www.picussecurity.com Open in urlscan Pro
2606:2c40::c73c:67e3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html
Effective URL:
https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Submission: On November 04 via api (November 4th 2022, 9:43:20 pm UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 26 domains to perform 103 HTTP transactions. The main IP is 2606:2c40::c73c:67e3, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.picussecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2022. Valid for: a year.

This is the only time www.picussecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 46	2606:2c40::c7... 2606:2c40::c73c:67e3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e0:... 2606:4700:e0::ac40:6525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1	52.222.232.122 52.222.232.122	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:4400:c:77c4:d500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.60.33.79 52.60.33.79	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.131.39.140 104.131.39.140	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
1	18.203.27.16 18.203.27.16	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.105 13.225.78.105	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2600:9000:214... 2600:9000:214f:d000:b:8c20:bf40:21	16509 (AMAZON-02) (AMAZON-02)
1	54.77.201.84 54.77.201.84	16509 (AMAZON-02) (AMAZON-02)
1	159.89.244.206 159.89.244.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
103	35

46 2606:2c40::c73c:67e3 (United States) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.picussecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e0::ac40:6525 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-122.fra56.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4400:c:77c4:d500:93a1 (United States)

ASN16509 (AMAZON-02, US)

t.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

7048931.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.60.33.79 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-33-79.ca-central-1.compute.amazonaws.com

a.visitorqueue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.39.140 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

2x.wise-portal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.27.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-27-16.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-105.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d000:b:8c20:bf40:21 (United States)

ASN16509 (AMAZON-02, US)

d3lopmpcew67el.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.201.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com

ws30.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.244.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

picus.wise-portal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	picussecurity.com 2 redirects www.picussecurity.com	2 MB
6	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 8624 forms.hubspot.com — Cisco Umbrella Rank: 5144 track.hubspot.com — Cisco Umbrella Rank: 4040	3 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 889 script.hotjar.com — Cisco Umbrella Rank: 1168 vars.hotjar.com — Cisco Umbrella Rank: 1210 in.hotjar.com — Cisco Umbrella Rank: 2124 ws30.hotjar.com — Cisco Umbrella Rank: 77573	72 KB
5	popt.in cdn.popt.in — Cisco Umbrella Rank: 34830 display.popt.in — Cisco Umbrella Rank: 34517	63 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3824	17 KB
4	gstatic.com fonts.gstatic.com	69 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1007 syndication.twitter.com — Cisco Umbrella Rank: 1255	133 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	63 KB
3	visitorqueue.com t.visitorqueue.com — Cisco Umbrella Rank: 160084 a.visitorqueue.com — Cisco Umbrella Rank: 137095	5 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7056	832 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	88 KB
2	wise-portal.com 2x.wise-portal.com picus.wise-portal.com	29 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8784	18 KB
2	cloudfront.net d10lpsik1i8c69.cloudfront.net d3lopmpcew67el.cloudfront.net	106 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	151 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2868	257 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 6774	88 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 7510	23 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3839	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5525	3 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	548 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2041	351 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10903	749 B
1	hubspotusercontent-na1.net 7048931.fs1.hubspotusercontent-na1.net	1 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 6181	160 KB
103	26

	Domain	Requested by
46	www.picussecurity.com	2 redirects www.picussecurity.com
4	track.hubspot.com
4	js.hs-banner.com	www.picussecurity.com js.hs-banner.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.popt.in	www.picussecurity.com cdnjs.cloudflare.com
4	fonts.googleapis.com	www.picussecurity.com cdnjs.cloudflare.com
3	cdnjs.cloudflare.com	cdn.popt.in 2x.wise-portal.com cdnjs.cloudflare.com
2	forms.hsforms.com	js.hscollectedforms.net
2	platform.twitter.com	www.picussecurity.com platform.twitter.com
2	connect.facebook.net	www.picussecurity.com connect.facebook.net
2	cdn.mouseflow.com	1 redirects www.picussecurity.com
2	a.visitorqueue.com	t.visitorqueue.com www.picussecurity.com
2	www.googletagmanager.com	www.picussecurity.com
1	picus.wise-portal.com	2x.wise-portal.com
1	ws30.hotjar.com	script.hotjar.com
1	d3lopmpcew67el.cloudfront.net	cdnjs.cloudflare.com
1	syndication.twitter.com	platform.twitter.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	forms.hubspot.com	js.hscollectedforms.net
1	vars.hotjar.com	static.hotjar.com
1	display.popt.in	cdnjs.cloudflare.com
1	app.hubspot.com	www.picussecurity.com
1	js.hsleadflows.net	www.picussecurity.com
1	js.hscollectedforms.net	www.picussecurity.com
1	js.hs-analytics.net	www.picussecurity.com
1	js.hsadspixel.net	www.picussecurity.com
1	2x.wise-portal.com	www.picussecurity.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	7048931.fs1.hubspotusercontent-na1.net	www.picussecurity.com
1	t.visitorqueue.com	www.picussecurity.com
1	static.hotjar.com	www.picussecurity.com
1	d10lpsik1i8c69.cloudfront.net	www.picussecurity.com
1	platform.linkedin.com	www.picussecurity.com
103	37

This site contains links to these domains. Also see Links.

Domain
app.picussecurity.com
hubs.li
partners.picussecurity.com
hubs.ly
twitter.com
www.linkedin.com
www.facebook.com
www-picussecurity-com.sandbox.hs-sites.com
jobs.lever.co
support.picussecurity.com
medium.com

Subject Issuer	Validity	Valid
www.picussecurity.com Cloudflare Inc ECC CA-3	`2022-04-29` - `2023-04-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-08-11` - `2023-08-11`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
t.visitorqueue.com Amazon	`2021-12-08` - `2023-01-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-10-30` - `2023-10-30`	a year	crt.sh
a.visitorqueue.com Amazon	`2021-12-12` - `2023-01-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
2x.wise-portal.com R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
picus.wise-portal.com R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Frame ID: C97909286F2F04F08441BFCE7169731A
Requests: 102 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 6E0380450B607151261058F54826519A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.picussecurity.com
Frame ID: 91DF4D36B89F740FC921868875DCEA3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Christmas Card you never wanted - A new wave of Emotet is back to wreak havocFollow us on LinkedInFollow us on TwitterFollow us on Facebook

Page URL History Show full URLs

https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wre... HTTP 301
https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wre... HTTP 301
https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-ba... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

37
Subdomains

35
IPs

4
Countries

3098 kB
Transfer

6455 kB
Size

23
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://app.picussecurity.com/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://hubs.li/Q01d0sx00
Title: How to be a Threat-Centric?

Search URL Search Domain Scan URL

URL: https://hubs.li/Q01hLVjg0
Title: Your Ultimate Guide: The

Search URL Search Domain Scan URL

URL: https://partners.picussecurity.com/prm/English/s/applicant
Title: Become a Picus Partner

Search URL Search Domain Scan URL

URL: https://partners.picussecurity.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://hubs.li/H0N77MF0
Title: Purple Academy

Search URL Search Domain Scan URL

URL: https://hubs.ly/Q01hM01K0
Title: How BAS Works and Why it Matters

Search URL Search Domain Scan URL

URL: https://hubs.li/Q01cN8Jq0
Title: START YOUR FREE TRIAL

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&text=The%20Christmas%20Card%20you%20never%20wanted%20-%20A%20new%20wave%20of%20Emotet%20is%20back%20to%20wreak%20havoc

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Search URL Search Domain Scan URL

URL: https://www-picussecurity-com.sandbox.hs-sites.com/-temporary-slug-88361285-053d-49c2-9d3c-26333634ceda?hsLang=en-gb

Search URL Search Domain Scan URL

URL: https://jobs.lever.co/picus
Title: Careers

Search URL Search Domain Scan URL

URL: https://support.picussecurity.com/
Title: Customer Support Portal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/picus-security
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/PicusSecurity
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://medium.com/@picus
Title: Follow us on Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html HTTP 301
https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc HTTP 301
https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js HTTP 301
https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc Show response
www.picussecurity.com/resource/blog/
Redirect Chain

https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc.html
https://www.picussecurity.com/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

91 KB
21 KB

1778ms
1778ms

Document
text/html

2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

914342592e76d583e6afdd774919141ab63ceb3a8cbfdae992491722913337eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 765086191dc30785-MRS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 21:43:13 GMT
edge-cache-tag: CT-35193312580,CT-35193567243,CT-67439360007,CT-81839888708,CG-35190412163,CG-7048931,P-7048931,W-32488136213,W-32488280065,W-34050730072,W-64658820451,W-73083427611,W-73190335558,CW-32300713486,CW-39027676914,CW-39038130957,CW-41162016556,E-32300259976,E-32300424271,E-32300424286,E-32300424289,E-32379253675,E-32379319518,E-39027126556,E-39027330934,E-81509078165,MENU-32488136213,MENU-32488280065,MENU-34050730072,MENU-64658820451,MENU-73083427611,MENU-73190335558,PGS-ALL,SW-3,B-35190412163,GC-34050452150,GC-39027690571,GC-39027888131,TS-32295139665
etag: W/"81bb38bfddf2a1ec83376b5240ed24b2"
last-modified: Fri, 04 Nov 2022 07:52:11 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6GXPfEv6NT0rz5v7BdZ7moE2H01SEjP4MR2LuBApYLNIKnw25TE0p8G5RtK8WZEDEFPZfsyYfjyBsl9YqMlYDa0pEQjPqZeoVmv7SArapIsASM78pxAMYPKsmDJU94tUMXtQbgMoODdJ3M3XGluL4Zv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-0s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-combine-css: Disabled
x-hs-content-id: 35193567243
x-hs-hub-id: 7048931
x-hs-prerendered: two-phase;Fri, 04 Nov 2022 07:52:10 GMT
x-powered-by: HubSpot

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-transform, max-age=120
cf-cache-status: MISS
cf-ray: 76508615fa730d8a-MRS
date: Fri, 04 Nov 2022 21:43:11 GMT
expires: Fri, 04 Nov 2022 21:45:11 GMT
location: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TguOgdMIwuVYrxbWYfrB798kO33itFssdWwNgga2BlTV%2Fl%2BTiV0LSBmWOFjFh7Q7rxsK8%2BGAAgxfxBac0FqkabPNh999yDVSliTT%2FQmQECxWMcTLMQ6YiVz2mzEI4FeDagT6NwQDBrX0Y2hqmO2urKleaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-hs-https-only: worker
x-hs-mapping-id: 35283518737
x-hs-mapping-only-after-not-found: no
x-hs-route-prefix: http://www.picussecurity.com/blog/*rest-of-url
x-hubspot-correlation-id: b0d3ca3c-1531-4eb4-8e30-09f3255cf9ea
x-trace: 2BCCA6DF9CEFDAF49082A6C7B3BFDFDEEBF00085F71C055E3DA99FD26601

GET
H3 200 project.js Show response
www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 65ms
64ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 13b0de485c7b13f6889ba5a1aa346de0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
age: 1253267
x-amz-cf-pop: MRS52-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PkwxBV4PxKx2Z6%2FZSJdVwtzlgrjBg0i9vnWa%2Fob9hzEDTYCceGn9hU3B5mEz5yZrnkXYGczdsoYHDEqWF8oSC8Pxj8vNMnuCkTOSTNB60FwDKpkVYU6UwzEPzaOKwgegdkOZ5D62ltWS9XzdKmkxNsNgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 765086243bab0785-MRS
x-amz-cf-id: W96IeIWRvwH6r6BNNSYXIRsnL3_pOayBR0OMfAPUJTu7O-pWEEHwUQ==
expires: Sat, 04 Nov 2023 21:43:13 GMT

GET
H3 200 project.js Show response
www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 106ms
105ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 2e4c2344cd099ed266066e71273e3540.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 1254815
x-amz-cf-pop: MRS52-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQAqR%2FiNIkADvS18FYvfYpvwysNOruLqKXMESfYnvk8OI7ZQF2uiCyvG8Tbi4EEJ1i0c7CCp0HiMEcUu7jMu1yJO7uTDT%2BKyVkwYDnFhucnoNON2ZZaFBWw8hOQB9TaB3Kdd96204AzmqwrKPi0i0FFIQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 765086243bae0785-MRS
x-amz-cf-id: bDkETwZS8dtpN8jgm3zUBgKCFInDpwoT_DXEyI9VSPSzNJg5aONJEQ==
expires: Sat, 04 Nov 2023 21:43:13 GMT

GET
H3 200 index.js Show response
www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/ 10 KB
4 KB 64ms
63ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 7fd2e53766edf2c95772fedd22bce34e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
age: 1254815
x-amz-cf-pop: MRS52-P1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
server: cloudflare
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRuKIx%2B%2F6ry1uoRktESaYX4gQ4sW27IlVkmUEZX3yXosByLCYCVv%2B5zV3ATLkUkF2R057WmG3ScUENbnYjp1DBogaYBcCvcT%2FoHBQWzl0TFvLc%2FqzLSX1UwIWGymyQvifGzTPdNIGcvenyHoudvKCGUppQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 765086243baf0785-MRS
x-amz-cf-id: 9iEJRuIqOmBCtVABPfNdMgoNNOzrdrYr372PUakFKMIZAzB8olkFaA==
expires: Sat, 04 Nov 2023 21:43:13 GMT

GET
H3 200 jquery-1.7.1.js Show response
www.picussecurity.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 74ms
73ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 3749ce6257bda8968ddd48c7745a8570.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: null
age: 1254815
x-amz-cf-pop: MRS52-C1
content-encoding: br
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py%2FBUQKTxqCGJOBYGvkdxs5E%2FWlzC9VGVkJ4G%2FaaFvKlftRIAD4K1DjRsQSt0OIYrNjDCNvv7GnHMPrjG%2FI96weoB%2FYROJmIorRmOwVOkIKuvUEvVhrEt%2B9xY6yOC%2F%2BIEyzKtVi8DpZAseq86ARpS6yUww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 765086243bb00785-MRS
x-amz-cf-id: Qm__IC0Cenv5wPTlN2Fd17IGAvFCQsim-RRR9de3KosPHnPpzDiYxg==
expires: Sat, 04 Nov 2023 21:43:13 GMT

