www.care.biz Open in urlscan Pro
202.73.54.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bc01.care.net.sg/lt.php?tid=eE5UBl5dDQJXVx1UCwgCTg0HCVIeXQBRDRhRB1oLVQABBARUVQpIA1UACFAKBgJOAVcJVh5RDwdfGA8ADw0cB...
Effective URL:
https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KN...
Submission: On March 03 via api (March 3rd 2021, 11:04:11 am UTC) from SG

Summary HTTP 88 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 88 HTTP transactions. The main IP is 202.73.54.248, located in Singapore, Singapore and belongs to VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG. The main domain is www.care.biz.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 12th 2019. Valid for: 2 years.

This is the only time www.care.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	202.55.81.249 202.55.81.249	18106 (VIEWQWEST...) (VIEWQWEST-SG-AP Viewqwest Pte Ltd)
21	202.73.54.248 202.73.54.248	18106 (VIEWQWEST...) (VIEWQWEST-SG-AP Viewqwest Pte Ltd)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
12	158.140.133.77 158.140.133.77	56300 (MYREPUBLI...) (MYREPUBLIC-SG MyRepublic Ltd.)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
88	16

1 202.55.81.249 (Singapore) 1 redirects

ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG)
PTR: edm.care.net.sg

bc01.care.net.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 202.73.54.248 (Singapore, Singapore)

ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG)
PTR: mx10.care-sg.com

www.care.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 158.140.133.77 (Singapore, Singapore)

ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG)
PTR: helpdesk.care.biz

livesupport.care.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

khms0.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

advancetheme.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	care.biz www.care.biz livesupport.care.biz	712 KB
19	google.com www.google.com	214 KB
19	googleapis.com fonts.googleapis.com maps.googleapis.com khms0.googleapis.com	243 KB
10	gstatic.com fonts.gstatic.com maps.gstatic.com	137 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	disqus.com advancetheme.disqus.com	2 KB
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	70 B
1	cloudflare.com cdnjs.cloudflare.com	27 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	care.net.sg 1 redirects bc01.care.net.sg	526 B
88	11

	Domain	Requested by
21	www.care.biz	www.care.biz
19	www.google.com	www.care.biz maps.googleapis.com
13	maps.googleapis.com	www.google.com maps.googleapis.com
12	livesupport.care.biz	www.care.biz livesupport.care.biz
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	www.care.biz maps.googleapis.com
4	maps.gstatic.com	www.google.com www.care.biz
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	advancetheme.disqus.com	www.care.biz
1	khms0.googleapis.com	www.care.biz
1	www.google.de	www.care.biz
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	www.care.biz
1	www.googletagmanager.com	www.care.biz
1	bc01.care.net.sg	1 redirects
88	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.care.biz DigiCert SHA2 Secure Server CA	`2019-04-12` - `2021-06-03`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Frame ID: 00AC12522F3B1F80E00C5E494E022262
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
Frame ID: 6DD7A80B29625DC82B933231B1AE9717
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bc01.care.net.sg/lt.php?tid=eE5UBl5dDQJXVx1UCwgCTg0HCVIeXQBRDRhRB1oLVQABBARUVQpIA1UACFAKBgJOA... HTTP 303
https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

88
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

1392 kB
Transfer

2906 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ComputerAnalystsRecoveryExperts

Search URL Search Domain Scan URL

URL: https://twitter.com/CARE_2007

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ITExpertsSG/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/computer-analysts-and-recovery-experts-pte-ltd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bc01.care.net.sg/lt.php?tid=eE5UBl5dDQJXVx1UCwgCTg0HCVIeXQBRDRhRB1oLVQABBARUVQpIA1UACFAKBgJOAVcJVh5RDwdfGA8ADw0cBVFRVVNfDA1TVlBTTV0HBQYOUAgPHlFTVAoYAwVaCRwKBwsCHVIMUlRVVVYJCFRTVA HTTP 303
https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set contact Show response
www.care.biz/
Redirect Chain

http://bc01.care.net.sg/lt.php?tid=eE5UBl5dDQJXVx1UCwgCTg0HCVIeXQBRDRhRB1oLVQABBARUVQpIA1UACFAKBgJOAVcJVh5RDwdfGA8ADw0cBVFRVVNfDA1TVlBTTV0HBQYOUAgPHlFTVAoYAwVaCRwKBwsCHVIMUlRVVVYJCFRTVA
https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

