urlscan.io logo urlscan.io
SecurityTrails logo

www.gdata.de Open in urlscan Pro
212.23.151.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Submission: On October 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 212.23.151.164, located in Bochum, Germany and belongs to TMR, DE. The main domain is www.gdata.de.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.
This is the only time www.gdata.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 212.23.151.164 12329 (TMR)
3 85.25.214.189 8972 (GD-EMEA-D...)
21 2
Apex Domain
Subdomains		 Transfer
12 gdata.de
www.gdata.de
499 KB
9 gdatasoftware.com
file.gdatasoftware.com
tracking.gdatasoftware.com
147 KB
21 2
Domain Requested by
12 www.gdata.de www.gdata.de
6 tracking.gdatasoftware.com www.gdata.de
tracking.gdatasoftware.com
3 file.gdatasoftware.com www.gdata.de
21 3
Subject Issuer Validity Valid
www.gdata.de
Sectigo RSA Extended Validation Secure Server CA		 2019-10-22 -
2022-01-19		 2 years crt.sh
*.gdatasoftware.com
Sectigo RSA Organization Validation Secure Server CA		 2020-05-19 -
2022-08-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Frame ID: 14744F82965C7277D1A6A240F6F45F7B
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i
Overall confidence: 100%
Detected patterns
  • meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

647 kB
Transfer

1221 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 30110-emotet-beutet-outlook-aus
www.gdata.de/blog/2017/10/ 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
cc759c58623e92b9511634f4f4f9d147006b8833deb6ea550709ff77487f34d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.gdata.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 23 Oct 2020 20:18:46 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age: 43200
Content-Encoding
gzip
Content-Language
de
Etag
W/"0a057d3678c88e3dfa9ee26cbdd3e7f3"
Expires
Sun, 25 Oct 2020 23:00:00 GMT
Pragma
public
GD_COUNTRY_CODE
PT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
vhs-assets-5b9de08ed4381d6d419362e5ce725858.css
www.gdata.de/typo3temp/assets/ 		180 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
98f509762045ac4c774e98d82b28131e47987de8b74f24015fbefaeff7122f01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 23 Oct 2020 18:23:24 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f931f9c-2cf9f"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=1209600
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Fri, 06 Nov 2020 20:18:46 GMT
vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js
www.gdata.de/typo3temp/assets/ 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js?1602503372
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 23 Oct 2020 20:17:39 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f933a63-1b407"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=1209600
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Fri, 06 Nov 2020 20:18:46 GMT
logo_claim_white.png
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_white.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
2583
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 11 Oct 2020 21:23:18 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5f8377c6-a17"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
EN.svg
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/ 		40 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/EN.svg
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c1e2206eb88e0b11d1c924080dcf5d55d685009b833a43165135001b07525022
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 11 Oct 2020 21:23:18 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f8377c6-9f7e"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Sat, 23 Oct 2021 20:18:46 GMT
Grafik_1_ccd276a9d4.png
www.gdata.de/fileadmin/_processed_/3/f/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/_processed_/3/f/Grafik_1_ccd276a9d4.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
eb0848d43e89f10f480c1384873109d7ad87a2f2d45391d2b98b3f6362e68d55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
66383
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 22 Jun 2020 06:45:12 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5ef05378-1034f"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
Grafik_2.png
www.gdata.de/fileadmin/user_upload/Presse/Deutschland/2017/10/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/user_upload/Presse/Deutschland/2017/10/Grafik_2.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
70e0eda7cf89e8567372085c093ed5d9e66796d7ffd15018925e5df731b67656
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
42834
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 19 Jun 2020 10:02:09 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5eec8d21-a752"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
Grafik_3_9b68205e00.png
www.gdata.de/fileadmin/_processed_/a/8/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/fileadmin/_processed_/a/8/Grafik_3_9b68205e00.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c1d91d0f01eabff438cffb49f4f8e41cc07d7b94860c2c26b95f5df72ad79081
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
11571
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 22 Jun 2020 06:45:12 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5ef05378-2d33"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
logo_claim_2016_white.png
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_2016_white.png
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
3871
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 11 Oct 2020 21:23:18 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5f8377c6-f1f"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js
www.gdata.de/typo3temp/assets/ 		260 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 23 Oct 2020 18:23:24 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f931f9c-41024"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=1209600
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Fri, 06 Nov 2020 20:18:46 GMT
blog-default-header-1.jpg
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/blog-default-header-1.jpg
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
135170
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 11 Oct 2020 21:23:18 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
"5f8377c6-21002"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges
bytes
Expires
Sat, 23 Oct 2021 20:18:46 GMT
source-sans-pro-v13-latin-ext_latin-regular.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-regular.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:48 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
ETag
"5d43c744-6438"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25656
Expires
Fri, 30 Oct 2020 20:18:48 GMT
gcon1-988.woff2
www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Styles/font/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gdata.de/typo3conf/ext/gd_sites/Resources/Public/Styles/font/gcon1-988.woff2?waerhgm
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
ab12a263ae21799ecbd4a660abbbff3747f762433026fb4997df8bd8cebf941f

