/ 		8 KB
794 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Feb 2020 22:47:41 GMT
server
ESF
date
Wed, 19 Feb 2020 22:47:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Feb 2020 22:47:41 GMT
slick-theme.css
www.cert.pl/wp-content/themes/cert-theme/css/ 		3 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/css/slick-theme.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f37789f511d3d6abf8ad9b5de3a0ee9cd1ed468b61d1beac7a1765a0279c70b

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Nov 2015 12:44:00 GMT
server
cloudflare
age
597
etag
W/"bcf-5242f105ac400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8b5bd3c63d7-FRA
lightning.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/lightning.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583647af9450c692b8061fc2b682285ea79480e15a653273bf5d2acf0c155d8a

Request headers

Referer
https://www.cert.pl/wp-content/themes/cert-theme/css/style.css?v=628805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
etag
"5cf-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d8163d7-FRA
content-length
1487
rss_inv.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		490 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/rss_inv.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b091609321962db7030ba1be76add391e910e1e428bc878543a578b94e96eed2

Request headers

Referer
https://www.cert.pl/wp-content/themes/cert-theme/style.css?v=632049
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Jan 2016 13:35:00 GMT
server
cloudflare
etag
"1ea-52a50de5de900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d8263d7-FRA
content-length
490
glob_green.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/glob_green.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2b8082434f8aa2acfc3d96d723bd360b70988e0553e1345b7dc56838bf9f8d

Request headers

Referer
https://www.cert.pl/wp-content/themes/cert-theme/css/style.css?v=628805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
etag
"71b-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d8363d7-FRA
content-length
1819
before_head.png
www.cert.pl/wp-content/themes/cert-theme/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/themes/cert-theme/img/before_head.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf684b532cd36c601f1832d0bc2d81100e5c860a30ee944afed762f4bb34ed6

Request headers

Referer
https://www.cert.pl/wp-content/themes/cert-theme/css/style.css?v=628805
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:41 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Nov 2015 15:37:00 GMT
server
cloudflare
age
1389
etag
"424-523908c51ff00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8b60d8463d7-FRA
content-length
1060
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Origin
https://www.cert.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 02:02:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1370729
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Wed, 03 Feb 2021 02:02:12 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Origin
https://www.cert.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Feb 2020 14:44:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1584204
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Sun, 31 Jan 2021 14:44:17 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Origin
https://www.cert.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 03:04:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:51 GMT
server
sffe
age
1366998
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14864
x-xss-protection
0
expires
Wed, 03 Feb 2021 03:04:23 GMT
S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v16/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Origin
https://www.cert.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Feb 2020 15:01:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:46 GMT
server
sffe
age
1583146
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2944
x-xss-protection
0
expires
Sun, 31 Jan 2021 15:01:55 GMT
gist-embed-13f839f7454b3a5b3bfbfd6d1e34ec9d.css
github.githubassets.com/assets/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/gist-embed-13f839f7454b3a5b3bfbfd6d1e34ec9d.css
Requested by
Host: gist.github.com
URL: https://gist.github.com/nazywam/0af2924d1839ada272ecf3d11daee4ba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58d4430f25854848fdc43580c574a89a531f5366ef67de00ff52bf4a5245ad6a

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-fastly-request-id
925ceb821c22eb9657edeae55047b6368d2b2050
date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age
2853104
x-cache
HIT, HIT
status
200
content-length
4955
x-served-by
cache-iad2126-IAD, cache-ams21037-AMS
access-control-allow-origin
*
last-modified
Fri, 17 Jan 2020 22:13:47 GMT
server
AmazonS3
x-timer
S1582152462.178360,VS0,VE0
etag
"54fc05f6513acdcdd1c81f548cf2b1d1"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 40080
NHGJPlEXssg
www.youtube.com/embed/ Frame F119
Redirect Chain
  • https://youtube.com/embed/NHGJPlEXssg
  • https://www.youtube.com/embed/NHGJPlEXssg
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NHGJPlEXssg
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/NHGJPlEXssg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.cert.pl/en/news/single/whats-up-emotet/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.cert.pl/en/news/single/whats-up-emotet/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
content-encoding
br
cache-control
no-cache
date
Wed, 19 Feb 2020 22:47:42 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=IjLu3RDLqbw; path=/; domain=.youtube.com; secure; expires=Mon, 17-Aug-2020 22:47:42 GMT; httponly; samesite=None YSC=gLyI1cGcRc4; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=IjLu3RDLqbw; path=/; domain=.youtube.com; secure; expires=Mon, 17-Aug-2020 22:47:42 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 19-Feb-2020 23:17:42 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
301
location
https://www.youtube.com/embed/NHGJPlEXssg
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
date
Wed, 19 Feb 2020 22:47:42 GMT
content-type
text/html
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
common.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/common.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05587d82a51aba9e99200cddad3444dc152835148765ae610a533216c28240b