26 KB
7 KB

681ms
239ms

Document
text/html

202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: b6eb47d9255456afa3f8299d37add925a6b7fcae79e042a93a71abe2ce8270fa

Request headers

Host: www.care.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:48 GMT
Server: Apache
Set-Cookie: PHPSESSID=2v4sf86afde39tkbr3uo7s1ie2; expires=Wed, 10-Mar-2021 11:03:48 GMT; Max-Age=604800; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 03 Mar 2021 11:03:47 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: PHPSESSID=b6mnabjr3v9tv24ng765a6t2qn; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK styles_3c06a7f59a.min.css
www.care.biz/assets/components/minifyx/cache/ 356 KB
53 KB 215ms
213ms Stylesheet
text/css 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: d11683973fae20b3c415e1a84898558b70013251e6521e8f6d9dc5c8e56eb1b8

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Sep 2020 17:09:45 GMT
Server: Apache
ETag: "58e96-5af34fc141a2d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 53942

GET
H/1.1 200
OK dynamic-css.css
www.care.biz/ 21 KB
4 KB 614ms
215ms Stylesheet
text/css 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/dynamic-css.css
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: efdcd08647c0d32d21b60a5ae3c444d06bde06cd1a27bb9e322cba63724657de

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Mar 2021 11:03:49 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
775 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:54:27 GMT
server: ESF
date: Wed, 03 Mar 2021 11:03:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 11:03:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
667 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,500,700

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f5967b1fd70e1f398587fc6b4851bd3108ec73ff6ba935039f8c365492ae62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 11:03:48 GMT
server: ESF
date: Wed, 03 Mar 2021 11:03:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 11:03:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
939 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700,300italic,400italic,700italic

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbf2eb84a14814a2b4cf0ddbabf2b033616f3f20ac8672bed14b93031bafe2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 11:03:15 GMT
server: ESF
date: Wed, 03 Mar 2021 11:03:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 11:03:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Roboto:300,400,400i,500,500i,700,900

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

945875f23cb12f20afd44a275e957bdd98d0f413c33617897e1658081d3ba49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 11:03:48 GMT
server: ESF
date: Wed, 03 Mar 2021 11:03:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 11:03:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5980948-2

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f165dc8cec53302ad505fa150924389db1b283f69178ba5d2bd07c5dc00994b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39426
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 11:03:49 GMT

GET
H2 200 button.ashx Show response
livesupport.care.biz/ 13 KB
5 KB 237ms
236ms Script
text/script 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/button.ashx?deptid=0
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 14ac2a58f1f7019ab5b02fd9c339a8fff69a0218a3f1b3644ffd5831afc02794

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/script; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 4771

GET
H/1.1 200
OK care-header-logo.png
www.care.biz/assets/templates/advance/img/ 15 KB
15 KB 950ms
194ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/care-header-logo.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: bc081f548c557ff07b896bd2d171671ee32dbb34ed7bc10b49c643aade5d0fb3

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Sat, 25 Feb 2017 11:38:43 GMT
Server: Apache
ETag: "3c1c-5495949e13996"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 15388

GET
H/1.1 200
OK phone-ringing-icon.png
www.care.biz/assets/templates/advance/img/ 3 KB
3 KB 543ms
198ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/phone-ringing-icon.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 7d66b06f3b6c15341ee288a3a939ca1b3f4422015ef3329c04939dc97ccb3fbb

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:40:06 GMT
Server: Apache
ETag: "a26-549594ed02a15"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2598