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:46 GMT
Last-Modified
Sun, 11 Oct 2020 21:23:18 GMT
Server
nginx
Etag
"5f8377c6-c0b0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.gdata.de
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49328
source-sans-pro-v13-latin-ext_latin-300.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-300.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:48 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
ETag
"5d43c744-6474"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25716
Expires
Fri, 30 Oct 2020 20:18:48 GMT
source-sans-pro-v13-latin-ext_latin-600.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-600.woff2
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
nginx /
Resource Hash
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4

Request headers

Origin
https://www.gdata.de
Referer
https://www.gdata.de/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1602481235
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:48 GMT
Last-Modified
Fri, 02 Aug 2019 05:16:52 GMT
Server
nginx
ETag
"5d43c744-63b0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25520
Expires
Fri, 30 Oct 2020 20:18:48 GMT
matomo.js
tracking.gdatasoftware.com/ 		179 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/matomo.js
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
a858dd147507b56538997a59ea94900fe5f80a76a25773e281bd3947d119a514
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Pragma
public
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 20 Oct 2020 11:28:19 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f8ec9d3-2cba0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=43200
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Sat, 24 Oct 2020 08:18:47 GMT
container_CUsVDfV5.js
tracking.gdatasoftware.com/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/js/container_CUsVDfV5.js
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
c24de75d9e63c0e63ca9e091eb1e29584d9081bd18df9c14fc8694af89f6ae71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
GD_COUNTRY_CODE
PT
Connection
keep-alive
X-Xss-Protection
1; mode=block
Pragma
public
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 18 Sep 2020 08:46:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"5f6473c8-bf25"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=43200
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Sat, 24 Oct 2020 08:18:47 GMT
matomo.php
tracking.gdatasoftware.com/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.gdatasoftware.com/matomo.php?action_name=Emotet%20beutet%20Outlook%20aus%20%7C%20G%20DATA&idsite=1&rec=1&r=718397&h=22&m=18&s=48&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus&_id=&_idts=1603484329&_idvc=1&_idn=1&_refts=0&_viewts=1603484329&send_image=1&cookie=1&res=1600x1200&gt_ms=45&pv_id=BLN4gD
Requested by
Host: www.gdata.de
URL: https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
43
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3628800
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Fri, 04 Dec 2020 20:18:47 GMT
configs.php
tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/ 		116 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=KDndak&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus
Requested by
Host: tracking.gdatasoftware.com
URL: https://tracking.gdatasoftware.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
58e5c972e34e74559e86b7b8f30bed0f229e4515074a8b067784433328927a7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
GD_COUNTRY_CODE
PT
X-Xss-Protection
1; mode=block
Cache-Control
max-age=43200
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
116
X-Content-Type-Options
nosniff
Expires
Sat, 24 Oct 2020 08:18:47 GMT
configs.php
tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/ 		116 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.gdatasoftware.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=o7RBXf&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus
Requested by
Host: tracking.gdatasoftware.com
URL: https://tracking.gdatasoftware.com/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
5bd82ed7c1812407a6acf05433823238ce8f444f4a13cbe52833b1ca9384dd8d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript
GD_COUNTRY_CODE
PT
X-Xss-Protection
1; mode=block
Cache-Control
max-age=43200
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
116
X-Content-Type-Options
nosniff
Expires
Sat, 24 Oct 2020 08:18:47 GMT
matomo.php
tracking.gdatasoftware.com/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.gdatasoftware.com/matomo.php?action_name=Emotet%20beutet%20Outlook%20aus%20%7C%20G%20DATA&idsite=1&rec=1&r=377819&h=22&m=18&s=48&url=https%3A%2F%2Fwww.gdata.de%2Fblog%2F2017%2F10%2F30110-emotet-beutet-outlook-aus&_id=&_idts=1603484329&_idvc=1&_idn=1&_refts=0&_viewts=1603484329&send_image=1&cookie=1&res=1600x1200&gt_ms=45&pv_id=sjqEP6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gdata.de/blog/2017/10/30110-emotet-beutet-outlook-aus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 23 Oct 2020 20:18:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
GD_COUNTRY_CODE
PT
Connection
keep-alive
Content-Length
43
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3628800
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires
Fri, 04 Dec 2020 20:18:47 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| _typeof object| html5 object| Modernizr function| $ function| jQuery function| _createClass function| _classCallCheck function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| GdPlatform undefined| filetypes undefined| baseHref undefined| hrefRedirect undefined| gaHitCallbackHandler object| GdWebsite function| objectFitImages function| GDataMainMenu object| GdScrollIndicator object| Foundation object| jQuery112407389396240075061 function| Shariff function| GdTrackingModule object| hljs object| GdTracking object| _paq object| _mtm object| MatomoTagManager object| piwikPluginAsyncInit object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

