urlscan.io logo urlscan.io
SecurityTrails logo

www.gdata.de Open in urlscan Pro
212.23.151.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Submission: On September 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 212.23.151.164, located in Bochum, Germany and belongs to TMR, DE. The main domain is www.gdata.de.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.
This is the only time www.gdata.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 212.23.151.164 12329 (TMR)
3 85.25.214.59 8972 (GD-EMEA-D...)
21 2
Apex Domain
Subdomains		 Transfer
12 gdata.de
www.gdata.de
497 KB
9 gdatasoftware.com
file.gdatasoftware.com
tracking.gdatasoftware.com
146 KB
21 2
Domain Requested by
12 www.gdata.de www.gdata.de
6 tracking.gdatasoftware.com www.gdata.de
tracking.gdatasoftware.com
3 file.gdatasoftware.com www.gdata.de
21 3
Subject Issuer Validity Valid
www.gdata.de
Sectigo RSA Extended Validation Secure Server CA		 2019-10-22 -
2022-01-19		 2 years crt.sh
*.gdatasoftware.com
Sectigo RSA Organization Validation Secure Server CA		 2020-05-19 -
2022-08-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Frame ID: B8BEC87C163CDC9B36261427E38E4753
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

642 kB
Transfer

1221 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 30110-emotet-beutet-outlook-aus
www.gdata.de/blog/2017/10/ 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
14cfdd10eb05227e84808c4926b9d3098c122061251670fb0216b61663531460
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.gdata.de
:scheme
https
:path
/blog/2017/10/30110-emotet-beutet-outlook-aus
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 28 Sep 2020 22:11:24 GMT
content-type
text/html; charset=utf-8
cache-control
max-age: 43200
content-encoding
gzip
content-language
de
etag
W/"2fffd621b43b253235f94c5cb686b4c3"
expires
Sun, 11 Oct 2020 22:00:00 GMT
pragma
public
set-cookie
PHPSESSID=fcb32d26e840752150d31368dacb927f; path=/
x-cachetags
|pageId_30110|
x-t3cache
1
x-t3cacheinfo
cacheContentFlag,loginAllowedInBranch,staticCacheable,ClientCache,not_loggedin
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
vhs-assets-5b9de08ed4381d6d419362e5ce725858.css
www.gdata.de/typo3temp/assets/ 		180 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
98f509762045ac4c774e98d82b28131e47987de8b74f24015fbefaeff7122f01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Sep 2020 18:06:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f72262c-2cf9f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Mon, 12 Oct 2020 22:11:24 GMT
vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js
www.gdata.de/typo3temp/assets/ 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js?1601291669
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Sep 2020 22:02:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f725d88-1b407"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Mon, 12 Oct 2020 22:11:24 GMT
logo_claim_white.png
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_white.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
2583
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Sep 2020 12:11:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5f5b6983-a17"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
EN.svg
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/ 		40 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/EN.svg
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c1e2206eb88e0b11d1c924080dcf5d55d685009b833a43165135001b07525022
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Sep 2020 12:11:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f5b6983-9f7e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Tue, 28 Sep 2021 22:11:25 GMT
Grafik_1_ccd276a9d4.png
www.gdata.de/fileadmin/_processed_/3/f/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/_processed_/3/f/Grafik_1_ccd276a9d4.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
eb0848d43e89f10f480c1384873109d7ad87a2f2d45391d2b98b3f6362e68d55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
66383
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Jun 2020 06:45:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5ef05378-1034f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
Grafik_2.png
www.gdata.de/fileadmin/user_upload/Presse/Deutschland/2017/10/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/user_upload/Presse/Deutschland/2017/10/Grafik_2.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
70e0eda7cf89e8567372085c093ed5d9e66796d7ffd15018925e5df731b67656
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
42834
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jun 2020 10:02:09 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5eec8d21-a752"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
Grafik_3_9b68205e00.png
www.gdata.de/fileadmin/_processed_/a/8/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/_processed_/a/8/Grafik_3_9b68205e00.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c1d91d0f01eabff438cffb49f4f8e41cc07d7b94860c2c26b95f5df72ad79081
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
11571
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Jun 2020 06:45:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5ef05378-2d33"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
logo_claim_2016_white.png
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_2016_white.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
3871
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Sep 2020 12:11:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5f5b6983-f1f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js
www.gdata.de/typo3temp/assets/ 		260 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Sep 2020 18:06:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f72262c-41024"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=1209600
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Mon, 12 Oct 2020 22:11:25 GMT
blog-default-header-1.jpg
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/blog-default-header-1.jpg
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
content-length
135170
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Sep 2020 12:11:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5f5b6983-21002"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
accept-ranges
bytes
expires
Tue, 28 Sep 2021 22:11:25 GMT
source-sans-pro-v13-latin-ext_latin-regular.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-regular.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.59 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
malta1055.startdedicated.com
Software
nginx /
Resource Hash
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 22:11:26 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25656
Expires
Mon, 05 Oct 2020 22:11:26 GMT
gcon1-988.woff2
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Styles/font/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Styles/font/gcon1-988.woff2?waerhgm
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
ab12a263ae21799ecbd4a660abbbff3747f762433026fb4997df8bd8cebf941f