GET
H/1.1 200
OK care-footer-logo.png
www.care.biz/assets/templates/advance/img/ 6 KB
6 KB 192ms
191ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/care-footer-logo.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: e369654514e7e2a12abe2765ac8e050cc081c5f5fb5f8b283eaeb7fe4fde4d12

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Sat, 25 Feb 2017 11:38:43 GMT
Server: Apache
ETag: "173c-5495949dc8676"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5948

GET
H/1.1 200
OK 5-useful-computer-hacks-2021.4dd805600b458980ce508434393687b1.jpg
www.care.biz/assets/components/phpthumbof/cache/ 10 KB
10 KB 199ms
198ms Image
image/jpeg 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/components/phpthumbof/cache/5-useful-computer-hacks-2021.4dd805600b458980ce508434393687b1.jpg
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: af1f237df8f435974b1d553271808291ea597499437864b74f1ec8cf647b6d86

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Fri, 19 Feb 2021 02:22:44 GMT
Server: Apache
ETag: "2708-5bba72097691d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9992

GET
H/1.1 200
OK what-are-the-types-of-it-security-out-there.4dd805600b458980ce508434393687b1.jpg
www.care.biz/assets/components/phpthumbof/cache/ 9 KB
10 KB 198ms
198ms Image
image/jpeg 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/components/phpthumbof/cache/what-are-the-types-of-it-security-out-there.4dd805600b458980ce508434393687b1.jpg
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 8656ca419df91af577148827927a70412fc525b55351c8d3871d25b971611bdb

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Thu, 11 Feb 2021 10:02:46 GMT
Server: Apache
ETag: "25fc-5bb0c9f1b9657"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9724

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 13ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1306512
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27198
cf-request-id: 08995b328600004e07251a4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c%2F0gGjfojz5k6tIBn059I%2FaxkRmJko6C1R3hD%2FgbwLt44SXBkK39JaMoJdfVocMQhxO3bYqxiWwr5KbHhcy%2FWY9I%2BhJs%2FEG8ccvyjH7qwl8UW5pYLrwo73s5TIR6JgMRZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a261640cfe4e07-FRA
expires: Mon, 21 Feb 2022 11:03:49 GMT

GET
H/1.1 200
OK scripts_3a4c5ee4f4.min.js Show response
www.care.biz/assets/components/minifyx/cache/ 411 KB
110 KB 212ms
212ms Script
application/javascript 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/components/minifyx/cache/scripts_3a4c5ee4f4.min.js
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 498dda883cf752f4885da0510f72c3621ef31342651b8b93a8fa51c0668a13f8

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2020 11:46:20 GMT
Server: Apache
ETag: "66a66-5a4f9500b846c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK init-scripts.js Show response
www.care.biz/assets/templates/advance/js/ 8 KB
3 KB 195ms
195ms Script
application/javascript 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/templates/advance/js/init-scripts.js
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 6047386ebebf478d0ecd9ce44ef4404305de1f53d99d1a657b2c1fec58d5671f

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Feb 2017 11:41:00 GMT
Server: Apache
ETag: "211c-5495951febd54-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2900

GET
H/1.1 200
OK jquery.matchHeight.js Show response
www.care.biz/assets/templates/advance/js/ 12 KB
3 KB 797ms
199ms Script
application/javascript 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/templates/advance/js/jquery.matchHeight.js
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 456026b895217b89884d71cbbf0985451b223eac897fb78c8f74a8784c26c7d4

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Feb 2017 11:41:00 GMT
Server: Apache
ETag: "2e11-54959520489b4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3047

GET
H/1.1 200
OK dynamic.js Show response
www.care.biz/assets/templates/advance/js/ 2 KB
1 KB 798ms
198ms Script
application/javascript 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/templates/advance/js/dynamic.js
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: cb86e6823288d95d5c1639e8d5e586b35cd4c5e42ff4633903351a0e52953348

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Feb 2017 11:40:59 GMT
Server: Apache
ETag: "9bf-5495951f74b14-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1034