0 Cookies

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235(Line 15)
Message:
%c ██████╗ ██████╗ █████╗ ████████╗ █████╗ ██╔════╝ ██╔══██╗██╔══██╗╚══██╔══╝██╔══██╗ %cTRUST IN%c ██║ ███╗ ██║ ██║███████║ ██║ ███████║ %cGERMAN%c ██║ ██║ ██║ ██║██╔══██║ ██║ ██╔══██║ %cSICHERHEIT%c ╚██████╔╝ ██████╔╝██║ ██║ ██║ ██║ ██║ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace color:#000000;font-family:monospace color:#c20e1a;font-family:monospace
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235(Line 15)
Message:
%cOh, you are reading our sourcecode? You are a developer? We are hiring! color: #FFFFFF; font-size: x-large; background-color:#151c21;
console-api log URL: https://www.gdata.de/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1602481235(Line 15)
Message:
%cLooking for a job opportunity? www.gdata.de/jobs or apply now personal@gdata.de. color: #c20e1a; font-size: large;
console-api error URL: https://tracking.gdatasoftware.com/matomo.js(Line 22)
Message:
The method requireCookieConsent is registered more than once in "_paq" variable. Only the last call has an effect. Please have a look at the multiple Piwik trackers documentation: https://developer.piwik.org/guides/tracking-javascript-guide#multiple-piwik-trackers

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

file.gdatasoftware.com
tracking.gdatasoftware.com
www.gdata.de
212.23.151.164
85.25.214.189
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e5c972e34e74559e86b7b8f30bed0f229e4515074a8b067784433328927a7c
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4
5bd82ed7c1812407a6acf05433823238ce8f444f4a13cbe52833b1ca9384dd8d
6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd
70e0eda7cf89e8567372085c093ed5d9e66796d7ffd15018925e5df731b67656
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
98f509762045ac4c774e98d82b28131e47987de8b74f24015fbefaeff7122f01
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2
a858dd147507b56538997a59ea94900fe5f80a76a25773e281bd3947d119a514
ab12a263ae21799ecbd4a660abbbff3747f762433026fb4997df8bd8cebf941f
c1d91d0f01eabff438cffb49f4f8e41cc07d7b94860c2c26b95f5df72ad79081
c1e2206eb88e0b11d1c924080dcf5d55d685009b833a43165135001b07525022
c24de75d9e63c0e63ca9e091eb1e29584d9081bd18df9c14fc8694af89f6ae71
cc759c58623e92b9511634f4f4f9d147006b8833deb6ea550709ff77487f34d5
d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85
eb0848d43e89f10f480c1384873109d7ad87a2f2d45391d2b98b3f6362e68d55