GET
H3 200 main.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/ 68 KB
15 KB 117ms
116ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

989428c79672f8b110cb6f879618e60387f8913935bbf97cb4e36920d8850c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .rff5e07oelOe85aJVA2RdDWoQmn8JTD
age: 756
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: 76BV7W9NFRSF7GM0
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ekpkprif4Y2iHTDDqPDI8JyYEf45zct4IMJMpFQaSN6/aC3c8UntY1wiv5LEmDrjaYcJSl7MT9Y=
last-modified: Mon, 10 Oct 2022 14:31:27 GMT
server: cloudflare
etag: W/"ddd65f3e356ae9be62aa506c3fdb36f0"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1665412286673
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i83lKZbBQQMgleBd51H5lKC1kxrgY3IRm89otO%2BrL3MzxFsMkzKUpE6V9o8SqCnYx7UWMJBm9U5rrhrZqe92AB%2BP1dXutIQGhq%2Fk9i1J7U4QylP6pG83LAbhoZYog9jbZyqmz4%2Be%2BQxWuEFdQ8uy2emh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086243bb20785-MRS
x-amz-cf-id: e405esUshM4IYprm5uY9DlO1FEtpbZgGNiWD9o3z--p7zqLQK0MI3A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 theme-overrides.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1662709748984/Shield/css/ 21 KB
6 KB 120ms
118ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1662709748984/Shield/css/theme-overrides.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e315760b94074d76f145d1d4b49cf9f219991e7445f20b0fc0352352558113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: UwaGw1x_8TNgA4Bp1qFsyX5ZQ0cC_QZJ
age: 756
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: NW202YTAP0216J39
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uaMimJc5kPT4+aT7s1WcOdqif4BA7LxjaFXvWni7dy49L0FaIV6Ftfidu9mcRURpT45pZpOy7qY=
last-modified: Fri, 09 Sep 2022 07:49:10 GMT
server: cloudflare
etag: W/"8cae491c752f6cfafd98027c61f40b23"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1662709749955
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdKBvF%2FOATISUEaNyjEdK7vW2I%2FSRrq9Az6SwdK%2BEpfSaysdO77hkJwuvVND809aX%2F1IO0FszKbsq0auI2O%2BYVl6mYE3bdxig3oNsry0IYhk5tXvYJbW%2B9ieiisei4WH7raPpCE1c2K6Hha5VCWK9jUHGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086243bb40785-MRS
x-amz-cf-id: Hdi3AL02CPPB1e_uHfqrV5fAftwwRL-_0x47p2OpKJnYtow1ibfruA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 shield-animate.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1619786239565/Shield/css/ 16 KB
4 KB 64ms
62ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1619786239565/Shield/css/shield-animate.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5779200444c0da3554694b521545677be435705abd25a27ee04969fdd04d9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Zz6yeJoaLs2sBDQ0sAtQZ5JZU1k7tgmD
age: 756
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: NW2EBCHGZ1HP8D1T
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: E6rzyhkm2unVrqiW3FOHeY+/Q9Nr31JzvGEibw+NNHmt9k8x4weBrrvJPS6zfUxDFhoeDgZ5A1k=
last-modified: Fri, 30 Apr 2021 12:37:20 GMT
server: cloudflare
etag: W/"a9b94e97740dac26998352827982ea08"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1619786239622
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0wSJ4Pt5ZeC2Ekqrdd0Crk%2FkscLac5pMXCUM3nc%2BDWx4MEOQKkoGDNtdM8PSVSySSPmnoRNUyrqwabTZFG3QwxoayYP4bk6X%2BJIGTH%2BBcXFv6JN8FwW5i%2Bndk%2Ff4DrGSIW%2FVNUoWTCBDPs8y%2BGktiVF8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086243bb60785-MRS
x-amz-cf-id: 2NLBjbvVDvVxN0zN5zIDi2wS-m3Ub6fYUNogb35Q_689ARIPfZaKEQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 module_39027676914_Mega_Menu.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1661252390858/ 14 KB
3 KB 122ms
120ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1661252390858/module_39027676914_Mega_Menu.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

019e60f76f3afc77d0880f7177593c6f274212ce66e1ce08d5dae56c547e732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JJQPYz1zs_g8HGxytVG9YEd.vpMb7pK9
age: 756
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: 76BG6TN3H63607WT
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: i1nazjc7v5XKit9JeOAnReSdNRwpj8R7Dy6hQEfhQa60tqJDRn82WNPhnTGcwM98ccqPQv2k9LI=
last-modified: Tue, 23 Aug 2022 10:59:51 GMT
server: cloudflare
etag: W/"b5a1adecc589fe3f3fa67de24014f46a"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1661252390858
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5cCltyEQO6XaDLHEQ7vhEX%2B2Pp1PzuQqt%2FM0AUiazbcEmOFuV3oyEe45sQDCvS%2FY6q%2BVu9I9KS35YtAH7apUWYmx5RE7jWU57sNONBxWsYUUIITQw2YvPyTCmPB%2FwrW0cV0dXcriBxYK8bUznT2RDytXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086243bb70785-MRS
x-amz-cf-id: Gp3PvrVbKWPInHPsuOx8Ppe0736yhuC5dmE1ZggH04jRT72uEzBrSg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 module_39038130957_Lead-Magnet-Banner.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/ 521 B
1 KB 123ms
122ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/module_39038130957_Lead-Magnet-Banner.min.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _6kG0Z6N7nb2Amvf0P3QvVEgQec_PKrh
age: 756
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: H98TRKJRMEA766PA
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GvMXNUb+026defBy+Sc0QAlfWSiUgmAW91S9as0ua4HBJgUaJOa+EsAQD6iJdf1cLFeAVndTHzc=
last-modified: Mon, 21 Dec 2020 18:36:49 GMT
server: cloudflare
etag: W/"b598cb9f535e9d39bea6fb4c7afc98a2"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1608575808109
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUi8gsaZohFK%2Fs4MTIkqLbB1KQw4jfSwGeBjUb8nbUd614BZ200SSOwx9lAZ9QnnAPTdnnSDixeXApHxPicGA%2BsfnTvbkFWYbMpEpVMfhu2MrB14wG%2FEMKK72nvSUcmKxLw8nxzPl5OiMmBzyeAT0cIyIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086243bb80785-MRS
x-amz-cf-id: _0lBVgf8s2Sb9AkyYknqtd70J6Aehqsw1YztlbrLIaOhNBd9w8mWRQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 module_32300713486_social-follow.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1600872846984/ 2 B
1 KB 125ms
124ms Stylesheet
text/css 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1600872846984/module_32300713486_social-follow.css

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zqA8p9HC5caA9CFNRmCDZZoAwLz7hhFK
age: 755
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: 0E74CT23R07084VE
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-amz-id-2: uxp2iud4sOXgZ0QI1eQFTXM5XB1m6ZZ2SIka8h5oyE13P3kWeifoU87AX6Swlg+CYZKlYfL7VH0=
last-modified: Wed, 23 Sep 2020 14:54:07 GMT
server: cloudflare
etag: "23b58def11b45727d3351702515f86af"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1600872846984
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcAsyyQj3QCTgBn9j0W0d7yVyr88boQEbP7RzEcmkthTJllaOQXpRb8Bs3Y53KNGdAg%2Fq5%2B%2BXz3pPyq2SO788hBrUE%2Bu3Sy3e4zWf5RO6%2BbmEv99IAcuSHQ5v%2Fr0X1X%2FGo92OkvfuWj%2Fa%2BJKw0aDb9r%2FPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 765086243bb90785-MRS
x-amz-cf-id: bhw3l8Ft2Vc7RzQcg9QWiiIiXNYrKiTo_nbeeiIruw_pPZPISgpJ1w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 85ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3a5a7d99180fde5aa585c8ad358a6fe5f74c06bf0fe3dc4d4d82c34cfdccced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 21:43:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 66ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,400i,500,700&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63810e2a70e6ea841a57b42ac39a8b3823808bbfb17697513dfa9081866dc664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 21:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 21:43:13 GMT

GET
H2 200 pixel.js Show response
cdn.popt.in/ 214 KB
47 KB 91ms
36ms Script
text/javascript 2606:4700:e0::ac40:6525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=64d678615e3d0
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f47026632323e752567183d2285d768c843adaaafe8eb2fc5dd6b57999e245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
x-amz-version-id: F6zQ2HOkFOo5rS3pWGBLdj4zwGnT_Bsi
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
age: 7077
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 13:45:02 GMT
server: cloudflare
etag: W/"8204e9642d30c9cd468807061ce2a93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQJMZqpN%2FIEuGEXiV1Rey1653W8Im%2Ftr0n0T5kjc%2B5jf59PZfdyEHYm2CpnzhK7GmMkfMxr54NSfQgnAbZ%2Ft7MjBhQWXybJ4tpZPyWdf%2B3TQtcn5k2B55XrBTO0d%2FEpgumURThMgb97zEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 7650862608229134-FRA
x-amz-cf-id: ro1i9dY32fxsDcoQMFf1xAGZnWvn6Mu7jJg-8J5PZuMklI2eaBF3Sg==

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 131ms
24ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amc/BC5D) /
Resource Hash: 459b728bb95199cae4a83d5aece65b7531e88abaf6dcb146ffeeae406dc4acdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 993
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163354
x-li-uuid: AAXsq7rC2oDcYUNDXaq/ow==
last-modified: Fri, 04 Nov 2022 21:26:40 GMT
server: ECAcc (amc/BC5D)
x-li-pop: prod-lor1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lor1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 4 Nov 2022 22:26:40 GMT

GET
H3 200 logo-original.svg
www.picussecurity.com/hubfs/ 2 KB
2 KB 77ms
75ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/logo-original.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-54707499331,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: 9GQPSJFTD895EFRN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-54707499331,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"ffa324dc95c671fc8929e2bbc8f9a038"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1631012484087
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 e7e3d2fc85724799dd790089462fa032.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BgSjLq3V3YN8qkwdl5C9D8U1riGsc.5a
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-54707499331,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BX0o/++zoH4Pn/USdMgf/ssgk3ZsZsn3CalWP/+Ln/XSsmPiLzSdrv/di01VkDCUagJm34atkzc=
last-modified: Tue, 07 Sep 2021 11:01:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fuctqnei9Ef8NbHkYoLUa0Z31QlfkhcflFo%2BqSmWBV6At%2Bj0wCvhk0q4nnwoVG27%2FHUWRZagR3ShpHlIGixhPw0ru2eJzSIA3s6LKO9QiuOPRsIQpL0Ive8Ka0BpcKW98dvwF1gmMri8X%2Fa8crBODzvhiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 76508625bd700785-MRS
x-amz-cf-id: Y9wDlQGgfGDGWK21mv3qdUQCk4boFWzY-P2O_aIYLaYaqJF2eJmTZQ==

GET
H3 200 dt-menu-arrow-back.svg
www.picussecurity.com/hubfs/Shield/Images/ 296 B
1 KB 73ms
71ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Images/dt-menu-arrow-back.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-39038396307,FD-32586780943,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: S6JN3WNJMCWAA7Z8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"8132c994dd553ae56f7b61821b5a1880"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1608573443493
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 c905ab1a35f5719106f2992ea51e1a76.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: bS6RQKhadAIkt_eobirV6GoH5Y3lWA.b
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7ePh8yrDXjg/Ed9RFwJ9SSe8NTOLhVI60xhVErivb6+UzUCUISP/l/5+aE1OomdMsk0AMPBCFlM=
last-modified: Mon, 21 Dec 2020 17:57:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3hS8UbzlXcZujsOnT1fGKx70MXDHkNJldnUO7zCzXYE60RLMsrDtsieJD1vN5tAkdQIkSP2%2BZDVWwkplrKzb23t6RmIFYG9eB1cAwTngSsrNe771Y%2BKBjO%2FIKAMqufpEthqtXZVJ9kF32ZhXoAw8alQcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 76508625bd740785-MRS
x-amz-cf-id: UfkeXaQ2bUMULLLiJSMlMTGZtSqJhcopVa7DLt4PD_yz7d0mK87ypw==

GET
H3 200 latest-read-more.png
www.picussecurity.com/hubfs/Shield/Icons/other/ 568 B
2 KB 81ms
79ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Icons/other/latest-read-more.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20cdcf578aba67769a54909b38ef0b919268c0489df6339321a1713b38d8dfe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-35167957239,FD-33856159417,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: KNPXJNYB20VRWEPE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35167957239,FD-33856159417,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="latest-read-more.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "8b99c79fa5d57e315a96fb53f700ed7c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1600674553337
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 c8ac7a019b84f0be7a6db0660bd384c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G_6fgNJnx8wU8ekxOFLoFWHteElCksu6
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1008
x-cache: RefreshHit from cloudfront
cache-tag: F-35167957239,FD-33856159417,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568
x-amz-id-2: 589e6FK64AaLbMp1fXLWGX4m4jq7cbjsRS7XJ6xzoEaY9huJbA54yuMewT92iI1hIwofnlCT6ng=
last-modified: Mon, 21 Sep 2020 07:49:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95u%2FobA1%2FtddP8EqA4D8LkqHkzW%2FLw6TmdhHfFoxSMwD0dpwj1VlwRnAQJ%2BL2uEAqGL4NEIrP6lScGYW8d3bFICK%2FUQxKcqqe7K2hCXe1feUV5gaLUpnNgr2zNmxjgQr4d%2FThcji29%2Bpqcyd8%2FGjZZ7IoA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625bd750785-MRS
x-amz-cf-id: Jqid5E85tQJNgWV1DI0IoCrp37v5NcjINuTgFMvO_XDqHkdOzsXNmg==