GET
H/1.1 200
OK custom.js Show response
www.care.biz/assets/templates/advance/js/ 7 KB
3 KB 940ms
201ms Script
application/javascript 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/templates/advance/js/custom.js
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 26d2b857cba9ea00760ff5109c6e5cd29f9802a70391bbdf0ae775a398d5ba61

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 07:12:10 GMT
Server: Apache
ETag: "1ccd-588e7de341d6d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2276

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 232ms
232ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:48 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

GET
H2 200 embed Show response
www.google.com/maps/ Frame 6DD7 4 KB
2 KB 188ms
187ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

47640065be2b3b2c2fe978ef3c9d05af69f488696a4fe5f657bdfadc7cd137da

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-35aoVzviwVB8BWmUfDI7kw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 03 Mar 2021 11:03:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-35aoVzviwVB8BWmUfDI7kw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1399
x-xss-protection: 0
server-timing: gfet4t7; dur=173
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK page-title-bg.jpg
www.care.biz/assets/templates/advance/img/ 119 KB
119 KB 547ms
200ms Image
image/jpeg 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/page-title-bg.jpg
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 2abc7c03cbeb49747917631e8bc8677e5a2982b740b6be072f36884289edeeec

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:40:09 GMT
Server: Apache
ETag: "1db45-549594ef2c575"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121669

GET
H/1.1 200
OK icon-location.png
www.care.biz/assets/templates/advance/img/ 2 KB
3 KB 682ms
200ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/icon-location.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 3f6c50de565920f1052645b646f7338221f9c9561d23863f44f27f405c9c5a13

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:39:42 GMT
Server: Apache
ETag: "918-549594d5958f5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2328

GET
H/1.1 200
OK icon-phone.png
www.care.biz/assets/templates/advance/img/ 2 KB
3 KB 699ms
194ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/icon-phone.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 8032db4df59489cd308b819496eb3a6d24cb62c60010ce3cd8cc5c9b18dedc41

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Sat, 25 Feb 2017 11:39:42 GMT
Server: Apache
ETag: "97b-549594d5bba55"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2427

GET
H/1.1 200
OK icon-fax.png
www.care.biz/assets/templates/advance/img/ 2 KB
2 KB 541ms
198ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/icon-fax.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: fc4425d4769243c2cfa631ff0ab48ee6c9b0d5d973a4e590747c46d68c52f454

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:39:42 GMT
Server: Apache
ETag: "6ea-549594d56f795"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1770

GET
H/1.1 200
OK icon-clock.png
www.care.biz/assets/templates/advance/img/ 2 KB
2 KB 523ms
192ms Image
image/png 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/icon-clock.png
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 5e694279b3e9799c9047c88f64522fa8b0025796d97950dc1443b2fb5a670d34

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:39:41 GMT
Server: Apache
ETag: "811-549594d54a5d5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2065

GET
H/1.1 200
OK care-footer-bg.jpg
www.care.biz/assets/templates/advance/img/ 241 KB
241 KB 200ms
200ms Image
image/jpeg 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/care-footer-bg.jpg
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 2f787c32a44e2765b83e855cf7ce17485ba1d61fee8cb4fd7f8767b25997b530

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Sat, 25 Feb 2017 11:38:47 GMT
Server: Apache
ETag: "3c492-549594a1cac56"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 246930

GET
H/1.1 200
OK fontawesome-webfont.woff
www.care.biz/assets/templates/advance/fonts/ 82 KB
82 KB 372ms
195ms Font
application/font-woff 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.care.biz/assets/templates/advance/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Origin: https://www.care.biz
Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:49 GMT
Last-Modified: Sat, 25 Feb 2017 11:36:51 GMT
Server: Apache
ETag: "14730-5495943330518"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 83760

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.care.biz
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:43:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 8429
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 03 Mar 2022 08:43:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.care.biz
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 455890
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Roboto:300,400,400i,500,500i,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.care.biz
Referer: https://fonts.googleapis.com/css?family=Montserrat|Roboto:300,400,400i,500,500i,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 450675
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.care.biz
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 524737
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:12 GMT