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
last-modified
Sat, 26 Sep 2020 09:10:24 GMT
server
nginx
etag
"5f6f0580-c0b0"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://www.gdata.de
accept-ranges
bytes
content-length
49328
source-sans-pro-v13-latin-ext_latin-300.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-300.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.59 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
malta1055.startdedicated.com
Software
nginx /
Resource Hash
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 22:11:26 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25716
Expires
Mon, 05 Oct 2020 22:11:26 GMT
source-sans-pro-v13-latin-ext_latin-600.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-600.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.59 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
malta1055.startdedicated.com
Software
nginx /
Resource Hash
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1601288281
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 22:11:26 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25520
Expires
Mon, 05 Oct 2020 22:11:26 GMT
matomo.js
tracking.gdatasoftware.com/ 		179 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/matomo.js
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
502f14c9f028a9a4d68f4afd787530e6fe2cad45faea0f88e567bfe55a54a927
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Aug 2020 11:20:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f43a294-2cb44"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=43200
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Tue, 29 Sep 2020 10:11:25 GMT
container_CUsVDfV5.js
tracking.gdatasoftware.com/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/js/container_CUsVDfV5.js
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c24de75d9e63c0e63ca9e091eb1e29584d9081bd18df9c14fc8694af89f6ae71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Sep 2020 08:46:00 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f6473c8-bf25"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=43200
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Tue, 29 Sep 2020 10:11:25 GMT
matomo.php
tracking.gdatasoftware.com/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.gdatasoftware.com/matomo.php?action_name=Emotet%20beutet%20Outlook%20aus%20%7C%20G%20DATA&idsite=1&rec=1&r=336239&h=0&m=11&s=26&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus&_id=&_idts=1601331087&_idvc=1&_idn=1&_refts=0&_viewts=1601331087&send_image=1&cookie=1&res=1600x1200&gt_ms=130&pv_id=olVyJh
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
x-content-type-options
nosniff
status
200
vary
Origin
content-length
43
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3628800
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Mon, 09 Nov 2020 22:11:25 GMT
configs.php
tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/ 		116 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=Mp9Pv2&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus
Requested by
Host: tracking.gdatasoftware.com
URL: https://tracking.gdatasoftware.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
509e713c7a09961f800d2f14284b7f0bb6278d5397c3a0b5b066afa3a7e16209
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=43200
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
strict-transport-security
max-age=31536000; includeSubDomains
content-length
116
x-content-type-options
nosniff
expires
Tue, 29 Sep 2020 10:11:25 GMT
configs.php
tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/ 		116 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=hkl0vb&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus
Requested by
Host: tracking.gdatasoftware.com
URL: https://tracking.gdatasoftware.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
2b942b70314a046458a2df804946e8ad29f9307a03eddbab53e9b33d7b42dede
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:25 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=43200
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
strict-transport-security
max-age=31536000; includeSubDomains
content-length
116
x-content-type-options
nosniff
expires
Tue, 29 Sep 2020 10:11:25 GMT
matomo.php
tracking.gdatasoftware.com/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.gdatasoftware.com/matomo.php?action_name=Emotet%20beutet%20Outlook%20aus%20%7C%20G%20DATA&idsite=1&rec=1&r=633932&h=0&m=11&s=26&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus&_id=&_idts=1601331087&_idvc=1&_idn=1&_refts=0&_viewts=1601331087&send_image=1&cookie=1&res=1600x1200&gt_ms=130&pv_id=dDiNnB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 22:11:26 GMT
x-content-type-options
nosniff
status
200
vary
Origin
content-length
43
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3628800
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
expires
Mon, 09 Nov 2020 22:11:26 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| _typeof object| html5 object| Modernizr function| $ function| jQuery function| _createClass function| _classCallCheck function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| GdPlatform undefined| filetypes undefined| baseHref undefined| hrefRedirect undefined| gaHitCallbackHandler object| GdWebsite function| objectFitImages function| GDataMainMenu object| GdScrollIndicator object| Foundation object| jQuery1124046190974538513485 function| Shariff function| GdTrackingModule object| hljs object| GdTracking object| _paq object| _mtm object| MatomoTagManager object| piwikPluginAsyncInit object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