GET
H3 200 mega-nav-burger.svg
www.picussecurity.com/hubfs/Shield/Images/ 673 B
1 KB 72ms
70ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-burger.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-39038395941,FD-32586780943,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: 3X4V6XTKNQ3SNC87
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39038395941,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"c2bcd687517100165c2d2b3098b97b73"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1608573140741
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 001e0031af38ee022d390738c4e5f862.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .T459IPq_rl_ho8gXG.ZZePe1N2.Y_rE
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-39038395941,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xGOWCxBG2szf3VQ2ipeCRO3xUEDaQPWxrrHQZoY9hIE0Non1s0g7QkMP6/L37+dT9V46jLz+ojI=
last-modified: Mon, 21 Dec 2020 17:52:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tlvq1qJwislpLBtf0T0zDk41rK6n39X9FtPHUj6VzCJYB93fcoa8A5294uNt5yRm6gaD3Q4I9fBXRnjXo%2FQBuCc8bjyCA1jVv%2FyzEtulJM3UwTRpAPnytf8CkIdT5nLap9JDtmVEf%2BAYIMgsfM7OhgZ0UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 76508625bd760785-MRS
x-amz-cf-id: wyMaCPOO9yi3l9siV_Se2Pl6yHRhiEeLfyQe8ObuvDArAujefL93AQ==

GET
H3 200 mega-nav-close.svg
www.picussecurity.com/hubfs/Shield/Images/ 608 B
2 KB 76ms
74ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-close.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-39038468543,FD-32586780943,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: 9GQXPDHKY0TJ7AAN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39038468543,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"cec65b8f70f2c97f2118f8560d6b82a4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1608573183370
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 fb2da24822e38e789d39c4f5093e3062.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: IE0DyU0kAI_Z9ApqF3Hz_dDPnQZu2OaI
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-39038468543,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: h5J9yffG3qHyyn4mg6/tCGeuaJ1Fhv38jHMx74wszZhvHhyQ121YzisQstito5TY9mad5Wr6Jh8=
last-modified: Mon, 21 Dec 2020 17:53:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS9JVtbsbAe7e1f%2F1XAIvRb9xqBukLyWgELJjs7AtPMNxQCiRTRPWFu1X%2FbWQZvQyVEXE44WhRPMwWiBleDd85VPrhg3a0HXSkiwPTxeji%2B4kAtzvEtDVhxdTr5RrW9Gcl%2BX%2BFJfPPXaWql4OAkGHzoVeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 76508625bd770785-MRS
x-amz-cf-id: 1iNfiKO1nyoldwjsBJ_swYpTvjUxUr3GqcgupD8seCwHt83pSjlygQ==

GET
H3 200 office-ss.png
www.picussecurity.com/hubfs/Imported_Blog_Media/ 259 KB
260 KB 802ms
800ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Imported_Blog_Media/office-ss.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9d3a53fe9565bbeafe8a644636f15076e99a1602715cd41fe299e926169862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-35193141119,FD-35193799431,P-7048931,FLS-ALL
x-amz-request-id: HMZZC3PEFSPFG4EV
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35193141119,FD-35193799431,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "c72ed45442fcdda323cd97127036afb9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1600715712209
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 a0c77ad2e3f5bbf63535bc898f348e5a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: I9QNTdZCpXEe74SJjt_uikn7njW78MKq
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-35193141119,FD-35193799431,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 265077
x-amz-id-2: mVArND89P2Ky0WvvXeWycDKZnliHoyL9lUMoEbfD/k2r92ifG9XEKK3aFXofWecE2JZ8D9RUgPc=
last-modified: Mon, 21 Sep 2020 19:15:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ww9%2Fjp0L%2BnxNwoLlIDYgrUOp30sX8znUChCwrp9QTBcFpspS0CHmtIR%2FBjte1MNWyUms1JyufgsA%2FVoGuYMEMaxJi6sGKDFao2EDUUw8wWgV8wSsHU7arLmVTdfEF03gEgvqjt80mWBksWc4UprYoSlKg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625bd780785-MRS
x-amz-cf-id: xzSmZIO4-O7atsDgcMFO9RmgCt_5m70cy6ozr4kTfkIAjFYozKXl8g==

GET
H3 200 twitter_black.svg
www.picussecurity.com/hubfs/ 3 KB
2 KB 436ms
434ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/twitter_black.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 318cb50a962adf209b30dd5ad62f8110.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-26114461611,P-7048931,FLS-ALL
x-amz-version-id: XdS231XSTsQZlbZ2bdJrHVSVVgPTObTQ
age: 381448
x-amz-cf-pop: MRS52-C2
x-amz-request-id: G0T8VMVPC0Q3AZXJ
content-encoding: br
edge-cache-tag: F-26114461611,P-7048931,FLS-ALL
cache-tag: F-26114461611,P-7048931,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dKG67PkL9AcRCA1LkggfpY/pvI3aecZc1lb5FVdSdzU6KYcIv0PjXMHAfa+4gay7qog/SSF6MqM=
last-modified: Thu, 20 Feb 2020 04:30:57 GMT
server: cloudflare
etag: W/"4a095070df5501e6303d14e972a0194e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqOw%2B9I7L0SEYAh8PZDslFENFiRinAGzB95XjjivHD5ycJ1TK36oberKqVKtOLMyx9nbK6Y6q98Dg88Oyz5eB3wNuXWqaMdvCuRb4S0aGyw1TKaH%2FK%2BAmGcxdjZMELxnqPbeWONQw%2Ftqp2GhbrjW0ADeNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 76508625bd790785-MRS
x-amz-cf-id: RjFCViZoIbzxy0ocXK5kXAxNR2LsncitGgHLAeaf0O8yt6_M0RKyYA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 linkedin_black.svg
www.picussecurity.com/hubfs/ 1 KB
2 KB 80ms
78ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/linkedin_black.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 05ef390c85f3303ec2fddab8e867c170.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-26106634639,P-7048931,FLS-ALL
x-amz-version-id: cxF8LRaoHAeGt3BhM7bUzN7AlCshNAnL
age: 381448
x-amz-cf-pop: MRS52-C2
x-amz-request-id: G0TCQJNMZG0SQZZ3
content-encoding: br
edge-cache-tag: F-26106634639,P-7048931,FLS-ALL
cache-tag: F-26106634639,P-7048931,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ddrxs7lINV6sRhOIjG4BSZF4tPFjZCV/cBkdOfXXegdw+rh9z0oC2mYYloe5mTpbvwOXTHvdv2o=
last-modified: Thu, 20 Feb 2020 04:30:55 GMT
server: cloudflare
etag: W/"cb53f1d14fd4d15a3313d2a24a524fb8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPPc721lCVDthXYwKrgdjIpVtRg9id93TTgINnR1fompyYmR2cKlYnEPer%2BkjYlsC%2BGg%2BJA5zXf8YDDhcnoIgnBK%2FWRaYX%2BCvsH6OHqey%2Fe5TQG8Gf%2BeEzvL7NB2UB8MQcCfDqm4L71HUdKYLKDl2vuVYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 76508625bd7b0785-MRS
x-amz-cf-id: 0qEooHMJ9JlzAZYvYmAch5ZgYbIosDRmWqBs_LHx3vuiNyRuvKmaKw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 facebook_black.svg
www.picussecurity.com/hubfs/ 669 B
1 KB 108ms
106ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/facebook_black.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 c1413a546d2463afa928889f80c4c360.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-26106634638,P-7048931,FLS-ALL
x-amz-version-id: 8CJrjrvqFB2TaFMkKGP3y_iXgtaroa19
age: 381448
x-amz-cf-pop: MRS52-C2
x-amz-request-id: G0TBP9PN57GE2WEV
content-encoding: br
edge-cache-tag: F-26106634638,P-7048931,FLS-ALL
cache-tag: F-26106634638,P-7048931,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8Qi6FZvJ5s0BiJtjmBPvNhGFKI7aVsrEA8ab0HrMa2WOipDkEwRL/QUckHqVZOGXJspw7BYmwKc=
last-modified: Thu, 20 Feb 2020 04:30:53 GMT
server: cloudflare
etag: W/"655ebdf8c830e8540b691af2f06d81c4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiK758Sfbi6G7hhKN1iixXDf5IlQc3oD81vADBYuMACGleEH9I9s8bLxXDGYoa2GN5%2BWpwh0frN11vWp3e%2FRmAFvQRqUUwloZVsWCzuEHAFgqABKogCxyaGaS4vvwmWxA57WLwPP4czcsHmiQRp9IlUnNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 76508625bd7d0785-MRS
x-amz-cf-id: 3bzz37Z4QE5alGjE8n1dzvRoh_i_P8E-epA4qZ2FaQIVuP-SuOJWqQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 Logo_White.png
www.picussecurity.com/hs-fs/hubfs/ 5 KB
6 KB 113ms
111ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hs-fs/hubfs/Logo_White.png?width=366&name=Logo_White.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42905ffdb6bb9396a002fa2e47a2771c868b2b5a87a72f5cf2acb06c6bce820

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
via: 1.1 8e72609f76eedcc790a085684fec9340.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-30532619340,P-7048931,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5388
cf-resized: internal=ok/m q=0 n=463 c=0+7 v=2022.10.4 l=5388
last-modified: Thu, 11 Jun 2020 11:38:39 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf29WWzCJ2MKxO6vCUiI95KQ:e3d697b8909d6bbdbc315bdadc55276b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7y4Fe1MbhEAiLr9RJuLZmQQ4yOEBUaWoD%2BZNavl7uo4t1KRjNWdKjMcxthfKs4tWzOAMmXnBSTpOI5sliNtDHr65e09fCrDe3VuvkVM6BZ2ISIsdKr8sGIb2QAFCb4imnmAeirZnt4o1ysJEv31Pu58Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 76508625bd7f0785-MRS

GET
H3 200 main.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1620407851139/Shield/js/ 2 KB
2 KB 61ms
60ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1620407851139/Shield/js/main.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

109b317e316baf368c0dff0f14ce68fdf3f6baa0b1a0f55fccc97e60c01531c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yhACiZZS1DVBU58.SfZkBFXMPUW9g.XP
age: 755
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
x-amz-request-id: QRH42P0GXHKHH19A
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: na+B3MDPTV79it5Acn8mukVfHRgiQlimQBlFkiOQPBgSADKQuaUc4nylTQp0aChzwgk9rm1zyfeIKHBbR0RfVA==
last-modified: Fri, 07 May 2021 17:17:32 GMT
server: cloudflare
etag: W/"e73b2c9be88497f4546a1ac61b024819"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1620407851409
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpbsyRbK%2FCblWb4S2yavAjPUnzrMohXSbt9RXL4k6MCKq61I7qrCYyQ1DwBrC6Eob8bwRaVo87uqoUCb0pnBDOQaOr0qtxdkszxqwIbUY5m7ei1vQRE4Sym9SFUQdAbMxDJ9cMDkYNIxBLvFjSKVRepaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086252cb10785-MRS
x-amz-cf-id: tgvesPG3TMHEjKPaU9TxIN8t5zfbQElvrS26iFo17vjbCaWhdzUzug==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 shield-wow.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1619786239704/Shield/js/ 8 KB
4 KB 444ms
444ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1619786239704/Shield/js/shield-wow.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39d20e83d85ce70995d12a3ae85b4e0c70a288b04dacd344cfbbecc15f4e5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QaHaJs.WtwFgEo37VS9PTQhQCngIFt3U
x-amz-cf-pop: IAD12-P3
x-amz-request-id: ZYQ3N46BQ9GEDKY1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: buvDWcWkeXlf1MklqO2itd1+oGycqd9plrPpGLD2FRZxMS6foUp9nzz3pixHDWHuPROkQeGkmoY=
last-modified: Fri, 30 Apr 2021 12:37:21 GMT
server: cloudflare
etag: W/"a5b3cbba25b1b52bb4ce7c0376098ea3"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1619786240147
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHQltT30kovElTBEMB6rXNpE%2BbDlBDi1s26XnxxHk2h2jmv8nKygtEiiWkWfVs%2BWSmUjSAunE4Qi7Tspn2VNshrLtg%2FusXQdCO%2BT3FCC6vaMS4PIwePL%2FRc%2F9rGXblAPS2lOEe3advpL5LJHgCy73dpPkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086258d330785-MRS
x-amz-cf-id: C7u7pERs-LKyCNSvmIZHHXzBB4zBRHeJxRXlxoH5iVqmWHYFLyRkfQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 module_39027676914_Mega_Menu.min.js Show response
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1661252390799/ 1 KB
2 KB 60ms
60ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1661252390799/module_39027676914_Mega_Menu.min.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c582f4480ac01ccc5d0040483b6cfbdef887951b12871cbd62b6ab7e6d0b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: e9PVcVAo9fmw5RBEj0fJJT64A15RZW28
age: 754
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: 3SZWDC3WT5E40ZR4
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: R4EIZJhI/iGKE8OcblfBYuQ9fsHqT5Yxq0E7zGEw8aIlQ8BOUH0/YR/n99rlAPmVM8PWE42CrCc=
last-modified: Tue, 23 Aug 2022 10:59:51 GMT
server: cloudflare
etag: W/"2e75b2ccb6d79ad01408224e3cf5f7d6"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1661252390799
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdRSBngW3EvGrO1eG7hdFZ5NSo0S74WmryVSPLZl0wlDW8mGYM8Pc34OPPFVm8LVb33nsgzImfz4M8IAbdd6PyopyU1P4oFIBnH4kQtwclzAYxIQgwv9N%2BM%2BSBQOh40VefojbJh7ySTRuDo7aYLXJdtwSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 765086258d370785-MRS
x-amz-cf-id: zX9ltjf9fvoB4HqYEjCzcZwKyZxvTQoOjJj7vp_41OUocQiBIOPeIA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 v2.js Show response
www.picussecurity.com/_hcms/forms/ 586 KB
154 KB 79ms
78ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/forms/v2.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e1f263a74f81f70d098643437471ce7ec92cf3ba3f5f2a7d0e0699005e22537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ewyyhtTJWgd2dW0GsLpY7sH1RcV9.GZv
age: 326
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 01:20:09 UTC
server: cloudflare
etag: W/"cfbb34618d5163364b294b6b8baf3ca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xgQQNTin1uGF5CFCmbpCnBdftSsVM3F%2FyUjBAUZqPmcs04cl5zTQPgvSOZ3kbDdsRKbU4t3l2jarHDvCHcdc%2Fwu3Y9%2BYXa3V%2FUET%2BnnMYaQ6myMPogCz3npoMzllkkqnNLoCQz%2FlJRVfX%2Buw52ZQO7HOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 76508625bd6c0785-MRS
x-amz-cf-id: STWSkRhiH2J5vnSlvP4_ug_a6H37icxL_UxFQUqu0mH5nO9oDIPW5w==
x-hs-target-asset: FormsNext/static-5.548/bundles/project_with_deps.js

