www.gdatasoftware.com Open in urlscan Pro
212.23.151.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.gdatasoftware.com/2017/05/29751-wannacry-ransomware-campaign/
Effective URL:
https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
Submission: On November 10 via api (November 10th 2020, 11:13:50 pm UTC) from US

Summary HTTP 15 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 212.23.151.164, located in Bochum, Germany and belongs to TMR, DE. The main domain is www.gdatasoftware.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 19th 2020. Valid for: 2 years.

This is the only time www.gdatasoftware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	212.23.151.164 212.23.151.164	12329 (TMR) (TMR)
3	85.25.214.189 85.25.214.189	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
15	2

13 212.23.151.164 (Bochum, Germany) 1 redirects

ASN12329 (TMR, DE)

blog.gdatasoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gdatasoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.25.214.189 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)

file.gdatasoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gdatasoftware.com 1 redirects blog.gdatasoftware.com www.gdatasoftware.com file.gdatasoftware.com	562 KB
15	1

	Domain	Requested by
12	www.gdatasoftware.com	www.gdatasoftware.com
3	file.gdatasoftware.com	www.gdatasoftware.com
1	blog.gdatasoftware.com	1 redirects
15	3

This site contains links to these domains. Also see Links.

Domain
www.gdata.de
feeds.feedblitz.com
www.elmundo.es
blogs.technet.microsoft.com
twitter.com
www.publico.pt
varlamov.ru
digital.nhs.uk
https
technet.microsoft.com
www.cve.mitre.org
www.telegraph.co.uk
www.healthcareitnews.com
www.xing.com
www.linkedin.com
www.facebook.com
reddit.com
www.youtube.com

Subject Issuer	Validity	Valid
*.gdatasoftware.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-19` - `2022-08-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
Frame ID: 9B51CD9431D8032395CF77CA6E15805C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://blog.gdatasoftware.com/2017/05/29751-wannacry-ransomware-campaign/ HTTP 301
https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/ Page URL

Detected technologies

TYPO3 CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

561 kB
Transfer

974 kB
Size

1
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gdata.de/blog
Title:

Search URL Search Domain Scan URL

URL: https://feeds.feedblitz.com/GDataSecurityBlog-EN&x=1
Title:

Search URL Search Domain Scan URL

URL: http://www.elmundo.es/tecnologia/2017/05/12/59158a8ce5fdea194f8b4616.html
Title: El Mundo

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Title: mitigation patch for some legacy versions of Windows

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam/
Title: https://twitter.com/malwrhunterteam/

Search URL Search Domain Scan URL

URL: https://www.publico.pt/2017/05/12/tecnologia/noticia/ataque-informatico-internacional-afecta-empresas-e-hospitais-1771939
Title: Private businesses in Spain and Portugal are hit with WannaCry

Search URL Search Domain Scan URL

URL: https://twitter.com/dodicin/status/862991818904002565
Title: Some computer labs also suffer from the ransomware's ability to spread rapidly through a network

Search URL Search Domain Scan URL

URL: http://varlamov.ru/2370148.html
Title: reports

Search URL Search Domain Scan URL

URL: https://digital.nhs.uk/article/1491/Statement-on-reported-NHS-cyber-attack
Title: statement from the British NHS

Search URL Search Domain Scan URL

URL: http://https//www.bleepingcomputer.com/news/security/shadow-brokers-release-new-files-revealing-windows-exploits-swift-attacks/
Title: last month

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396
Title: security flaw in SMB

Search URL Search Domain Scan URL

URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143
Title: NVD

Search URL Search Domain Scan URL

URL: https://twitter.com/Avas_Marco/status/863107445559889921
Title: timetable displays of various train stations

Search URL Search Domain Scan URL

URL: http://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/
Title: spread across several hospitals

Search URL Search Domain Scan URL

URL: https://twitter.com/ThiceNL/status/865133662387527681
Title: learned

Search URL Search Domain Scan URL

URL: http://www.healthcareitnews.com/news/us-health-systems-knocked-out-wannacry-hhs-says-take-these-steps-keep-your-facility-safe
Title: advise affected organizations to rebuild (or reimage) affected systems