1 Cookies

Domain/Path Name / Value
www.gdata.de/ Name: PHPSESSID
Value: fcb32d26e840752150d31368dacb927f

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281(Line 15)
Message:
%c ██████╗ ██████╗ █████╗ ████████╗ █████╗ ██╔════╝ ██╔══██╗██╔══██╗╚══██╔══╝██╔══██╗ %cTRUST IN%c ██║ ███╗ ██║ ██║███████║ ██║ ███████║ %cGERMAN%c ██║ ██║ ██║ ██║██╔══██║ ██║ ██╔══██║ %cSICHERHEIT%c ╚██████╔╝ ██████╔╝██║ ██║ ██║ ██║ ██║ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281(Line 15)
Message:
%cOh, you are reading our sourcecode? You are a developer? We are hiring! color: #FFFFFF; font-size: x-large; background-color:#151c21;
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1601288281(Line 15)
Message:
%cLooking for a job opportunity? www.gdata.de/jobs or apply now personal@gdata.de. color: #c20e1a; font-size: large;
console-api error URL: https://tracking.gdatasoftware.com/matomo.js(Line 22)
Message:
The method requireCookieConsent is registered more than once in "_paq" variable. Only the last call has an effect. Please have a look at the multiple Piwik trackers documentation: https://developer.piwik.org/guides/tracking-javascript-guide#multiple-piwik-trackers

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

file.gdatasoftware.com
tracking.gdatasoftware.com
www.gdata.de
212.23.151.164
85.25.214.59
14cfdd10eb05227e84808c4926b9d3098c122061251670fb0216b61663531460
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
2b942b70314a046458a2df804946e8ad29f9307a03eddbab53e9b33d7b42dede
3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b
502f14c9f028a9a4d68f4afd787530e6fe2cad45faea0f88e567bfe55a54a927
509e713c7a09961f800d2f14284b7f0bb6278d5397c3a0b5b066afa3a7e16209
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4
6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd
70e0eda7cf89e8567372085c093ed5d9e66796d7ffd15018925e5df731b67656
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
98f509762045ac4c774e98d82b28131e47987de8b74f24015fbefaeff7122f01
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2
ab12a263ae21799ecbd4a660abbbff3747f762433026fb4997df8bd8cebf941f
c1d91d0f01eabff438cffb49f4f8e41cc07d7b94860c2c26b95f5df72ad79081
c1e2206eb88e0b11d1c924080dcf5d55d685009b833a43165135001b07525022
c24de75d9e63c0e63ca9e091eb1e29584d9081bd18df9c14fc8694af89f6ae71
d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85
eb0848d43e89f10f480c1384873109d7ad87a2f2d45391d2b98b3f6362e68d55