GET
H3 200 7048931.js Show response
www.picussecurity.com/hs/scriptloader/ 2 KB
1 KB 201ms
199ms Script
application/javascript 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/hs/scriptloader/7048931.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb476c3b0cb18cffc6013cc5b10e5fc6ee4bb184484f0e716fa5ce9cc5022e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 813c45a9-5899-41af-a310-970326f65269
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 21:30:50 GMT
server: cloudflare
x-trace: 2B5E601659661DD4AA97D2686786E1FBD2D9D046B0000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.picussecurity.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWP5eIX9nKrPj9viNze5ScSUCFmo8PI5ssP56G6GFcjfXs8oneBzZ5M76gadWCr8xeGNh%2FdcB57%2BFk%2F%2FwXXPsAAqN9rZ5DWLVkNlgMPQw4Ta9Q9hHq%2FR131Xri2dgIGx1dM2uGJztuFYSAKWiB9IxeOmqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 76508625bd800785-MRS
expires: Fri, 04 Nov 2022 21:44:13 GMT

GET
H3 200 css2
fonts.googleapis.com/ 11 KB
734 B 59ms
26ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f61e17d652c3b2f9c2342bee503f20d66c32db6c92f0d2fe8bc24c6bcc07b13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 21:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 21:43:13 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 78ms
16ms Script
application/javascript 52.222.232.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:47:15 GMT
content-encoding: gzip
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 3359
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 4Dv2odjzBcS_aZFuNWujw765H3dPfvrBa4_6S08JNJw4ONz7iAr8dw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
76 KB 116ms
66ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNQQMK8

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22d4d3055c5d3983fdb3b7906c2ddb8fad9b3cbf791b9f26c0a93f16b06f4429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77933
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 21:09:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 21:43:13 GMT

GET
H2 200 hotjar-2366058.js Show response
static.hotjar.com/c/ 4 KB
2 KB 129ms
47ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2366058.js?sv=6

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

3a5975b1bf614b8faeb826fddcd614bd0294ac4a9853062bc0912ed39b9ae002

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/7e61c9f6fba1a009e03b9a135833ce81
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6DTA44RqeBWvRAwnkHIxEi53N28AoCYBfJIYcR_Dx2rgUik4-xwa-A==

GET
H2 200 tracking.min.js Show response
t.visitorqueue.com/p/ 10 KB
5 KB 108ms
20ms Script
application/javascript 2600:9000:2182:4400:c:77c4:d500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:4400:c:77c4:d500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e8cca00b12ff868f6524454a198b36f3915921124d6d84c7bf25300d9113ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: RWFAGudp1q5HqVvft2CyG7aTFJ.I_ssZ
content-encoding: gzip
via: 1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 16:09:48 GMT
last-modified: Mon, 03 Oct 2022 13:22:47 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 20006
etag: W/"187d2a906080146e8939b19bdc5b16d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ySY3HqxOlnCekKe-6IyjgVpBClH_PgFLFLzP2eZuCWzYII59A4jN0g==

GET
H3 200 picus-logo-arrow.png
www.picussecurity.com/hubfs/Shield/Icons/other/ 750 B
2 KB 63ms
63ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Icons/other/picus-logo-arrow.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

60a7b0cd55aa8f2dfd59b3cc53bfd237fcb3df54a2993c03f9101fc3b2f360eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-34045770858,FD-33856159417,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: P7SXWCDXDKSSN3FH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-34045770858,FD-33856159417,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="picus-logo-arrow.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "7d3cbf0983cfad99831d4de9b9cb97d8"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1598341178035
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 e7e3d2fc85724799dd790089462fa032.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: l9na9ux_Ers.6Fg91plZ5JthBOUwnkhp
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1735
x-cache: RefreshHit from cloudfront
cache-tag: F-34045770858,FD-33856159417,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 750
x-amz-id-2: lc8V+l6VsfKgCYGna/vUezyrLn+JtgbcokHzax8A08xNoRBKKCoBytvV/gwObYqbkSHM5Cgqafc=
last-modified: Tue, 25 Aug 2020 07:39:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7aIPii6MZj1S6qZgA1zw6ZKVpuNRmipkLL5lc7is9uImiCn4BbmsTCt1KvFKN3GFcuV6qEMw0GNzCxLVBxOELur7OCkuL%2FcW5olknEDSca8zO4B%2FaQ1to8naNrun8T9Jo3Aex3WQD2MdEoETOadTonv2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625bd810785-MRS
x-amz-cf-id: s6IHdHQcs8QRMihvbKKOCESWiqwlS_rYHrKVfv5wz2h1fZNF-31ESQ==

GET
H3 200 mega-menu-down-arrow.png
www.picussecurity.com/hubfs/Shield/Images/ 98 B
1 KB 414ms
413ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Images/mega-menu-down-arrow.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1661252390858/module_39027676914_Mega_Menu.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1661252390858/module_39027676914_Mega_Menu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: BBA4NX8DFNC714A6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="mega-menu-down-arrow.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "8e2b3f8a9be7c266f20ac70b5ef7c9ef"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1608564034330
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 45bdeab129e36c3ee5b9b954d41fe070.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: oVZ1tmPGae_LgGyoO.g0kL81yj6KC.HE
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=121
x-cache: RefreshHit from cloudfront
cache-tag: F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98
x-amz-id-2: vdgvu3DrN7Osi0o4xqsL8C2QzU7VTEmxFjUNvZiRx7m7Bg2GOxQGyWWhlEy1MZIsQfhO2KRUXZ8=
last-modified: Mon, 21 Dec 2020 15:20:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu1spCdpgJT2qAGDTRifMuQkk44zzmaPg79J9q8nkhRwHVYHUiZM5srchbF%2BFnSDbd8a6iMOwS%2FoEv5%2BFGsFh2jw8dPVJvaENnWCJxWJ1fyYCZBCBtbS9hvWSwxLCtFb8Y6ncPrLdx2BcXc6PjjaEqTLQw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086261df90785-MRS
x-amz-cf-id: 1CVCHWAUkiswkxUvvFk9ItPzgYcbA_XudpKyKblxwO-wKLNO-tQqLA==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 65ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 03:31:40 GMT
x-content-type-options: nosniff
age: 238293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 03:31:40 GMT

GET
H3 200 BAS-Mock-Up-1-small%20(1).png
www.picussecurity.com/hs-fs/hubfs/ 30 KB
31 KB 401ms
400ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hs-fs/hubfs/BAS-Mock-Up-1-small%20(1).png?width=329&name=BAS-Mock-Up-1-small%20(1).png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc6fa8aef0be02142583651adc088aefd15bbf4d3dcde8c3271fdbd9b58302e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
via: 1.1 c16a076a98fe12ce8f7219a60d831ccc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-71328100632,P-7048931,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31058
cf-resized: internal=ok/m q=0 n=444 c=40+49 v=2022.10.4 l=31058
last-modified: Mon, 18 Apr 2022 14:13:22 GMT
cf-bgj: imgq:96,h2pri
server: cloudflare
etag: "cfnnohfzEXEM8_3ZJB07VJJw:8bb22a08d0096fd20b553f661c6c1fde"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f1IUCF1mGDqYiECqNTuUCw6aMo6woGlULblvJDP82lSHu0tyuigYnAqLlFANYi11VJvp9lHsY300uVeS%2FSqYHYW4Nppp6YAALNf9EWhYyabeT7sUm93l5eu%2Fp4I8TqnMIMeU99oNwmXzg8SoU8bVsDJwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 76508625dda10785-MRS

GET
H3 200 Picus-thumbnail_Ipad_Checklist%20(1).png
www.picussecurity.com/hs-fs/hubfs/ 20 KB
21 KB 437ms
437ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hs-fs/hubfs/Picus-thumbnail_Ipad_Checklist%20(1).png?width=246&name=Picus-thumbnail_Ipad_Checklist%20(1).png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f1935196bf2ac755f30e8f64fce2835a4603db62eb470331d5ae69d0ceb184

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
via: 1.1 633fece295fcb199456ab86aeffd3b00.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-78358013016,P-7048931,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20405
cf-resized: internal=ok/m q=0 n=500 c=9+37 v=2022.10.4 l=20405
last-modified: Tue, 05 Jul 2022 15:13:18 GMT
cf-bgj: imgq:97,h2pri
server: cloudflare
etag: "cf2bOP4KSClnYzLvyXCIioww:0f536279d6d625d29671d767a826849d"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIl%2B%2FsahQCXmYvO1o3v%2BMQiyv%2BYhLuiODaktgBQ2Chw1CmiX7l5%2FA2lg3JJicOduB2L6gdrBjihSzFHYzncZNGWvMj7QV%2FjVAW%2FdwQYuq8o4EakCgmJyTavcWnzu57BihYr3eBBSU%2FY1Nk1VokwJ0sOznA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 76508625dda20785-MRS

GET
H3 200 Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%2829%29.jpg
www.picussecurity.com/hubfs/ 115 KB
116 KB 569ms
568ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%2829%29.jpg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

448a5e8d16f777516eb67adf66891c200720c4af1c1b677d3e5c6121ab8c20b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-90249799312,P-7048931,FLS-ALL
age: 206851
x-amz-request-id: K6Y4D3V657KTWN8W
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90249799312,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20Posts%20(835%20%C3%97%20525%20px)%20(29).webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "82a08eb10bb3bfe83932c211f10b7a9c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667390096324
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 59953d425efb321e28a3eaa2f78b6740.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: prRjorVZmVyuzXiRo1P.JrlL.2V_K4U6
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=151721
x-cache: RefreshHit from cloudfront
cache-tag: F-90249799312,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117344
x-amz-id-2: hnMOVVkw7sK4QhDLMR5EofbRQcyYkbrLCroPBPOz27smFBsd9KTKFa4dASV4MbB6rBzyqC/JBZ0=
last-modified: Wed, 02 Nov 2022 11:54:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5KUN7h2%2BkXMUvgjVIwze3VctBwoIxxnv%2FLA3Ro0SHfckEYdc8nlbQmAIp1b%2B5JscCQqDjBKW2N%2B%2BLfk529fHsZbSeyUXWprPaK0jxg91zgDdqDvbf9SrEMm7YM15Zzo4LaGeZv%2B3%2BRS%2B7H75xk7CbXHsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625fdbc0785-MRS
x-amz-cf-id: LSaJ_0ikWurchahnK8_zx-qYP1EiX5OfRTzdQnKmPgApM6CS1pDyaQ==

GET
H3 200 Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%2828%29.jpg
www.picussecurity.com/hubfs/ 105 KB
106 KB 1457ms
1456ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%2828%29.jpg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

455257233604c841563d6204e1f0f02ab34d5e375412975cbdae1d7f46460ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-89663997973,P-7048931,FLS-ALL
age: 381463
x-amz-request-id: Y7JH16Q3PT4KVN6B
x-amz-server-side-encryption: AES256
edge-cache-tag: F-89663997973,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Blog%20Posts%20(835%20%C3%97%20525%20px)%20(28).webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "321a4ba0b0757e7a1e7ab08d50616617"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666874860357
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 ff193ef990cb249e54301c115adee232.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lbYtXxg6XeuFEoEyP.cQSCAcM8mZvmF_
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=139291
x-cache: RefreshHit from cloudfront
cache-tag: F-89663997973,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107492
x-amz-id-2: M0bXawyoJhkwPCrMsSx0ujXX2GBzFLEn7IMVvrZ7qzmq6s1ZrVvtr1NNuJyyo1e+OUoQOAxg2hw=
last-modified: Thu, 27 Oct 2022 12:47:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcd77VJD%2FCjbbUyNd01G6Ta%2BymS180fHgnyyZqiYhDHzs480FLeA7ehxwrSBO7DRzJdrrKqQASH3G9sVpOxkTGrXo4Zqi9u%2FIjr%2BL8Kk%2FEQfJAWTPEJ7A9gKMQqpXyOWPB4Pzee3l7PT%2BpPl3I4pZ4ASJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625fdbd0785-MRS
x-amz-cf-id: oy6IxjHqMdKd2s24s3gULc04-QGvAxW76AxdAQJeqzaYJsoqaxqnVQ==