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Warning%3A%20Massive%20%22WannaCry%22%20Ransomware%20campaign%20launched%20%7C%20G%20DATA&url=https%3A%2F%2Fwww.gdatasoftware.com%2Fblog%2F2017%2F05%2F29751-wannacry-ransomware-campaign&via=GDATA
Title: tweet

Search URL Search Domain Scan URL

URL: https://www.xing.com/social_plugins/share?url=https%3A%2F%2Fwww.gdatasoftware.com%2Fblog%2F2017%2F05%2F29751-wannacry-ransomware-campaign
Title: share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&summary=A%20big%20ransomware%20infection%20wave%20has%20claimed%20over%20200.000%20victims%20100%2B%20countries.%20We%20have%20collected%20some%20information%20in%20our%20latest%20blog%20article.%20&title=Warning%3A%20Massive%20%22WannaCry%22%20Ransomware%20campaign%20launched%20%7C%20G%20DATA&url=https%3A%2F%2Fwww.gdatasoftware.com%2Fblog%2F2017%2F05%2F29751-wannacry-ransomware-campaign
Title: share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.gdatasoftware.com%2Fblog%2F2017%2F05%2F29751-wannacry-ransomware-campaign
Title: share

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.gdatasoftware.com%2Fblog%2F2017%2F05%2F29751-wannacry-ransomware-campaign&title=Warning%3A%20Massive%20%22WannaCry%22%20Ransomware%20campaign%20launched%20%7C%20G%20DATA
Title: share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gdatasoftwareag

Search URL Search Domain Scan URL

URL: https://twitter.com/GDATA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GDataSoftwareAG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.gdatasoftware.com/2017/05/29751-wannacry-ransomware-campaign/ HTTP 301
https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
Redirect Chain

https://blog.gdatasoftware.com/2017/05/29751-wannacry-ransomware-campaign/
https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

38 KB
15 KB

251ms
166ms

Document
text/html

212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

78417e4775b23dfc34d0e7f4c4e423b332357422ec812f986f08a4266097889e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.gdatasoftware.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 10 Nov 2020 23:13:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age: 43200
Content-Encoding: gzip
Content-Language: en
Etag: W/"a433077f18210c06b7658eb113831897"
Expires: Sun, 22 Nov 2020 23:00:00 GMT
Pragma: public
Set-Cookie: PHPSESSID=a146ec8adccd93adebcc13d99ebf8690; path=/
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Server: nginx
Date: Tue, 10 Nov 2020 23:13:33 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1 200
OK vhs-assets-5b9de08ed4381d6d419362e5ce725858.css
www.gdatasoftware.com/typo3temp/assets/ 180 KB
34 KB 65ms
65ms Stylesheet
text/css 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

96c985d38301023f9d0d5ed3649fb6f6103fc3caf34b8740f602b00ed6dcde1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 10 Nov 2020 14:47:32 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"5faaa804-2d17f"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=43200
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires: Wed, 11 Nov 2020 11:13:34 GMT

GET
H/1.1 200
OK vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js Show response
www.gdatasoftware.com/typo3temp/assets/ 109 KB
39 KB 145ms
73ms Script
application/javascript 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-1b134abf3ac2eb960301b83b9d6c2ff4.js?1604926255

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 10 Nov 2020 23:11:24 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"5fab1e1c-1b407"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=43200
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires: Wed, 11 Nov 2020 11:13:34 GMT

GET
H/1.1 200
OK logo_claim_white.png
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/ 3 KB
3 KB 37ms
37ms Image
image/png 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_white.png

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2583
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Nov 2020 14:40:44 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5fa5606c-a17"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK DE.svg
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/ 966 B
1 KB 39ms
37ms Image
image/svg+xml 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/Flags/DE.svg

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

19d66a51d12c87c2c254f61d3dc66f4765bc852b03138e4b38ed5fbc3dd01d19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Nov 2020 14:40:43 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"5fa5606b-3c6"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK WannaCryMessage_abe35130ef.jpg
www.gdatasoftware.com/fileadmin/_processed_/e/b/ 35 KB
36 KB 61ms
54ms Image
image/jpeg 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/fileadmin/_processed_/e/b/WannaCryMessage_abe35130ef.jpg