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 11:14:00 GMT
server
cloudflare
age
597
etag
W/"180b-526752fe32e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ff863d7-FRA
buffer.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		302 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/buffer.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7afd30c360cfe2f506d50d5fef78c975126e545039dc0bd5b6f7c888cf62cfa

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"12e-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ff963d7-FRA
delicious.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		4 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/delicious.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acef9ad64b0512414f2c8e9c8b596c02f2551266eaca863fa475aa099e47b81

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"1038-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ffa63d7-FRA
disqus.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		4 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/disqus.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1a9f41d8b7ed46ceb36adc7671f6392ec1bd1cdba114c8ca39e8eaf9d4bc59

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"111e-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ffb63d7-FRA
facebook.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		255 B
175 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/facebook.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b69538e34603e6ec2341218be21ee500aa57f4b0deded467f012a0f155e65ce

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"ff-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ffc63d7-FRA
flattr.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		667 B
248 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/flattr.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42af2f9eaf30cf9fe06f1c59f9cf9a1098e6d4664411453ea4bfb6c2958b2028

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"29b-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5ffd63d7-FRA
gplus.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		324 B
227 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/gplus.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c79b2b4a368f73349943f073ae04d64a7b3804ab0dbcc2866c0fa8e209b0bc

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 11:20:00 GMT
server
cloudflare
age
597
etag
W/"144-5267545585800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba5fff63d7-FRA
hackernews.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		3 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/hackernews.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717e30446ea6f8f04edca3caf502837207ead9f369f102084f0bc4d51da3f3bb

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 11:23:00 GMT
server
cloudflare
age
597
etag
W/"d6e-526755012ed00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580063d7-FRA
linkedin.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		386 B
239 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/linkedin.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ddd53f499536c0e8eb0a3a1a5e75316f7f959907d12fc123e01d26ad334775

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 11:26:00 GMT
server
cloudflare
age
597
etag
W/"182-526755acd8200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580163d7-FRA
mail.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		222 B
180 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/mail.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a38147f41609a72ecee1b3bd11737a1128efb4a69e65eb27f5188787524cd90

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"de-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580263d7-FRA
pinterest.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		396 B
244 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/pinterest.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354005cfd2c57b546ae96f1f63b1e2e0b2d8ed975285c136b4dadd1260b96646

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 11:27:00 GMT
server
cloudflare
age
597
etag
W/"18c-526755e610900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580363d7-FRA
reddit.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		160 B
160 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/reddit.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3406333c8328eb764a54935592e8bc4e1e16c2ae653f9926a50423fcab117781

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"a0-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580463d7-FRA
stumbleupon.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		268 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/stumbleupon.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e590c41a365a5cfcb48fc12a7a34591e21e38e920b4381d487dc60c9c1e6f0ef

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"10c-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580563d7-FRA
tumblr.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		226 B
163 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/tumblr.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f772c78d73c3418d35694703f2548ef5d0fe3a5e903d09bdbe3bf61503ff78

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"e2-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580863d7-FRA
twitter.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		226 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/twitter.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0667abb5334f7bbe5eae5df7d697a7cc261820a0dce101df5025de1b9ec92d

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"e2-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580963d7-FRA
xing.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/ 		368 B
208 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/modules/xing.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568668326055b517ae8fb9dbe18cd6d4da2bfd80cc28ae58e732d0fcdabdd2df

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:34:00 GMT
server
cloudflare
age
597
etag
W/"170-52663dd4d4600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200
cf-ray
567bc8ba580b63d7-FRA
S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v16/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic&subset=latin,latin-ext
Origin
https://www.cert.pl
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 23:43:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:44 GMT
server
sffe
age
1638226
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
2888
x-xss-protection
0
expires
Sat, 30 Jan 2021 23:43:56 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418F) /
Resource Hash
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Feb 2020 23:55:53 GMT
Server
ECS (fcn/418F)
Age
547
Etag
"d6438f3ded1a231e0c47db28e12b2834+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29101
jquery.socialshareprivacy.min.css
www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/jquery.socialshareprivacy.min.css
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/wp-content/themes/cert-theme/js/jquery.min.js?ver=20120206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
max-age=7200, must-revalidate
cf-ray
567bc8bae86063d7-FRA
link
<https://www.cert.pl/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
fbshare.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/fbshare.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eddbbe68c5bfa062a75f4c4db4151d12b036a5c0a96547980186c36a78597563

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"43d-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86363d7-FRA
content-length
1085
dummy_gplus.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		661 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_gplus.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0873c0a4b4c2c8e80b8e83eacbbf0f01d190776fdb7bdc545ff33a19abf878

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"295-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86463d7-FRA
content-length
661
dummy_hackernews.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		343 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_hackernews.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c4d22fc011476dbd969f4aecdbf2d3d97c21dc973cd6cf0d3263102d24f996

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"157-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86563d7-FRA
content-length
343
dummy_linkedin.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_linkedin.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99df0000e30c75b9295ebbd3c1f114cfcbc0e178c1691d1b61d9132317328a7

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"4fd-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86663d7-FRA
content-length
1277
dummy_pinterest.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_pinterest.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e38cd1277f5e55739801de6218612d84e6c7cd87c3840ddcc08ae2ed6af2a5f

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"479-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86763d7-FRA
content-length
1145
dummy_reddit.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_reddit.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7275150f338d6dc83b49b9cd0cfd33438c6afc81c520cf548b3f733ec7cd85d7

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"3fa-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86863d7-FRA
content-length
1018
dummy_twitter.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		965 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/dummy_twitter.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabfc19ef465889bf77fb3a7347ea1c0f0c08d3d4ad4fd9370fc109d043a1a84

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"3c5-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86963d7-FRA
content-length
965
socialshareprivacy_on_off.png
www.cert.pl/wp-content/plugins/ssp/scripts/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cert.pl/wp-content/plugins/ssp/scripts/images/socialshareprivacy_on_off.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:1e6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bccd2cd032055d053f39bff100c17c2b165952ab55e7479f2aa4ca3f287efd69

Request headers

Referer
https://www.cert.pl/wp-content/plugins/ssp/scripts/stylesheets/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2015 14:33:00 GMT
server
cloudflare
age
1387
etag
"515-52663d9b9bf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
567bc8bae86a63d7-FRA
content-length
1301
widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame 412C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.cert.pl
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.cert.pl/en/news/single/whats-up-emotet/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1189706
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Feb 2020 22:47:42 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Wed, 05 Feb 2020 23:46:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E4)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
platform.twitter.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40DA) /
Resource Hash
438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Feb 2020 23:45:53 GMT
Server
ECS (fcn/40DA)
Age
1205419
Etag
"11d31148aa60716fb9039c36580956f1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
7876
timeline.f2565d449b4dd797677034caa0d66bf8.js
platform.twitter.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.f2565d449b4dd797677034caa0d66bf8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418F) /
Resource Hash
8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Feb 2020 23:45:53 GMT
Server
ECS (fcn/418F)
Age
1205165
Etag
"3ac68eedc6c1bce6319c2bc023cdc98d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
6657
profile
cdn.syndication.twimg.com/timeline/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_CERT_Polska_old&dnt=false&domain=www.cert.pl&lang=pl&screen_name=CERT_Polska&suppress_response_codes=true&t=1757947&tweet_limit=2&tz=GMT%2B0100&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D2E) /
Resource Hash
05d8b17e342541ca7ff0edc66c3bb8e8507bd52dd53fe58f4965f27d2326a978
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
x-cache
HIT
status
200
content-disposition
attachment; filename=jsonp.jsonp
strict-transport-security
max-age=631138519
content-length
3050
x-xss-protection
0
x-response-time
134
last-modified
Wed, 19 Feb 2020 22:45:21 GMT
server
ECS (lcy/1D2E)
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
8021b844428e70e4a0fdf12d24f31634
accept-ranges
bytes
timing-allow-origin
*
x-transaction
0085443800930c2b
expires
Wed, 19 Feb 2020 22:52:42 GMT
syndication
syndication.twitter.com/i/jot/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1582152462614%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Wed, 19 Feb 2020 22:47:42 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
7229e1b93b8770111f398ac0d0da0eb8
x-transaction
00d95df4001f4d42
expires
Tue, 31 Mar 1981 05:00:00 GMT
1f6e1.png
abs.twimg.com/emoji/v2/72x72/ Frame 1ED0 		850 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f6e1.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash
14507cfc799d2855cf0d49832541c4729eac707e256e73d3f83aa9d72a8bb123
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
x-content-type-options
nosniff
age
20635862
x-ton-expected-size
850
x-cache
HIT
status
200
content-length
850
x-response-time
25
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:34 GMT
server
ECS (fcn/40B3)
etag
"eUXxZ90TIBlnc88x8uio9A=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
a16e941faf155c08db32e963301c759f
accept-ranges
bytes
expires
Thu, 18 Feb 2021 22:47:42 GMT
timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ Frame 1ED0 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E4) /
Resource Hash
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jan 2020 22:37:57 GMT
Server
ECS (fcn/40E4)
Age
3542140
Etag
"0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
12155
timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 19 Feb 2020 22:47:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jan 2020 22:37:57 GMT
Server
ECS (fcn/40E4)
Age
3542140
Etag
"0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Content-Length
12155
1f6e1.png
abs.twimg.com/emoji/v2/72x72/ Frame 1ED0 		850 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f6e1.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash
14507cfc799d2855cf0d49832541c4729eac707e256e73d3f83aa9d72a8bb123
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
x-content-type-options
nosniff
age
20635862
x-ton-expected-size
850
x-cache
HIT
status
200
content-length
850
x-response-time
25
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:34 GMT
server
ECS (fcn/40B3)
etag
"eUXxZ90TIBlnc88x8uio9A=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
a16e941faf155c08db32e963301c759f
accept-ranges
bytes
expires
Thu, 18 Feb 2021 22:47:42 GMT
ZNVCXa8E_normal.png
pbs.twimg.com/profile_images/458887776423776256/ Frame 1ED0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/458887776423776256/ZNVCXa8E_normal.png
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D1) /
Resource Hash
f7d46e828bf23ed4df69b4c932c8c92f24375070768be9c2a25077fe654c0175
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
x-content-type-options
nosniff
age
260082
x-cache
HIT
status
200
content-length
2339
x-response-time
117
surrogate-key
profile_images profile_images/bucket/0 profile_images/458887776423776256
last-modified
Wed, 23 Apr 2014 08:37:06 GMT
server
ECS (fcn/40D1)
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b071c4b6e1d3e4f49680847e4fdbcae8
accept-ranges
bytes
EQqIXJ2XYAEF3ky
pbs.twimg.com/media/ Frame 1ED0 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EQqIXJ2XYAEF3ky?format=png&name=small
Requested by
Host: www.cert.pl
URL: https://www.cert.pl/en/news/single/whats-up-emotet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EA) /
Resource Hash
6e84d82eb113810fc02665363d80f71cf697bbfd5ec3ed17990cc9dc165d397d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:42 GMT
x-content-type-options
nosniff
age
552739
x-cache
HIT
status
200
content-length
64203
x-response-time
125
surrogate-key
media media/bucket/3 media/1227943779774193665
last-modified
Thu, 13 Feb 2020 13:11:05 GMT
server
ECS (fcn/40EA)
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
84fedd06fb32b3f01c3da37f784702b5
accept-ranges
bytes
truncated
/ Frame 1ED0 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 1ED0 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 1ED0 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 1ED0 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
jot
syndication.twitter.com/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.cert.pl%2Fen%2Fnews%2Fsingle%2Fwhats-up-emotet%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3ACERT_Polska%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1582152462951%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%224a203525%3A1580945701206%22%2C%22format_version%22%3A%224a203525%3A1580945701206%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 19 Feb 2020 22:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Wed, 19 Feb 2020 22:47:43 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
7229e1b93b8770111f398ac0d0da0eb8
x-transaction
00021ffe009cf090
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot.html
platform.twitter.com/ Frame 4495
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.cert.pl
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3542140
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Feb 2020 22:47:43 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 09 Jan 2020 22:50:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B3)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Wed, 19 Feb 2020 22:47:43 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Wed, 19 Feb 2020 22:47:43 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
7229e1b93b8770111f398ac0d0da0eb8
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
118
x-transaction
0053850400d5f4fd
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
common.js
maps.google.com/maps-api-v3/api/js/40/1/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/40/1/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyD2T3v-cX61NR0b3u-iTJWZwtWyjYSsYUU&sensor=false&ver=20120206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0370ac08cc18d1bf020d20cd4e310056b073ff2887a0f840407d33c955ae604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 19:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Feb 2020 01:27:57 GMT
server
sffe
age
13291
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28982
x-xss-protection
0
expires
Thu, 18 Feb 2021 19:06:15 GMT
util.js
maps.google.com/maps-api-v3/api/js/40/1/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/40/1/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyD2T3v-cX61NR0b3u-iTJWZwtWyjYSsYUU&sensor=false&ver=20120206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926432dddd967eef9280f4d274a3bb4d58535de5d347797dbb5826801bc726e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 19:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Feb 2020 01:27:57 GMT
server
sffe
age
13291
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
54014
x-xss-protection
0
expires
Thu, 18 Feb 2021 19:06:15 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.cert.pl%2Fen%2Fnews%2Fsingle%2Fwhats-up-emotet%2F&4sAIzaSyD2T3v-cX61NR0b3u-iTJWZwtWyjYSsYUU&callback=_xdc_._hdb0hr&key=AIzaSyD2T3v-cX61NR0b3u-iTJWZwtWyjYSsYUU&token=28109
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/40/1/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
25ee666f9e486626dc7f70b283da2cdd80aade13b32a95a598e9de6026cd39c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cert.pl/en/news/single/whats-up-emotet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 19 Feb 2020 22:47:46 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=52
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| CookiesPopup object| wp object| icl_vars function| addLoadEvent function| icl_retry_mtr string| icl_lang string| icl_home object| twttr object| _paq function| embedTrackingCode object| cookiesBanner object| __twttrll object| __twttr object| _xdc_

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: gLyI1cGcRc4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: IjLu3RDLqbw
www.cert.pl/ Name: _icl_current_language
Value: en
.cert.pl/ Name: __cfduid
Value: dc75b0707cab59370b00c977238a775251582152461

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.cert.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api info URL: https://platform.twitter.com/widgets.js(Line 1)
Message:
You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]
console-api warning URL: https://maps.google.com/maps-api-v3/api/js/40/1/util.js(Line 232)
Message:
Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
gist.github.com
github.githubassets.com
maps.google.com
maps.googleapis.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
www.cert.pl
www.youtube.com
youtube.com
104.244.42.8
185.199.111.154
192.30.253.118
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:1e6d
2a00:1450:4001:800::200a
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:815::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:825::200e
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05d8b17e342541ca7ff0edc66c3bb8e8507bd52dd53fe58f4965f27d2326a978
06037a3ab10bd52a3de8398b364fbea84b80cbfd920d688298e889eba4ae20f4
0a650f4a755f80b22ceaa03172b9b24a42f53028b82dafb07b4e3e3ced4d2553
0e38cd1277f5e55739801de6218612d84e6c7cd87c3840ddcc08ae2ed6af2a5f
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
14507cfc799d2855cf0d49832541c4729eac707e256e73d3f83aa9d72a8bb123
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1c5a0a1601006fa444bab993f49dc2ddc9a3b22addfed96f9191a19a3e25fb5c
1c62f3bc047bde0e0fe2a407d7bbff968bc52b14fe00970491f19cfe9ac79283
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
25ee666f9e486626dc7f70b283da2cdd80aade13b32a95a598e9de6026cd39c6
27819708b47f6232892c80f619355b32346c103bdf5809ea36153417b190aadd
2881200b4a3a31e8b5f433fb27d9235a161486d8c2450430353a24026323c182
2afbf9a896af5059004fc5ade2ff4d9075f59ea5ccba03758d93d91ad1a94547
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3406333c8328eb764a54935592e8bc4e1e16c2ae653f9926a50423fcab117781
354005cfd2c57b546ae96f1f63b1e2e0b2d8ed975285c136b4dadd1260b96646
384f41a2614ca0d4888406e41715996d2549c696482e78b1479ad1f873b2048f
3a00c6ecad47187aa858123743ebe003f6c28457f2826a1f89cde242ebc08328
3cc4bc5e3a9aed52ff757522472d6bb3ccd6733681cf85f1e2deb36a5ee54a3c
3d35da6a2cd43ec2d1918f50baef79db8a440e27cae4ab22351ccef196681f3c
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
3e67a666330e9e3593ced84585ca04a77066360514a2617da5abfb15167d03fd
42af2f9eaf30cf9fe06f1c59f9cf9a1098e6d4664411453ea4bfb6c2958b2028
438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0
43c7711cf44d086850c4dacc1427bafef762201878eb6ca54ab4c0f6891e434e
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4acef9ad64b0512414f2c8e9c8b596c02f2551266eaca863fa475aa099e47b81
4eaad93e8bcf94977b91053bf8ecf0910a07ec22af2106fc816973d546a620ab
55362ad9ea4c423263358b5d9919d1b1a17e45e17ae0d6570040f5a49f5db369
568668326055b517ae8fb9dbe18cd6d4da2bfd80cc28ae58e732d0fcdabdd2df
569ba4abba77e7a7589395fec1cc49d2e72a47f06d6d205941485799fc1af75e
583647af9450c692b8061fc2b682285ea79480e15a653273bf5d2acf0c155d8a
58d4430f25854848fdc43580c574a89a531f5366ef67de00ff52bf4a5245ad6a
5cf684b532cd36c601f1832d0bc2d81100e5c860a30ee944afed762f4bb34ed6
5e381e8030b550ac4061a1fe31f578538d9e5efe2273df9fdc20ec397c150916
5fb55165c38be0ed85c6a020891eb21b4bc39b371369b9b524bf1fd0d3b21d4e
61435a0a0bf357d17101fd2f9b43f162be7fa020490e034a365364b66949ca99
615d0e95557245d247f5b80292f55724d645851559905b61b7530cd3c7184244
63c92b89f27bb45c5db310b20706a37e2a56539a739d8400f5f926f8b3a44293
64310f507a131ccb016a78b2a2d744b0fea04d811e35be097698fb9458714683
6df295d3356644acad90718eb9f0d452b64c6b76c40440b79248cc2b7af9ad03
6e84d82eb113810fc02665363d80f71cf697bbfd5ec3ed17990cc9dc165d397d
6f37789f511d3d6abf8ad9b5de3a0ee9cd1ed468b61d1beac7a1765a0279c70b