GET
H3 200 christmas-blog-featured-small.jpg
www.picussecurity.com/hubfs/Picus_February2020/images/ 109 KB
110 KB 1019ms
1018ms Image
image/jpeg 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Picus_February2020/images/christmas-blog-featured-small.jpg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96b914f0f5de708ff357d843c30a208eec99b5e8682a076c4b68b650fe92400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 3ffa21fde24be18d36c5d5b13a622abe.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-26106634761,FD-25847619727,P-7048931,FLS-ALL
x-amz-version-id: qPAqS8HEKBnkLR0pjCNuuvNcIXiqGt3h
x-amz-cf-pop: TXL50-P3
x-amz-request-id: 2HR537W700XG23P5
edge-cache-tag: F-26106634761,FD-25847619727,P-7048931,FLS-ALL
cache-tag: F-26106634761,FD-25847619727,P-7048931,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111138
x-amz-id-2: mQXMwGGFcKJnfUTQjNJR82zYlOXY9QIKzurd3g6X/KTNGqVnvAdHTFjV43GQ8xSADRYmdloYatI=
last-modified: Thu, 20 Feb 2020 04:42:39 GMT
server: cloudflare
etag: "c2e229ebff7590a9af79bb0e1e5e8eaa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUbz7q5aoq2Gucs2oF3t%2B6YaPVqCDde%2B1ytk%2BEy%2BeY2iXDIirjbU3M0wCIdpJx50zBAEJoIIkl7PavIN9kIWiMwfnqQ4P%2BpbiKpBdhxi%2BtAZ1fG7x7ZSlkR5tuOcYeQCvue6myUweY9KDgfn%2BuuePxPmIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 76508625fdc70785-MRS
x-amz-cf-id: QooZyPA-mCN1owiYowDnEmOZKvkrAHlNlreI7QEpTDCjp6HH7rf3qA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 background-pattern-20.svg
7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Shield/images/ 1013 B
1 KB 437ms
382ms Image
image/svg+xml 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7048931.fs1.hubspotusercontent-na1.net/hubfs/7048931/raw_assets/public/Shield/images/background-pattern-20.svg
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
via: 1.1 17c7dca456d18c7a1217f1dd39cdf4ec.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-32587224910,FD-32294001075,P-7048931,FLS-ALL
x-amz-version-id: mViV1q64F1is5e_tSVdlZtjxaYvXeqgy
age: 156913
x-amz-cf-pop: DUB56-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: 653R1RV9BM2ND6R9
edge-cache-tag: F-32587224910,FD-32294001075,P-7048931,FLS-ALL
cache-tag: F-32587224910,FD-32294001075,P-7048931,FLS-ALL
x-amz-meta-index-tag: none
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-id-2: 8t7OJv/Vh8Ow39t8UobJXD9zN7b8xCwXLQQrIOcMOWtW8QlHW/WMrtOPKjA45JglyUPIXIWbSjs=
last-modified: Mon, 20 Jul 2020 13:27:49 GMT
server: cloudflare
etag: W/"399b73fe70f94e2b0fe7d2a023265e66"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1595251668028
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 765086264cf2928f-FRA
x-robots-tag: none
x-amz-cf-id: NM4TcYLU4vPVDahDl_nbUlun1VvvIlR7urAp4dPYRZ_Ov1odpswcdA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 discover-latest-resources-background.png
www.picussecurity.com/hubfs/Shield/Backgrounds/ 129 KB
130 KB 79ms
78ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Backgrounds/discover-latest-resources-background.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d9db1c420523572331cff6901bfcc6012f5c0fc0913745c052d01339f7134a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-48927946102,FD-32488148221,P-7048931,FLS-ALL
age: 381443
x-amz-request-id: DSJY1K29PXZKX55A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-48927946102,FD-32488148221,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="discover-latest-resources-background.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "477599939a85ac3e0a2b8a9355bafc30"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1623857145292
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XcLnqw1KV0.7BvpT7VMk6DJgTZqKI6GS
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=157236
x-cache: RefreshHit from cloudfront
cache-tag: F-48927946102,FD-32488148221,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131772
x-amz-id-2: 2tkX+niaiCvJ+4jbIvfFuewuKqgqctNHy1zPCYuvVRJbWg+p/OVwSYyO+9Sa9Qmt9jR6w165rEA=
last-modified: Wed, 16 Jun 2021 15:25:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F68WhP3bnENmLfhxoydBbFlbcGT7R4MlCAAPSjzM1cFULrSe0PsBhAcWArmRSm1SG5y4X%2FZIl8B%2BQ5hg63YTeRk9MSq6LUWBG8j4ovSyD3PYoD%2FO4DfllANMdZ%2F1eLPLigkN4qgP1MsvlX2YzmiSq23nww%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76508625fdd20785-MRS
x-amz-cf-id: zoV-d9sVEoIaSqtHSsIKX7iwq94Ac5hmcafaNwzhQMZAiYSxf0N5vw==

GET
H3 200 Travelex%20blog%20thumbnail.jpg
www.picussecurity.com/hubfs/ 104 KB
105 KB 680ms
673ms Image
image/jpeg 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Travelex%20blog%20thumbnail.jpg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded4c4fe45fc3fd7af3bacb20f2439b2c8f63c0f136e4a7523602650b223f316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-30519620574,P-7048931,FLS-ALL
x-amz-request-id: ZBQKWWHV5J242Q0Q
x-amz-server-side-encryption: AES256
edge-cache-tag: F-30519620574,P-7048931,FLS-ALL
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "00151710bdfb028b4ce23620bc162dd7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Bdf4wBbtHcranwwShGyNFvHg7khD4BJZ
x-amz-cf-pop: TXL50-P3
x-cache: RefreshHit from cloudfront
cache-tag: F-30519620574,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106188
x-amz-id-2: gJJ/HhjRGHZFEwA4FLDPjA9xZHIdXmXJCB4E1AQanh2tcyfAn2/iBSbHKbfa1dJz4RUkFq31VAk=
last-modified: Thu, 11 Jun 2020 07:48:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLNoi1ch3amrfIs7hhgTvCIssxHk7MCyhrmDP6FlyYWSS7dOZzH%2BFxwM2QGUWxjXGyL1Y5WJobKK5N57T7%2FvwUByORPgPKoXIS9cmRRLs4zuPC03iNWvPMMaabCW4Tx1fwBH4lTDF8CZNu2fZQ8YhrVitg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086260dde0785-MRS
x-amz-cf-id: 8YbrzyUYHofX1v8LnanfaVR4Gjng7PR__JOag3X8vwTsQGgU-USgqQ==

GET
H3 200 Emerging%20threaths%20%286%29-1.png
www.picussecurity.com/hubfs/ 219 KB
220 KB 247ms
240ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Emerging%20threaths%20%286%29-1.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

470121817e5f399f7f262d59ef069f351fa9b6f951f56d09755a3afc8f222638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-67443974307,P-7048931,FLS-ALL
age: 27742
x-amz-request-id: XDMNEBQ8F2HWQ70S
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67443974307,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Emerging%20threaths%20(6)-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "a9887c9298cf3fd41bcb4545a261052b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1646138871807
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 001e0031af38ee022d390738c4e5f862.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7bfmFhlXscS7JQ2TY8.ui4SDSz36DSqq
x-amz-cf-pop: MRS52-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=340416
x-cache: RefreshHit from cloudfront
cache-tag: F-67443974307,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224268
x-amz-id-2: 06wzXPHtj2F+oNnrleef4CyRjgm8Dk8giW664o/V4aUasHb4i7Loduxqdwee8IORc3faDL0JTLM=
last-modified: Tue, 01 Mar 2022 12:47:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YooJ2yRYwWSgaq9HTZVGr1LXhGuWVyFLbLiZ5uxJKUqwxRi7gtst5uC5ScfMNEzab1ZruNZ0anykSxgaPukI59J2fzuxxv5ElMEV5Ovp%2FBRFRkaNRql2Ni%2FLnEbGXbJ7w5lKy%2Bu3AscJXdRgOw4cLg%2BYvA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086260ddf0785-MRS
x-amz-cf-id: UynCgufR3WWKuJ4VJun8HGNFQhGaO3wmplIIDET23eOsuTft-q7RHw==

GET
H3 200 Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%281%29-1.jpg
www.picussecurity.com/hubfs/ 469 KB
470 KB 1273ms
1267ms Image
image/jpeg 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Blog%20Posts%20%28835%20%C3%97%20525%20px%29%20%281%29-1.jpg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c519d24bd513e73366711c3956fed17930999c2562467bf2751836dbd5151a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-81899762708,P-7048931,FLS-ALL
x-amz-request-id: EK4DTAFXGA631WA7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-81899762708,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "55d19bfb5f08faa0b4bd5adb0e3a9709"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1660376333171
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 71899bd3f76489e8a6e71cc77aaa6424.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JNBGaYXJUnvmR6QhwMjpWJeY3CZUt5r3
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-81899762708,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 480357
x-amz-id-2: X6LAXB5xI3sTc0Ddg6cJMlS++7qRQ46Vw9k9RlysBFzP+2S8v59ce67wSVNRSsPeT11fF8rz6sQ=
last-modified: Sat, 13 Aug 2022 07:38:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F1PdwG%2FHZrO%2FcdDDNT8hwwolvOALm6syOMEPaZk%2FaUxG6GCc3thkWhvfF6dX2bCbnyTBpk6ZCyJhNwjg8SGGTNsW6mTwE4r7F%2Blyle%2BgmEbty%2B3MsCX2hjOG%2Fj6OVtNpnCiIsj29k5D014k%2Feardy5Qzw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086260de10785-MRS
x-amz-cf-id: cxn2kp0ytxiRSftMlltSRXJfR9ozRKAkuhvsr5nNdhvq86aANmkNwA==

GET
H3 200 picus-cta-banner-blue.png
www.picussecurity.com/hubfs/raw_assets/public/Shield/images/ 13 KB
14 KB 1859ms
1853ms Image
image/webp 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/raw_assets/public/Shield/images/picus-cta-banner-blue.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e13189d1fff8e31882b630932faaeb79eb98a0c5514addf6770135014f07837a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-32961024991,FD-32294001075,P-7048931,FLS-ALL
age: 180454
x-amz-request-id: 7GR6QJM1EVV5QRF3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32961024991,FD-32294001075,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="picus-cta-banner-blue.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "a60223f88985cbb892578da33c9c7aea"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1595938893417
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kFBsfNFhuTweyGPHIaAy1K.qQ47dB5Pf
x-amz-cf-pop: TXL50-P3
cf-polished: origFmt=png, origSize=26958
x-cache: RefreshHit from cloudfront
cache-tag: F-32961024991,FD-32294001075,P-7048931,FLS-ALL
x-amz-meta-index-tag: none
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13124
x-amz-id-2: OtTsWIJsHXCtsCrf/5NIlxbo04dUUW4AVt2/R6Ju48sYJQU2cXV29SYZaLi+H7QVQvTuacLDG6Y=
last-modified: Tue, 28 Jul 2020 12:21:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4hpfgjQuYdB7cBORd1soEfVboUOQKwmzt1N4amyTmeLdanA6ZvoPoBL5hnXtUZ09Wkf34O7HScD%2BgynLnuxAEnyI%2B0IQa00iR7j0S%2F6MZKwzMrzPLw6rbxYpF9XL7yviY9XQAWBsVgK0KiZohnJp4CGkg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086260de30785-MRS
x-amz-cf-id: AnQdBTkK7lsm6Zl7PBnWXTKp6DxCq6G829tu2ubsolnIbaiS-0K84Q==

GET
H3 200 background-pattern-footer.svg
www.picussecurity.com/hubfs/Shield/Backgrounds/ 1012 B
2 KB 1868ms
1861ms Image
image/svg+xml 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Shield/Backgrounds/background-pattern-footer.svg

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1665412286673/Shield/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-32488001577,FD-32488148221,P-7048931,FLS-ALL
age: 381443
x-amz-request-id: WRBX8X7M2W4B5C1S
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32488001577,FD-32488148221,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"5d838d296347ac210f658dd228f5e4d5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1594983750124
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 ba055a10d278614dad75399031edff3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _FuCvoAKP6E7gHr_urCXSjMGDpA0scJz
x-amz-cf-pop: MRS52-C2
x-cache: RefreshHit from cloudfront
cache-tag: F-32488001577,FD-32488148221,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3K/2EwA5iDE4V/GgjyNmP8T2GH7I1pQTJ0llU5ZqdAdj8pp9Uv1KDeVJYMG07HnJVTgcqL8CIaU=
last-modified: Fri, 17 Jul 2020 11:02:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpgk387%2F1WQWrcxXNuLofVBkiTBaO34tVki3NPmSfEzK8tBcODeYaQKCs3gJXBsY5fF2l79T8FQUQtP%2Fon9xDTTInhL0g1jJbhNvTYMECUy87VpyQgznXP7qz5gIUtLzVuz6TOucI5Y0VotlV9CPFp2T1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 765086260de80785-MRS
x-amz-cf-id: N3B7rnl3clcvq23eKm1svlZp_thvfKKxOGZhy2usruK6VCcJIb5h1Q==

GET
H3 200 SANS-White-Paper-Thumbnail.png
www.picussecurity.com/hs-fs/hubfs/2X-Demand-Gen-Files-2022/Email/SANS-White-Paper/ 21 KB
22 KB 1826ms
1825ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hs-fs/hubfs/2X-Demand-Gen-Files-2022/Email/SANS-White-Paper/SANS-White-Paper-Thumbnail.png?width=257&name=SANS-White-Paper-Thumbnail.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a7dadc13833e5059397372ca8aeca9678c2ceb5126db4dd0b6b9c9f0b74223

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
via: 1.1 59953d425efb321e28a3eaa2f78b6740.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-79064996022,FD-78976571977,P-7048931,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21371
cf-resized: internal=ok/m q=0 n=761 c=1+26 v=2022.10.4 l=21371
last-modified: Fri, 15 Jul 2022 17:02:51 GMT
cf-bgj: imgq:97,h2pri
server: cloudflare
etag: "cf0Qvikdof4INK9kP8O21ONw:21f589c67b957e61ceffe4944a9a9a55"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=we8rAUkOIuss4lt5F3WYvwPMxnKDPdgQ%2FHdWZHYVo6jEDuWxPecDLPJ6NYyNUhG2%2FLv5JoczBphGILewsYF6PnkS8w6vP%2Fk2fkC%2BYyWw%2FXnSKxVE9ML6pkPxbzm5Kf4qzxJAB%2BliGHVnUqMkaMCvURkmPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 765086264e620785-MRS

GET
H3 200 word-ss.png
www.picussecurity.com/hubfs/Imported_Blog_Media/ 82 KB
84 KB 1845ms
1843ms Image
image/png 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.picussecurity.com/hubfs/Imported_Blog_Media/word-ss.png

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d1f91540ed14e3839cc45da1a465a422660185270b59b32bfb22d7c09369fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-35192888931,FD-35193799431,P-7048931,FLS-ALL
x-amz-request-id: 2HR8Z32GGQRM6DPA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35192888931,FD-35193799431,P-7048931,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "584c01056f98d156821880b286a2ea51"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1600715712915
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 52e36d36d4be47cb53b8d42c679428e6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vFFUEd1_Ze5gaXQflV1bloYnI.GRV4Yn
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-35192888931,FD-35193799431,P-7048931,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84382
x-amz-id-2: z2FegRs11CBUbdcNQREP8KdfLtbHBj/hO7BqUpnjdEVeZOJrniM07X4mkYKEHA/3E8DP2/NxI14=
last-modified: Mon, 21 Sep 2020 19:15:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2yydDXrPHTT3p%2BBF6LX52I5cjSisTfzhmLn3wciy3xfF3rAq97iZpRWIF6xdJ20%2FY6Qf%2FVZwd%2FMYNK5yTBKwmEY6pPLwDI0BFXpFvZ49V2sJKGKZEUvVWJkCQG7Pvw6AESKDnEg5cO8GrB8G%2BVG7GWAQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 765086264e640785-MRS
x-amz-cf-id: tTVJoLmY_Qi25_w-PeaTtFPSbWfrJI-ydCC2u9u6jLBMTsWGH6O63w==

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
749 B 208ms
155ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&s=202290

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.picussecurity.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fz4y7MDJDxQEwlOgHsviuXeOLZ58fEMlfLQqsMTb3shsn%2FR7Wbk4qfD0bkC%2FoCnqcYp9Vb966gjWD7tXiiU6gFZuaHk7BI9emyPY5jv5H%2FjwqSAhZsx4LB%2BRQuMd4YToXrqG3rAXoGFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 76508626c9de6927-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

POST
H2 200 open
a.visitorqueue.com/ 2 B
138 B 394ms
120ms Ping
text/plain 52.60.33.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.visitorqueue.com/open
Requested by: Host: t.visitorqueue.com
URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.60.33.79 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-60-33-79.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 21:43:14 GMT
access-control-request-method: *
access-control-allow-headers: *
content-length: 2
content-type: text/plain

GET
H2 200 open
a.visitorqueue.com/ 42 B
196 B 395ms
121ms Image
image/gif 52.60.33.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.visitorqueue.com/open?l=9&q=cGFnZVZpZXdJZD00NmZhNjMwZi1hZGUxLTQ4MGEtOTk0NC0wMTdmNzU3MjdmNmEmcGF0aE5hbWU9L3Jlc291cmNlL2Jsb2cvdGhlLWNocmlzdG1hcy1jYXJkLXlvdS1uZXZlci13YW50ZWQtYS1uZXctd2F2ZS1vZi1lbW90ZXQtaXMtYmFjay10by13cmVhay1oYXZvYyZ2aXNpdG9ySWQ9MmU4YTE4YzctOWE2MS00OGQ5LThmNTQtYmVkYTUzMWExNGYxJmFjY2Vzc2VkQXQ9MTY2NzU5ODE5NCZ2cVRyYWNraW5nSWQ9NjdhYjBlZTctZmNiYS00MDBiLThjYjMtZGI3YmIxY2MwMDMzJm9yaWdpbj13d3cucGljdXNzZWN1cml0eS5jb20mc2NyaXB0VmVyc2lvbj0xLjYuNQ==
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.60.33.79 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-60-33-79.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 21:43:14 GMT
access-control-request-method: *
cache-control: No-Store
access-control-allow-headers: *
content-length: 42
content-type: image/gif

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 63ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=64d678615e3d0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 586822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaVAzzJwNesS%2BZFJBQ%2FKpxYrrrpIMEp20pbBOElPFH92XqKyKSWkj9BBsLESM5hTXEzhO5w5oWKKrjaYmShOQofwcwMQfwdyBTEmuYyRq6rUos64lgk0qCNRydZ3WBSSwvNV2rSupuWzSIBPFr9wljnV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76508626ec3d9baa-FRA
expires: Wed, 25 Oct 2023 21:43:13 GMT

GET
H2 200 modules.f1e65ef904544a33c6d0.js Show response
script.hotjar.com/ 262 KB
67 KB 69ms
20ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2366058.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 12:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 33667
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68402
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
etag: "0f58b5937c38edb646c879633af2ba34"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Vqn6khyOjWe0wRrp7mI0_pEzWtXzpgpTgsiZJmhZDBOQpUDsY9ggAQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 64ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DB6MKXQ2E6&gtm=2oeb20&_p=1846477757&gcs=G100&gdid=dZTQ1Zm&cid=1134041117.1667598194&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667598193&sct=1&seg=0&dl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&dt=The%20Christmas%20Card%20you%20never%20wanted%20-%20A%20new%20wave%20of%20Emotet%20is%20back%20to%20wreak%20havoc&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DB6MKXQ2E6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 21:43:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.picussecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
548 B 77ms
23ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1161293777.1667598194&url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&gtm=2wgb20KNQQMK8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNQQMK8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 21:43:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js
https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js

61 KB
17 KB

36ms
36ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 7b68daa1cee9a011886264f58c76aab01a93ad5093e87c43baab22b2a82dc6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 09:23:08 GMT
server
etag: "c43db6e265efd81:0"
x-hw: 1667598193.cds241.lo4.hn,1667598193.cds083.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17543

Redirect headers

date: Fri, 04 Nov 2022 21:43:13 GMT
x-hw: 1667598193.cds241.lo4.hn,1667598193.cds284.lo4.c
location: https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/a33e3dc0-7316-4f7d-8ec0-244dbd62e401.js
content-length: 0

GET
H/1.1 200
OK analytics.php Show response
2x.wise-portal.com/web-load/ 200 KB
29 KB 361ms
114ms Script
application/javascript 104.131.39.140
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://2x.wise-portal.com/web-load/analytics.php?d=picus
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.131.39.140 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 84c535df564a2dd3d4aaf7a659acf5ad748bf3c7cd12ccb38d71ba282c9e2abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 21:43:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 28985

GET
H3 200 json Show response
www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/ 9 KB
4 KB 1360ms
1360ms XHR
application/json 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/json?hutk=

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e544ad1011552c2ca0868d330a2a2fde91abbafb1ec7ff85a747f16eafff3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 784323fc-5cfe-462a-906d-aa8a23c0a1b3
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B1E77A69AC38CFC4774CFA4CE9BF5C412D7A98547000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N2C3VwwLlujmu6cDcRxTcTsMlquzvTUV%2F443K2LdL9VVmVs6BzuLg0ntDU%2FT4SKvi8oBBl%2BudIY59qmwt9003r8b674R8UbjVkYTKWnFWGYqKHKIXldJQqiTxdw7%2B5wccrCMrg1qOrWGXxR7cDaVoEF1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 76508629dcb00785-MRS
access-control-allow-headers: *
x-robots-tag: none

GET
H3 200 json Show response
www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/ 9 KB
4 KB 1361ms
1361ms XHR
application/json 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638/json?hutk=

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98488dfa6c1f1f57a8131b581bd479d46292341f8042414d16c1d99d96d2e7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 28d061e7-1a74-486b-a3b6-ff63d6ae6a9a
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B4222FEFDEAB4504358205E8E1F0B9E8535CC9B54000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQbJbjl7DyE7VZB02qCC%2BMMxLPfYBdHIKncR6KQLqt9dTmnnXHcfEBXb5f9YsYbFvA14Jz1Cw8c4C1D0PnsIllgeNTWUbaWJyasadt3X1i%2F3eN2wc8pq%2FffuHbDxbf4%2F7IDJwFsCfUoPDAYjEQDS9tBWvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 76508629dcb10785-MRS
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 57ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad2f950fee5041c3626678ebf5fc10b484406dbd5a69ce498b4cc6bc07eabc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 83zF5Idv5/SlZO4/EOUMPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: Z4I3EbOREWzNP3zdXmT2G4+6U5Lah+Cqf2iazO/PQpdh2DUX55WZUONp1zSYxtr94PzNdfv2M41lawXakxqWzg==
x-fb-trip-id: 917726464
x-fb-content-md5: 6f995c6d982df5e65aeaaaeae5dbe89b
etag: "c7a943c86ee8f8c584a6536aeb23ddd6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Nov 2022 22:01:23 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 88ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B96) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 21:43:14 GMT
Content-Encoding: gzip
Age: 702
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29221
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (amb/6B96)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 81ms
35ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: DLUYzpWToXViCCMAk42gu6ZXj0CV1cO1
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 311
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.301/bundles/pixels-release.js&cfRay=76507e91d84ebb73-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 12:04:15 UTC
server: cloudflare
etag: W/"6c8c013098279271f03db17ec4dd49a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7650862a1969bba1-FRA
x-amz-cf-id: r0i66gPxjwuKP2PitEd7Eoiv_8jDYUP1ixNxWO24gHJGC1rvntUC0g==
x-hs-target-asset: adsscriptloaderstatic/static-1.301/bundles/pixels-release.js

GET
H2 200 7048931.js Show response
js.hs-analytics.net/analytics/1667598000000/ 63 KB
20 KB 280ms
243ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1667598000000/7048931.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39bd4440e64a5878ba0252bbfa99bba02c222c6d7977aacf0b26f689b68b550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1BTS7F4H95D8WCV8
x-amz-server-side-encryption: AES256
x-amz-id-2: grjHN2PK0OXK+cXGSep5fdLEKKVgAQXvoSu9qUOWnG9Dy2C0JNawo0Y2yQCwkoCpq59XQQxuuTI=
last-modified: Fri, 04 Nov 2022 20:36:31 GMT
server: cloudflare
etag: W/"c6ee629690a5e98c83f2868f13efc3fa"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7650862a0e045b8c-FRA
expires: Fri, 04 Nov 2022 21:48:14 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 76ms
31ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P5
age: 81006
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=7648cc7c3e92909d-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7650862a1b059bbc-FRA
x-amz-cf-id: luKhGjMmzpyvW0-JhqpIv3UINpmSOwP2UupLDk-lRg_5wfRbxd_IIQ==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 7048931.js Show response
js.hs-banner.com/ 69 KB
17 KB 455ms
418ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7048931.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06156c11c70d361b62b9e7929cdd036d4578aff9dcd240657e80be85bf5e6a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: _eoaOvbO.0LjqLW22lIF_S8YiuTiu2Bv
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: X83WSB61XVRGS0SF
x-amz-server-side-encryption: AES256
x-amz-id-2: zsPxONkTbcr6OGolriRbclRvmvgsDR4WvlPYXkLg4dEw3177E+2YwYqJDoc3efXTwcutUsKy44I=
last-modified: Tue, 25 Oct 2022 21:05:26 GMT
server: cloudflare
etag: W/"d729c1282fe24ce0ca8c840643b055e2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.picussecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7650862a0fd9695d-FRA
expires: Fri, 04 Nov 2022 21:48:14 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 84ms
35ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
via: 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 58225
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=764af8aa1fbabb4d-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7650862a1950bb50-FRA
x-amz-cf-id: vLXKJPDoiWx6srBaiDJqLgZSc7QnkOst1hs9d_Dgb_VW402O8Aez1A==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
746 B 273ms
237ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=7048931&callback=jsonpHandler

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 907fcb7e-ffcf-4ab0-9e3e-f2c46477f041
x-trace: 2BB89E25731CE636877D8B306842A536CCC5D8F2EA000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7650862a08b49a3c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7650862a08b49a3c&resource=unknown"

GET
H2 200 64d678615e3d0 Show response
display.popt.in/APIRequest/ 3 KB
4 KB 281ms
235ms XHR
application/json 2606:4700:e0::ac40:6525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/64d678615e3d0?domain=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.fnj6uwrovb%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=The%20Christmas%20Card%20you%20never%20wanted%20-%20A%20new%20wave%20of%20Emotet%20is%20back%20to%20wreak%20havoc&origin_landing_page=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a2b1d9fbd53342954b85b500856ec19863b697f24197934397bb2976c5e712

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C344akMgEHu1TSba9HnrlpzIotAUGsvI1yxL2pin%2F309m%2BWghbdYv0%2FyvewPtfVBzb0o%2BqcOjQB%2F8YE3XjWNiX3Ys6XjY%2FmsTk8Js9QEFJRmyRWtS4Rj3sdoL3dMYiLJN462UFy4rM116QIoHUs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 7650862a3aecbbbf-FRA
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.7.0/ 97 KB
29 KB 51ms
30ms XHR
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.7.0/polyfill.min.js

Requested by

Host: 2x.wise-portal.com
URL: https://2x.wise-portal.com/web-load/analytics.php?d=picus

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760c8f1d2fbb6485566933a8b6b6aac1d51ff0b1100103438f136b79bcdfd8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 580426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29226
last-modified: Mon, 04 May 2020 16:06:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6b-1840f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVBjRuEHvyHX31DG1tQsdPiojCuuRUYoX38TGpu2Oy45mvGFqovMxUTWjvgB18quRouLAloj4IdilDL%2BFtR8O2vrTOys9KD9NBgeQ0bZFk9Lg2vcJRAARBslnOcQxU0DjnPBjb4y4DzGFMfLCVGQ5WH8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7650862a1d6c9128-FRA
expires: Wed, 25 Oct 2023 21:43:14 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 307 KB
86 KB 35ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=43bad897eef2e165924dfe9482a3918c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8896a7408eb7b91530147cdc3c5180cb6c09207b7be916792d17cd7d47597bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 21:43:14 GMT
content-md5: SQTrlTz4XBh6EGOfgD8RoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88228
x-fb-rlafr: 0
x-fb-debug: 1ZfIgvcyIFfs/zaZTHiJvKBPaUyF0JWl7A/Btoa3krbk+HTLOKM1ImMUy2kPcE+OnIdfcw+fNqRiwW3y2vl0XQ==
x-fb-content-md5: 8819e00bfeff0d94796a230c90b1ef43
cross-origin-opener-policy: same-origin-allow-popups
etag: "33aa7d796d560f7f590bb41ad6e90dfe"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Nov 2023 21:07:43 GMT

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame 6E03 2 KB
1 KB 62ms
17ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2366058.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33668
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id: 1PrPwSSi5GWGwiLLg3r9Y7GX-C8J40q2hM065a7rIskGFq56e-QPYw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1023 B 222ms
176ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7048931&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ca4c9d63-17df-44af-8f56-78b20eeccf47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.picussecurity.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cESxrPSBq522MNmluLpZ%2F4t8mSGjbG04Tyh7ASEmyX%2FOfHOrMOJOcdPymcerR1%2BL8xd21RN37BrodEcOuR9C5x72XXMt9luGc94EDBjVR45uje%2FwlJp6mapKgZGGhUMLyIC8AQhuXiAVF0LFVnu"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7650862acb959b1b-FRA

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 91DF 320 KB
104 KB 21ms
21ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.picussecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8F) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 169996
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Nov 2022 21:43:14 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2366058/ 147 B
322 B 143ms
44ms XHR
application/json 18.203.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2366058/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.27.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-27-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2366058 Show response
vc.hotjar.io/sessions/ 0
257 B 152ms
95ms XHR
text/plain 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2366058?s=0.25&r=0.016534627165959215
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-105.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: MwQMW2k5Ztb-nQZp5no4QB7immmXVQokAJyQv5FUlhUChUd2-P8aTg==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 91DF 914 B
696 B 166ms
126ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7611676d33421bcd3accc7785efe248e968dc605

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.picussecurity.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

66c1aff8564f0c727747c0a2f1ac6f5a215100fb599807bacecf6b23b1a6a975

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 04 Nov 2022 21:43:13 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 04 Nov 2022 21:43:14 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 974717aab32d63eb
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 3bd343aa0e445ffa567b8701ce20328b1ca297cb4088f806d11ce8ee4ff6bf10
content-length: 375

GET
H3 200 css
fonts.googleapis.com/ 4 KB
533 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbda618f28d6145a563271f87e191a7717b1824208c49744b6b08c601242f9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 19:47:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 21:43:14 GMT

GET
H3 200 heb-fonts.min.css
cdn.popt.in/css/ 22 KB
3 KB 52ms
33ms Stylesheet
text/css 2606:4700:e0::ac40:6525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/heb-fonts.min.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: qXd_m_chdhWvR5DNrvI834tklGtnWkb9
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
age: 28678
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Sep 2018 18:05:20 GMT
server: cloudflare
etag: W/"fb58ef8ec15444a0d0cf977973d4f824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWUDxzrsmNYgl4sUMFjoSv4B3EV5xKIiCJ6KLUCanYloyTrFhxGleqtzzYZvjXqG10J%2BmNdI43%2FxX15RS2vzAw%2BoJ3X0q2WWAxqDyfBFq6jHlLNPItzKVz0nf1sLH8kcpM%2FwmsVwXIKEjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000
cf-ray: 7650862bd9b99043-FRA
x-amz-cf-id: ehtOtNupwfJNnGUkA5MRzWSCkDbjCQ50ANODG0ovNJY6fJ7lQBb8Mg==

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 46ms
24ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2599595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDX04XjX8bgYZA33JPBLUKCeygXh4gNlL6db8Q8K0qMjiUwEsBlPKM3xAfNyptZYpM0931O1u5rk%2BGQIzRBr7ROF%2B2ew1bAXsNHrhPEzhoWBoOwWWRFj%2BX9QshGrzctTzPSQIYwCAAS5iAIvDsjtoMtC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7650862bdf3e912b-FRA
expires: Wed, 25 Oct 2023 21:43:14 GMT

GET
H3 200 poptin-style-en.css
cdn.popt.in/css/ 31 KB
6 KB 49ms
31ms Stylesheet
text/css 2606:4700:e0::ac40:6525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cddd8df6cf340ff7c7fcafe18bb7452eb09cf5fcedde9dc67836215774dbb7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: gitPf31CK_7QWu7iEI.kO4QpX3pWOO5X
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
age: 7069
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 13:45:03 GMT
server: cloudflare
etag: W/"ac98d8b1ca8f8e705a7cbfac942e4a22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzzK%2Bk82jFeeNZ%2B5jvfnLYzh9bkzo45a7Nw6QC%2Bvb%2FJ%2B0hKmvvBU3wXELplSHFToXKpzHGHXqqctXqIFDFTH5eV%2FaCl6wTkRPoEuMC0XXCnyqWLQiYu5dDquceudtYK2ATyJnZteSorPBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 7650862bd9bc9043-FRA
x-amz-cf-id: vLaUuoaqBI8IC7DfHDMSIAONqLIv7TLMN1G0RbhlOhBDP11X2eex-g==

GET
H3 200 poptin-animations.css
cdn.popt.in/css/ 13 KB
2 KB 47ms
30ms Stylesheet
text/css 2606:4700:e0::ac40:6525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e59394b69d811162c6b954e787c0951ea2fea8221230ff7fd61ec7033436577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
x-amz-version-id: 7YykEQUI2EyHusjQEN90fki3sa4ibkdo
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
age: 7075
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 13:45:02 GMT
server: cloudflare
etag: W/"1ca18ba515190ee10a437a0362f8b05f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iNbclOG7qdKz8gvtA7dtKfeqVp7DhExIeO1CcBcKBSkZSP7mFMk5DWjlemPx9uRpZ09plwhPO2cZVFibLIlHyEm2GygycDRVTLLBWYDvru1Xe6jY1l1B5K5HdAVkklpUFsbpeaV1dt5yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 7650862bd9b69043-FRA
x-amz-cf-id: qp3GnR6bvXNMY-lVWuA13Xr32Q3eFCK4sHqQ1h83ni6hNj7pO4PFeA==

GET
H2 200 account_613f053dd8506_poptin_032705f2769bc_2022-10-25_14-34-23_version_8.html Show response
d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/ 172 KB
104 KB 75ms
18ms XHR
text/html 2600:9000:214f:d000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_64d678615e3d0/account_613f053dd8506_poptin_032705f2769bc_2022-10-25_14-34-23_version_8.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e64c4d0d1c62a15811b29e0d072586e2826a9100664c019e2be3a3c2ad9f83d0

Request headers

Accept: */*
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 0iNy0Kw9sZ6i3SnzliKVo5YgSS3T6v2g
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 07:38:10 GMT
x-amz-cf-pop: FRA53-C1
age: 50705
x-cache: Hit from cloudfront
last-modified: Thu, 03 Nov 2022 07:30:58 GMT
server: AmazonS3
etag: W/"8aa809869461237dfbae581b9cb8861b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: kvsMDMHcKrZPE5IA2ExSOkrfn4TSm0GdUFmfIbnaOBvFjz3wLrlC7Q==

POST
H2 200 content Show response
ws30.hotjar.com/api/v2/sites/2366058/recordings/ 66 B
259 B 354ms
121ms XHR
application/json 54.77.201.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws30.hotjar.com/api/v2/sites/2366058/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.201.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c89bfabd098535c5eab8bbca6b54320b3e88ad024b301cb87bf2eaf79d08a3df

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 59 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edab73bff8a3282055fa6992dc22e2512a44c4e380522005b07db2d5cc588d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dacdc85e3bfebf48e0c910884a31a9abb0c0e490d878381e47fca99cc626aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
154 B 64ms
25ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.picussecurity.com
date: Fri, 04 Nov 2022 21:43:14 GMT
server: cloudflare
cf-ray: 7650862ce879697b-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 127ms
127ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.picussecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.picussecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7650862d18b9697b-FRA
content-length: 0
content-type: application/octet-stream
date: Fri, 04 Nov 2022 21:43:14 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
136 B 143ms
143ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/7048931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 21:43:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 29870fbb-3553-439c-804b-f4a01fd8aedd
x-trace: 2BB975661D31419A295465820CD697E1EE78A7A044000000000000000000
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.picussecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7650862dea6b697b-FRA

POST
H/1.1 200
OK trigger.php Show response
picus.wise-portal.com/web-load/ 0
506 B 362ms
137ms XHR
text/html 159.89.244.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://picus.wise-portal.com/web-load/trigger.php

Requested by

Host: 2x.wise-portal.com
URL: https://2x.wise-portal.com/web-load/analytics.php?d=picus

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

159.89.244.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Nov 2022 21:43:15 GMT
Strict-Transport-Security: max-age=15552000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Server: Apache
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: frame-ancestors 'none';
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
522 B 171ms
170ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7048931&pi=35193567243&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&cpi=35193567243&cgi=35190412163&lpi=35193567243&lvi=35193567243&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&t=The+Christmas+Card+you+never+wanted+-+A+new+wave+of+Emotet+is+back+to+wreak+havoc&cts=1667598195479&vi=c964860ea740212498cd4a72f92d3d1c&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e8f1d2f1-b13c-4683-a847-0c04fabf92b5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BK7KmLkMwL0OL40XXno%2FArqmv1SOil13G2GYehOcwr00cnozmbw2Qc8YB2f610Ah29Dj271WaRtXIf%2B256f2wdK3fVWA2S0IadHbwZiVLlEEAh%2FcgAtu0FSowN7KyVS3lKeO2Vnkna%2BMX8gLd8Bc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76508631dfce9a3c-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
360 B 149ms
148ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=f472caba-cb5c-4073-bbaa-bd699bbe3c62&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7048931&pi=35193567243&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&cpi=35193567243&cgi=35190412163&lpi=35193567243&lvi=35193567243&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&t=The+Christmas+Card+you+never+wanted+-+A+new+wave+of+Emotet+is+back+to+wreak+havoc&cts=1667598195614&vi=c964860ea740212498cd4a72f92d3d1c&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6944d27d-42cf-4a85-bcca-b84c4c827c9a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMFsW7rjNMz6H8jnZ1sIMMug8NnlZhJU4wz3DYoTEsvAeFyhDbI%2BOZdxyNbP7L%2FkIXrWDixEuvUJVKnry0uPDMPJUD1nApj6adbdgID%2BXTefIGcHyjH0G8x5uGGLyzrEmQpehRO%2FC6bR%2FGercfOm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76508632d9be9a3c-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
362 B 152ms
151ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=f472caba-cb5c-4073-bbaa-bd699bbe3c62&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7048931&pi=35193567243&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&cpi=35193567243&cgi=35190412163&lpi=35193567243&lvi=35193567243&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&t=The+Christmas+Card+you+never+wanted+-+A+new+wave+of+Emotet+is+back+to+wreak+havoc&cts=1667598195619&vi=c964860ea740212498cd4a72f92d3d1c&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 03828c16-5f52-443d-8beb-679f3e7a57bd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UMy1dZ5OL7%2BOkLMN2nJzgxm1lbd11S17SCxzmi%2FTlDzeTe76iYRoQWKvapb%2F%2F8lP6luFPzwo3LygBimehEyyalmF5b9foukMO6Vn67sMWBI%2F8b91%2F%2B58nHVm43AdEPEyDiELya4IrFU6IL%2BXflO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76508632d9c09a3c-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
362 B 151ms
151ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=573d4a8e-55d7-41aa-a40f-81857600fcc4&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7048931&pi=35193567243&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&cpi=35193567243&cgi=35190412163&lpi=35193567243&lvi=35193567243&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fthe-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc&t=The+Christmas+Card+you+never+wanted+-+A+new+wave+of+Emotet+is+back+to+wreak+havoc&cts=1667598195632&vi=c964860ea740212498cd4a72f92d3d1c&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5d5d4d4f-277c-4a67-86f9-cab7c3bb6239
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFjogOnH5%2BFJhdHu6%2F2JqRnjhI03%2FUqLBBKwEJ9Phth1p1Nbku7WhmprY4GLEYpehWTrHDk7l5kpWi9%2BLDRAEPp4KT58KeLNG4sxOXIVTS6EJvnFWnrmDBMo8Juu1fSEz%2FbGWZfrBJ%2Fd4IkIhB5u"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76508632d9c39a3c-FRA
x-robots-tag: none

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
439 B 177ms
133ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 68e6e5bf-f7e0-4519-a77d-005bcb67acb9
x-trace: 2BFBF9D06C86FF3C93FB0178BD97F1675ACBFD779F000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 765086331fcd9c12-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 perf Show response
www.picussecurity.com/_hcms/ 2 B
612 B 191ms
190ms XHR
text/plain 2606:2c40::c73c:67e3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.picussecurity.com/_hcms/perf