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

452b587c9723e0b1dbe83956fca3229be16e596829c6b3b142aa4befcb51bcae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 35782
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Jun 2020 06:43:57 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5ef0532d-8bc6"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK GDATA_blog_locky_variants_WHAT_is_v1_anonym_627c3bf593.png
www.gdatasoftware.com/fileadmin/_processed_/a/d/ 7 KB
8 KB 108ms
40ms Image
image/png 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/fileadmin/_processed_/a/d/GDATA_blog_locky_variants_WHAT_is_v1_anonym_627c3bf593.png

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

d784b27aa6cfb2fe6e4f29ad5d2f12cef3e8b1859469a0400b39e7857d42234d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 7503
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 19 Jun 2020 09:36:06 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5eec8706-1d4f"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK G_DATA_Blog_Screenshot_Petya-LockScreen_1d91ce8aca.png
www.gdatasoftware.com/fileadmin/_processed_/9/b/ 15 KB
16 KB 130ms
56ms Image
image/png 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/fileadmin/_processed_/9/b/G_DATA_Blog_Screenshot_Petya-LockScreen_1d91ce8aca.png

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

4775ba100c5582ca38ddb4f0b74435c011957ba30e782d2b5dd7292bb4d8afa2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 15018
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 19 Jun 2020 09:29:08 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5eec8564-3aaa"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK logo_claim_2016_white.png
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/ 4 KB
5 KB 111ms
37ms Image
image/png 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/logo_claim_2016_white.png

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3871
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Nov 2020 14:40:44 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5fa5606c-f1f"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js Show response
www.gdatasoftware.com/typo3temp/assets/ 260 KB
80 KB 69ms
69ms Script
application/javascript 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-72fbd3c3fac64cddf69a69a19bc35c07.js?1604904910

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 10 Nov 2020 14:47:32 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"5faaa804-41024"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=43200
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Expires: Wed, 11 Nov 2020 11:13:34 GMT

GET
H/1.1 200
OK blog-default-header-1.jpg
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/ 132 KB
133 KB 92ms
56ms Image
image/jpeg 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Images/content-elements/blog-default-header-1.jpg

Requested by

Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),

Reverse DNS

Software

nginx /

Resource Hash

3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gdatasoftware.com/blog/2017/05/29751-wannacry-ransomware-campaign/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 135170
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Nov 2020 14:40:44 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: "5fa5606c-21002"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=3628800
Content-Security-Policy: frame-ancestors 'self' *.gdata.de *.gdata.ch *.gdata.fr *.gdata.at *.gdata.nl *.gdata.it *.gdata.be *.gdata.es *.gdata.pt *.gdatasoftware.co.uk *.gdatasoftware.com *.gdata-software.com *.gdata-advancedanalytics.de *.gdata-advancedanalytics.com *.gdata.co.jp *.gdata-china.com *.gdata-hongkong.com *.inventorofantivirus.com;
Accept-Ranges: bytes
Expires: Tue, 22 Dec 2020 23:13:34 GMT

GET
H/1.1 200
OK source-sans-pro-v13-latin-ext_latin-regular.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 25 KB
25 KB 212ms
67ms Font
application/octet-stream 85.25.214.189
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-regular.woff2
Requested by: Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: nginx /
Resource Hash: 72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b

Request headers

Origin: https://www.gdatasoftware.com
Referer: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Last-Modified: Fri, 02 Aug 2019 05:16:52 GMT
Server: nginx
ETag: "5d43c744-6438"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25656
Expires: Tue, 17 Nov 2020 23:13:34 GMT

GET
H/1.1 200
OK gcon1-989.ttf
www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Styles/font/ 115 KB
115 KB 75ms
43ms Font
application/octet-stream 212.23.151.164
TMR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdatasoftware.com/typo3conf/ext/gd_sites/Resources/Public/Styles/font/gcon1-989.ttf?waerhgm
Requested by: Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.23.151.164 Bochum, Germany, ASN12329 (TMR, DE),
Reverse DNS
Software: nginx /
Resource Hash: dbc0a7e5c3d9d56b4ec39ca42d03e107f6b8529d6608a1e257112729fb18b75a