70e5a4057cce9a3cb096fcf95470f8b76aa66d0a25513ddcb3834b12f7abfacd
717e30446ea6f8f04edca3caf502837207ead9f369f102084f0bc4d51da3f3bb
7275150f338d6dc83b49b9cd0cfd33438c6afc81c520cf548b3f733ec7cd85d7
7a38147f41609a72ecee1b3bd11737a1128efb4a69e65eb27f5188787524cd90
7b0873c0a4b4c2c8e80b8e83eacbbf0f01d190776fdb7bdc545ff33a19abf878
7e0667abb5334f7bbe5eae5df7d697a7cc261820a0dce101df5025de1b9ec92d
8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45
87657bdc98818b6ab452ba9f7ed4fa0a9783771a9e1d14cab395d5cca6a8c922
893485d48fc8651981b4810fee0d92ebd7fd85baa7f362ad3934a2c652be8dc9
90c4d22fc011476dbd969f4aecdbf2d3d97c21dc973cd6cf0d3263102d24f996
926432dddd967eef9280f4d274a3bb4d58535de5d347797dbb5826801bc726e9
956fcfddb7ae5b576ba76a258ed10eb9f9be2c45ee634acaea0dbf15ebc314be
96b68afe0703c7d808f46d90a97bf6b34c9ffededb8f290a408c93404bf25316
9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e
97e3e620efe5080761e7ac531d9e38e141f9b520950d33fe6698bf2e0dad9cc3
985159f70ba79c7cb1d4e4ddbe8e41473280f5debf3d50d5105028c451e820bf
9b69538e34603e6ec2341218be21ee500aa57f4b0deded467f012a0f155e65ce
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f5c27611c0671ce3ed55912d6daf2d9f6cb8f78d3901d3a206a646961af05bb
a05587d82a51aba9e99200cddad3444dc152835148765ae610a533216c28240b
a15caae626d59e2db3e7aecda27e4dfcc623de900b2d01e5c4ee1b3a838c3586
a3ddd53f499536c0e8eb0a3a1a5e75316f7f959907d12fc123e01d26ad334775
a3f772c78d73c3418d35694703f2548ef5d0fe3a5e903d09bdbe3bf61503ff78
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a88cd5656c40002a2343c31aeab4263e311eb120b5f4c61141043a6837552800
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b091609321962db7030ba1be76add391e910e1e428bc878543a578b94e96eed2
b3341bec0a8f34b5a80b44ece0d34db5d8e064e3e570cd405b031a1bcd4f5daa
b39a392ec8f34f2e7d2b5d60bee6fbf2f89a45dd951fba92eb3eed8da1649311
b7afd30c360cfe2f506d50d5fef78c975126e545039dc0bd5b6f7c888cf62cfa
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6
bccd2cd032055d053f39bff100c17c2b165952ab55e7479f2aa4ca3f287efd69
bdd965cef6e5f0034f6e7acd5f600c0fd38d271fe9f23bd95995deddf13ca0c3
bf2cb1695948a80c7f945fa3bc8805a7ce02bb248e061ece8a34b975a16008e0
c4cba689b8ba104d6fe0527ad437a1458d53586bcef4109e2693c62a8cea7545
c69aea26c367f48e1804fe755bd72d9db373f12c6d4b43c3738dcf74c0c04ff7
ca4c4d9bccfda5e0acd0d206a18b27968e41379b45ad5bf5c06f87fe4e0a7488
cc0b847e470f5f76afe857fd85648bb60650f0a6d9f770e5628f9c379cb184cb
cc1a91f1b7d6196d368488ce6bef93f1252e6c74fb72d47f86fd8a7d99856eff
cd7f2e78857f617d6b6ddb87f3345687f550731f2dc01110cc359cdfd031bad5
d0370ac08cc18d1bf020d20cd4e310056b073ff2887a0f840407d33c955ae604
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500
d874b4407ec18a37af2e5b06320fd0a8143c054aa65bb07369f646981f378bee
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dabfc19ef465889bf77fb3a7347ea1c0f0c08d3d4ad4fd9370fc109d043a1a84
dd1a9f41d8b7ed46ceb36adc7671f6392ec1bd1cdba114c8ca39e8eaf9d4bc59
dde5645bb8067d85632ec88cf036c885d68e7ba6f02a8a72e4c04ff433c9b7bd
e0d193a6a66bc7cf5717c79c663b4118048b7b07aa4bf139fb77cfcb61b1011c
e1346ba855702d564b8dbae71c7d8e9c465d6657bbbff6f3eaa00cedf4f4aa53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a2096a95586acc732a30954a69c8276586280c61de9025cda0b883bd2540da
e4f9c3dd5018019289cdc8913203ec139c620a728aacc2e5be38719b94f8271d
e590c41a365a5cfcb48fc12a7a34591e21e38e920b4381d487dc60c9c1e6f0ef
e99df0000e30c75b9295ebbd3c1f114cfcbc0e178c1691d1b61d9132317328a7
eddbbe68c5bfa062a75f4c4db4151d12b036a5c0a96547980186c36a78597563
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef936cd6784995adb54527b5ffae2f34f0ae95e3983947a95e187bc89d398e65
f24935ac01a4adcf13b8ab80d6d8b42bffa83b5280c82cd79ed18cc1d4deaf5a
f4c79b2b4a368f73349943f073ae04d64a7b3804ab0dbcc2866c0fa8e209b0bc
f7d46e828bf23ed4df69b4c932c8c92f24375070768be9c2a25077fe654c0175
fc2b8082434f8aa2acfc3d96d723bd360b70988e0553e1345b7dc56838bf9f8d
fdad779856ca45b5b17f2d991c6e41b4622f0dfb5be0e802156cdcb8f7f1238e
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382