Requested by

Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 04 Nov 2022 21:43:18 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 50055c27-b7f7-49c5-9457-bedf118a3d1c
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2B5C7EEB0A338D06E9418FB09A36901A65BE83CBC7000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EQVEW51GbKED9IfQooX%2BjWmgCJoNZsI9qqE%2FyMn%2Bg%2Bt2WSZB%2BVFNI3ARLFJslKLA%2BTrN2rpffXA0TzhqUuBygAIRuUMOLOBW3OemsywGB6uQkcUdvKgiESSfqdLkZU%2B99gjAydRBKUU982nLBdugbv8NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
cf-ray: 7650864488780785-MRS
x-robots-tag: none

GET
DATA 200
OK truncated
/ 45 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9690e8d7f1801cc2bdf0e26c0e706a7e992b5f5ffffb052eb4c07b58ac147af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 167ms
145ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 21:43:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: d98e6dc6-b616-4bc6-b3a3-74933cf5005a
x-trace: 2BEDF8683502E99F9D3B1D8556BAA4B9218D363A1E000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7650864c4899918e-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ 2 KB
526 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yeseva+One&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb558ade4aadf1d29db46a06447e11738ed2212d1378791f01cd0f9c70de7b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 21:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 20:22:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 21:43:20 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 57ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 181108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:24:52 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 52ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 181100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:25:00 GMT

GET 032705f2769bc
display.popt.in/APIRequest/viewed/ 0
0

GET
H3 200 OpNJno4ck8vc-xYpwWWxli1VWw.woff2
fonts.gstatic.com/s/yesevaone/v20/ 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yeseva+One&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 23:27:58 GMT
x-content-type-options: nosniff
age: 166522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16664
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 23:27:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: display.popt.in
URL: https://display.popt.in/APIRequest/viewed/032705f2769bc?viewer_id=b27d580355766&trigger=false&client_id=64d678615e3d0&type=desktop&url=https://www.picussecurity.com/resource/blog/the-christmas-card-you-never-wanted-a-new-wave-of-emotet-is-back-to-wreak-havoc

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.picussecurity.com/	1970-01-20 07:13:19	Name: __cf_bm Value: O6vR0Yht_k3xRgx1BATqe1QbwE9QIUV13BCtHFJtTLc-1667598191-0-AXJkgwtM4dkipf+jn8o7EB9wEVdCNBUeLfQ+ey9csK4zmBi4TG206MooH/GdSiM9IXIR4bN+rbkt3AWXP948iD4=
.www.picussecurity.com/	1969-12-31 23:59:59	Name: __cfruid Value: e5cc8ffa5418e127184f41a94558074a3fee7fe4-1667598191
www.picussecurity.com/	1970-01-20 07:13:21	Name: MF69CXJ-OZ2jFJm35 Value:
www.picussecurity.com/	1970-01-20 07:13:21	Name: MF6JIbbIciiT7 Value:
www.picussecurity.com/	1970-01-20 07:13:21	Name: MF6JIbbJSfd Value:
www.picussecurity.com/	1970-01-20 07:13:21	Name: MF6JIbbCSRZlD Value:
www.picussecurity.com/	1970-01-20 16:49:18	Name: MFVaKX5 Value: 2e8a18c7-9a61-48d9-8f54-beda531a14f1
www.picussecurity.com/	1970-01-20 07:16:10	Name: poptin_old_user Value: true
www.picussecurity.com/	1970-01-20 15:58:54	Name: poptin_user_id Value: 0.fnj6uwrovb
.picussecurity.com/	1970-01-20 15:58:54	Name: ajs_anonymous_id Value: 073291fb-1094-409f-8b19-5c6b8de16a00
.picussecurity.com/	1970-01-20 15:58:54	Name: _hjSessionUser_2366058 Value: eyJpZCI6IjYxNTU1ZTAzLTlmNTgtNTM4Zi05MDliLWJiZTE2ZDU4OWNmMyIsImNyZWF0ZWQiOjE2Njc1OTgxOTM4MjQsImV4aXN0aW5nIjpmYWxzZX0=
.picussecurity.com/	1970-01-20 07:13:19	Name: _hjFirstSeen Value: 1
www.picussecurity.com/	1970-01-20 07:13:18	Name: _hjIncludedInSessionSample Value: 1
.picussecurity.com/	1970-01-20 07:13:19	Name: _hjSession_2366058 Value: eyJpZCI6IjdkNGJjNzZiLTY5OTItNDY4MS04NGIxLTE5ZTQzMmM1NTU2MCIsImNyZWF0ZWQiOjE2Njc1OTgxOTQzOTIsImluU2FtcGxlIjp0cnVlfQ==
www.picussecurity.com/	1970-01-20 07:13:18	Name: _hjIncludedInPageviewSample Value: 1
.picussecurity.com/	1970-01-20 07:13:19	Name: _hjAbsoluteSessionInProgress Value: 1
.hubspot.com/	1970-01-20 07:13:19	Name: __cf_bm Value: O8QKpdBveuaPP9R1R8dr0mBjz4pTEMpe9KyY_DduDt0-1667598194-0-AWLzMyVcHnD2h7GIB6/qeOb9ka4Q7Ett2CmVDHfnmrhKM3du9viVw4M08sLYUjkyeYnaLyHkIjLkei2+cn9XzMg=
www.picussecurity.com/	1970-01-20 15:58:54	Name: poptin_user_ip Value: 2001:ac8:20:3b00:1012:65a7:8227:5c82
www.picussecurity.com/	1970-01-20 15:58:54	Name: poptin_user_country_code Value: false
www.picussecurity.com/	1970-01-20 07:13:19	Name: poptin_o_v_032705f2769bc Value: b27d580355766
www.picussecurity.com/	1970-01-20 07:56:30	Name: poptin_session_account_613f053dd8506 Value: true
www.picussecurity.com/	1970-01-20 07:13:19	Name: poptin_session Value: true
www.picussecurity.com/	1970-01-20 07:56:30	Name: poptin_c_visitor Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2x.wise-portal.com
7048931.fs1.hubspotusercontent-na1.net
a.visitorqueue.com
app.hubspot.com
cdn.mouseflow.com
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
d3lopmpcew67el.cloudfront.net
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
pagead2.googlesyndication.com
picus.wise-portal.com
platform.linkedin.com
platform.twitter.com
region1.google-analytics.com
script.hotjar.com
settings.luckyorange.net
static.hotjar.com
syndication.twitter.com
t.visitorqueue.com
track.hubspot.com
vars.hotjar.com
vc.hotjar.io
ws30.hotjar.com
www.googletagmanager.com
www.picussecurity.com
display.popt.in
104.131.39.140
104.244.42.136
104.26.11.16
13.224.189.10
13.224.189.26
13.225.78.105
13.225.78.14
151.139.128.11
159.89.244.206
18.203.27.16
2001:4860:4802:32::36
2600:9000:214f:d000:b:8c20:bf40:21
2600:9000:2182:4400:c:77c4:d500:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e3
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:5805
2606:4700::6811:180e
2606:4700::6811:45b0
2606:4700::6811:74b0
2606:4700::6811:81ab
2606:4700::6811:e8cc
2606:4700::6813:9a53
2606:4700:e0::ac40:6525
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a03:2880:f02d:12:face:b00c:0:3
52.222.232.122
52.60.33.79
54.77.201.84
019e60f76f3afc77d0880f7177593c6f274212ce66e1ce08d5dae56c547e732d
0d9db1c420523572331cff6901bfcc6012f5c0fc0913745c052d01339f7134a4
1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f
109b317e316baf368c0dff0f14ce68fdf3f6baa0b1a0f55fccc97e60c01531c3
14c519d24bd513e73366711c3956fed17930999c2562467bf2751836dbd5151a
182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564
1e1f263a74f81f70d098643437471ce7ec92cf3ba3f5f2a7d0e0699005e22537
20cdcf578aba67769a54909b38ef0b919268c0489df6339321a1713b38d8dfe8
22d4d3055c5d3983fdb3b7906c2ddb8fad9b3cbf791b9f26c0a93f16b06f4429
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b
2dacdc85e3bfebf48e0c910884a31a9abb0c0e490d878381e47fca99cc626aa0
30c582f4480ac01ccc5d0040483b6cfbdef887951b12871cbd62b6ab7e6d0b43
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3a5975b1bf614b8faeb826fddcd614bd0294ac4a9853062bc0912ed39b9ae002
41a7dadc13833e5059397372ca8aeca9678c2ceb5126db4dd0b6b9c9f0b74223
448a5e8d16f777516eb67adf66891c200720c4af1c1b677d3e5c6121ab8c20b5
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
455257233604c841563d6204e1f0f02ab34d5e375412975cbdae1d7f46460ef8
459b728bb95199cae4a83d5aece65b7531e88abaf6dcb146ffeeae406dc4acdc
470121817e5f399f7f262d59ef069f351fa9b6f951f56d09755a3afc8f222638
4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
50a2b1d9fbd53342954b85b500856ec19863b697f24197934397bb2976c5e712
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
5d1f91540ed14e3839cc45da1a465a422660185270b59b32bfb22d7c09369fdd
60a7b0cd55aa8f2dfd59b3cc53bfd237fcb3df54a2993c03f9101fc3b2f360eb
63810e2a70e6ea841a57b42ac39a8b3823808bbfb17697513dfa9081866dc664
66c1aff8564f0c727747c0a2f1ac6f5a215100fb599807bacecf6b23b1a6a975
66f47026632323e752567183d2285d768c843adaaafe8eb2fc5dd6b57999e245
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb476c3b0cb18cffc6013cc5b10e5fc6ee4bb184484f0e716fa5ce9cc5022e2
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329
74e315760b94074d76f145d1d4b49cf9f219991e7445f20b0fc0352352558113
760c8f1d2fbb6485566933a8b6b6aac1d51ff0b1100103438f136b79bcdfd8b8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b68daa1cee9a011886264f58c76aab01a93ad5093e87c43baab22b2a82dc6df
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84c535df564a2dd3d4aaf7a659acf5ad748bf3c7cd12ccb38d71ba282c9e2abf
84f1935196bf2ac755f30e8f64fce2835a4603db62eb470331d5ae69d0ceb184
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8896a7408eb7b91530147cdc3c5180cb6c09207b7be916792d17cd7d47597bdd
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e59394b69d811162c6b954e787c0951ea2fea8221230ff7fd61ec7033436577
914342592e76d583e6afdd774919141ab63ceb3a8cbfdae992491722913337eb
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98488dfa6c1f1f57a8131b581bd479d46292341f8042414d16c1d99d96d2e7a6
989428c79672f8b110cb6f879618e60387f8913935bbf97cb4e36920d8850c1d
99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682
99e544ad1011552c2ca0868d330a2a2fde91abbafb1ec7ff85a747f16eafff3e
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
9f9d3a53fe9565bbeafe8a644636f15076e99a1602715cd41fe299e926169862
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a96b914f0f5de708ff357d843c30a208eec99b5e8682a076c4b68b650fe92400
ad2f950fee5041c3626678ebf5fc10b484406dbd5a69ce498b4cc6bc07eabc2e
b4aedc93d1c0050ee019a0f8a838d5de2b64ca89662eb31c45e04da5d3f09b4f
b5779200444c0da3554694b521545677be435705abd25a27ee04969fdd04d9f0
b8e8cca00b12ff868f6524454a198b36f3915921124d6d84c7bf25300d9113ce
bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c42905ffdb6bb9396a002fa2e47a2771c868b2b5a87a72f5cf2acb06c6bce820
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c89bfabd098535c5eab8bbca6b54320b3e88ad024b301cb87bf2eaf79d08a3df
c9690e8d7f1801cc2bdf0e26c0e706a7e992b5f5ffffb052eb4c07b58ac147af
cb558ade4aadf1d29db46a06447e11738ed2212d1378791f01cd0f9c70de7b7f
cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c
cddd8df6cf340ff7c7fcafe18bb7452eb09cf5fcedde9dc67836215774dbb7e1
d06156c11c70d361b62b9e7929cdd036d4578aff9dcd240657e80be85bf5e6a1
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc6fa8aef0be02142583651adc088aefd15bbf4d3dcde8c3271fdbd9b58302e2
ded4c4fe45fc3fd7af3bacb20f2439b2c8f63c0f136e4a7523602650b223f316
e13189d1fff8e31882b630932faaeb79eb98a0c5514addf6770135014f07837a
e39d20e83d85ce70995d12a3ae85b4e0c70a288b04dacd344cfbbecc15f4e5fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64c4d0d1c62a15811b29e0d072586e2826a9100664c019e2be3a3c2ad9f83d0
edab73bff8a3282055fa6992dc22e2512a44c4e380522005b07db2d5cc588d3d
ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e
f39bd4440e64a5878ba0252bbfa99bba02c222c6d7977aacf0b26f689b68b550
f3a5a7d99180fde5aa585c8ad358a6fe5f74c06bf0fe3dc4d4d82c34cfdccced
f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492
f61e17d652c3b2f9c2342bee503f20d66c32db6c92f0d2fe8bc24c6bcc07b13e
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fbda618f28d6145a563271f87e191a7717b1824208c49744b6b08c601242f9e1

www.picussecurity.com Open in urlscan Pro 2606:2c40::c73c:67e3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

98 %HTTPS

62 %IPv6

26 Domains

37 Subdomains

35 IPs

4 Countries

3098 kBTransfer

6455 kBSize

23 Cookies

17 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.picussecurity.com Open in urlscan Pro
2606:2c40::c73c:67e3 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

37
Subdomains

35
IPs

4
Countries

3098 kB
Transfer

6455 kB
Size

23
Cookies

103 HTTP transactions
3 data transactions