Request headers

Origin: https://www.gdatasoftware.com
Referer: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Last-Modified: Fri, 06 Nov 2020 14:40:44 GMT
Server: nginx
Etag: "5fa5606c-1cbec"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gdatasoftware.com
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117740
Expires: Wed, 10 Nov 2021 23:13:34 GMT

GET
H/1.1 200
OK source-sans-pro-v13-latin-ext_latin-300.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 25 KB
25 KB 215ms
67ms Font
application/octet-stream 85.25.214.189
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-300.woff2
Requested by: Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2

Request headers

Origin: https://www.gdatasoftware.com
Referer: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Last-Modified: Fri, 02 Aug 2019 05:16:52 GMT
Server: nginx
ETag: "5d43c744-6474"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25716
Expires: Tue, 17 Nov 2020 23:13:34 GMT

GET
H/1.1 200
OK source-sans-pro-v13-latin-ext_latin-600.woff2
file.gdatasoftware.com/s/font/source-sans-pro/ 25 KB
25 KB 223ms
72ms Font
application/octet-stream 85.25.214.189
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://file.gdatasoftware.com/s/font/source-sans-pro/source-sans-pro-v13-latin-ext_latin-600.woff2
Requested by: Host: www.gdatasoftware.com
URL: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.214.189 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4

Request headers

Origin: https://www.gdatasoftware.com
Referer: https://www.gdatasoftware.com/typo3temp/assets/vhs-assets-5b9de08ed4381d6d419362e5ce725858.css?1604904910
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 23:13:34 GMT
Last-Modified: Fri, 02 Aug 2019 05:16:52 GMT
Server: nginx
ETag: "5d43c744-63b0"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25520
Expires: Tue, 17 Nov 2020 23:13:34 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gdatasoftware.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a146ec8adccd93adebcc13d99ebf8690

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .gdata.de .gdata.ch .gdata.fr .gdata.at .gdata.nl .gdata.it .gdata.be .gdata.es .gdata.pt .gdatasoftware.co.uk .gdatasoftware.com .gdata-software.com .gdata-advancedanalytics.de .gdata-advancedanalytics.com .gdata.co.jp .gdata-china.com .gdata-hongkong.com .inventorofantivirus.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.gdatasoftware.com
file.gdatasoftware.com
www.gdatasoftware.com
212.23.151.164
85.25.214.189
19d66a51d12c87c2c254f61d3dc66f4765bc852b03138e4b38ed5fbc3dd01d19
211965735fd707f91c38ac8508801e7fd74a7b54662282fdf6b76aedcebeed40
3ded45685605603e1dc1df13a060237f330e09f969998aaf3a2d86a341fcee4b
452b587c9723e0b1dbe83956fca3229be16e596829c6b3b142aa4befcb51bcae
4775ba100c5582ca38ddb4f0b74435c011957ba30e782d2b5dd7292bb4d8afa2
5b7ade4116e14b315421eb6e4eeabbf1a1c7301a575ee1311fb1659eaaecd6f4
6b5dd5b2e4bc34adcd4a2c15384f6d7a1fa7c3bc9c83848e11f63aab8a6775fd
72e086ecb5eed26e489b633ce3a7a85522747d8583852bf8756e290fec0f3d3b
78417e4775b23dfc34d0e7f4c4e423b332357422ec812f986f08a4266097889e
7c657d342491cefb26c956267727635a22e3e85fb12dd8f525e811ec000e658f
96c985d38301023f9d0d5ed3649fb6f6103fc3caf34b8740f602b00ed6dcde1b
9d20a8fc1de189bad815a78bd3a36550412788bc1d8e6f2d7eba6bb18bc901a2
d784b27aa6cfb2fe6e4f29ad5d2f12cef3e8b1859469a0400b39e7857d42234d
d8943a697b9c2a188d99c20145b16849ec3e2feac56c4771980cc92bcca72d85
dbc0a7e5c3d9d56b4ec39ca42d03e107f6b8529d6608a1e257112729fb18b75a

www.gdatasoftware.com Open in urlscan Pro 212.23.151.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

2 IPs

1 Countries

561 kBTransfer

974 kBSize

1 Cookies

24 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.gdatasoftware.com Open in urlscan Pro
212.23.151.164 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

561 kB
Transfer

974 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions