www.gdatasoftware.com
Open in
urlscan Pro
212.23.151.164
Public Scan
Submission: On September 02 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 19th 2020. Valid for: 2 years.
This is the only time www.gdatasoftware.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 212.23.151.164 212.23.151.164 | 12329 (TMR) (TMR) | |
3 | 85.25.214.59 85.25.214.59 | 8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1) | |
21 | 2 |
ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: malta1055.startdedicated.com
file.gdatasoftware.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
gdatasoftware.com
www.gdatasoftware.com file.gdatasoftware.com |
729 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
18 | www.gdatasoftware.com |
www.gdatasoftware.com
|
3 | file.gdatasoftware.com |
www.gdatasoftware.com
|
21 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gdatasoftware.com Sectigo RSA Organization Validation Secure Server CA |
2020-05-19 - 2022-08-17 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.gdatasoftware.com/blog/cyrat-ransomware
Frame ID: 409D33D4EC0CEC02608687172AA8127F
Requests: 21 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: DiE
Search URL Search Domain Scan URL
Title: PortexAnalyzer
Search URL Search Domain Scan URL
Title: PyInstaller
Search URL Search Domain Scan URL
Title: PyInstxtractor
Search URL Search Domain Scan URL
Title: Python 3.7
Search URL Search Domain Scan URL
Title: uncompyle6
Search URL Search Domain Scan URL
Title: pyfiglet
Search URL Search Domain Scan URL
Title: Fernet
Search URL Search Domain Scan URL
Title: I posted the Cyrat sample
Search URL Search Domain Scan URL
Title: tweet
Search URL Search Domain Scan URL
Title: share
Search URL Search Domain Scan URL
Title: share
Search URL Search Domain Scan URL
Title: share
Search URL Search Domain Scan URL
Title: share
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
cyrat-ransomware
www.gdatasoftware.com/blog/ |
34 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vhs-assets-5b9de08ed4381d6d419362e5ce725858.css
www.gdatasoftware.com/typo3temp/assets/ |
180 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js
www.gdatasoftware.com/typo3temp/assets/ |
109 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_claim_white.png
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DE.svg
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/ |
966 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryrat_die.png
www.gdatasoftware.com/fileadmin/user_upload/Presse/Deutschland/2020/09/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryrat_screen.png
www.gdatasoftware.com/fileadmin/user_upload/Presse/Deutschland/2020/09/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ransomware_attack_worried_businessman_by_andrey_popov_gettyimages-1199291222_cso_2400x1600-100840844-large_9c24b9cd5d.jpg
www.gdatasoftware.com/fileadmin/_processed_/c/a/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cyrat_ransomnote_e4a1a7d48f.png
www.gdatasoftware.com/fileadmin/_processed_/e/3/ |
107 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cryrat_linux.png
www.gdatasoftware.com/fileadmin/user_upload/Presse/Deutschland/2020/09/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hahn_karsten_7c2341c8d2.jpg
www.gdatasoftware.com/fileadmin/_processed_/0/d/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G_DATA_Blog_USB_Single_Preview_360eeca1eb.jpg
www.gdatasoftware.com/fileadmin/_processed_/3/2/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G_DATA_Blog_Zeppelin_Buran_Preview_d5267212c0.jpg
www.gdatasoftware.com/fileadmin/_processed_/8/7/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G_DATA_Blog_RansomwareClass_Preview_c0d7c09e85.jpg
www.gdatasoftware.com/fileadmin/_processed_/c/3/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_claim_2016_white.png
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js
www.gdatasoftware.com/typo3temp/assets/ |
260 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G_DATA_Blog_Cyrat_Header.jpg
www.gdatasoftware.com/fileadmin/web/general/images/blog/2020/09_2020/ |
182 KB 183 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source-sans-pro-v13-latin-ext_latin-regular.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gcon1-988.woff2
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Styles/font/ |
48 KB 48 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source-sans-pro-v13-latin-ext_latin-300.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source-sans-pro-v13-latin-ext_latin-600.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| _typeof object| html5 object| Modernizr function| $ function| jQuery function| _createClass function| _classCallCheck function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| GdPlatform object| GdWebsite undefined| filetypes undefined| baseHref undefined| hrefRedirect undefined| gaHitCallbackHandler function| objectFitImages function| GDataMainMenu object| GdScrollIndicator object| Foundation object| jQuery1124017404801755499788 function| Shariff function| GdTrackingModule object| hljs object| GdTracking0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
file.gdatasoftware.com
www.gdatasoftware.com
212.23.151.164
85.25.214.59
19d66a51d12c87c2c254f61d3dc66f4765bc852b03138e4b38ed5fbc3dd01d19
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
2293cdfd1a7ce9581fff01e4d8e62cb6a08947221d765c7a6e6a632537166bfd
2dc6ab07f1d6e79cff9b306b9c391b7ffbf9a94aa1fe574e289861e8fd795abd
31b756baa153afb74c47c789fce3137d48b664be8256c7439bbada18db3ed55a
3af86a7f82ecef59c48a52819de5952758bcf41730bc06d1befbf92d513f228a
59c98d74e18d497ae8beba3deabf9b09fab8e77f64152cf2d2eeeae17451c8c5
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4
67a7dd18b1177b92f8af0675bd8ff61289def30b7b411f68aef1ff9e7901ca76
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
86431d4e10f0dec2493aaa60f76193fc1804795705e58c3fb97c4a90d78d6980
93572341956c02217a72dc75c6d4478d04031a259f0aa982936a9c6b58e97cd5
98f509762045ac4c774e98d82b28131e47987de8b74f24015fbefaeff7122f01
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2
ab12a263ae21799ecbd4a660abbbff3747f762433026fb4997df8bd8cebf941f
d0551ebf246bbbb916a5c5085c36ac4de3001ccd4ebbfa3603db310938b0a25a
d3d3457d66278e95e3a9c4427a3454a3d8b0d92be191fd38abe765255d633243
e37366d1e0c90d8c0fd6653a3afd9fd46d96cfe5359ad4a3d5a760495189c393
e5923b798e060bca27d8590469b7302237f41ff6481679108a364c36d266b558
ed6adae660bb866303826f11fbd012548ad51f7373d4060ebb3d695b9e5df2db