GET
H/1.1 200
OK cd-top-arrow.svg
www.care.biz/assets/templates/advance/img/ 555 B
827 B 694ms
192ms Image
image/svg+xml 202.73.54.248
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.care.biz/assets/templates/advance/img/cd-top-arrow.svg
Requested by: Host: www.care.biz
URL: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.73.54.248 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),
Reverse DNS: mx10.care-sg.com
Software: Apache /
Resource Hash: d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da

Request headers

Referer: https://www.care.biz/assets/components/minifyx/cache/styles_3c06a7f59a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Last-Modified: Sat, 25 Feb 2017 11:38:44 GMT
Server: Apache
ETag: "22b-5495949ee9776"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 555

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5980948-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4592
date: Wed, 03 Mar 2021 09:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 11:47:17 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
386 B 46ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1400263759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.care.biz%2Fcontact%3Futm_source%3DInfo_Jan_02%26utm_medium%3Demail%26utm_campaign%3DEMOTET%2BMALWARE%2BATTACK%253A%2BWHAT%2BTO%2BKNOW%26utm_content%3DHTML&ul=en-us&de=UTF-8&dt=Contact%20Us%20%7C%20IT%20Support%20%26%20Solutions%20-%20CARE%20Singapore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1864665608&gjid=1066992647&cid=1120621597.1614769430&tid=UA-5980948-2&_gid=914138439.1614769430&_r=1&gtm=2ou2h0&z=1569067751

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.care.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 6DD7 130 KB
42 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c3d8a8edc625a705c4754b9a7f60d08bfe015d1ffb6093fdb73966ce7649c3d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:49 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=13
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43201
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:33:49 GMT

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/44/2/ Frame 6DD7 231 KB
64 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/44/2/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75cc661d16aa7d7ca2c58206c7222b981dab13dc7c425118dd4244d62e71b2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:17 GMT
server: sffe
age: 145353
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65307
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:41:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-5980948-2&cid=1120621597.1614769430&jid=1864665608&gjid=1066992647&_gid=914138439.1614769430&_u=IEBAAUAAAAAAAC~&z=1312014909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Mar 2021 11:03:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.care.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 44ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-5980948-2&cid=1120621597.1614769430&jid=1864665608&_u=IEBAAUAAAAAAAC~&z=736057781

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-5980948-2&cid=1120621597.1614769430&jid=1864665608&_u=IEBAAUAAAAAAAC~&z=736057781

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 76 KB
28 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0230797e54d0649c0e667ad5c761091c7b5d06eb05ed9b62b96a6e2fe37d926a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 03:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 28600
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28484
x-xss-protection: 0
expires: Thu, 03 Mar 2022 03:07:09 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 145 KB
54 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42032ffebf225507d2ae40244e8ec83c543494e18f1196fb86773caab99c24e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 14626
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55198
x-xss-protection: 0
expires: Thu, 03 Mar 2022 07:00:03 GMT

GET
H3-Q050 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 53 KB
20 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad643af4b235b858a4fca96a23d53a9b27929123164d19d5e8804a717703c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 243426
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20390
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:26:43 GMT

GET
H3-Q050 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 4 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755c72451ab1358cf15089da5bbbeb4b761fea1e5c28df967db00c9d1e99e341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 244494
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:08:55 GMT

GET
H3-Q050 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame 6DD7 2 KB
2 KB 41ms
27ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:03:49 GMT

GET
H3-Q050 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 24 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551e4c61eb9e78fc57aef7f4938938459fd83fa0ac26711682158f757f7a64f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 243194
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9235
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:35 GMT

GET
H3-Q050 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a57b0c94cbe5e75b2996c72492226a10216fd023acdc4d0ba079bb30a2b92ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 194846
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
expires: Tue, 01 Mar 2022 04:56:23 GMT

GET
H3-Q050 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 6DD7 326 B
361 B 14ms
13ms Image
image/bmp 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:03:49 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame 6DD7 16 KB
17 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=894&hl=en-US&x=6460&y=4065&z=13

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

b20bff368216158fe79c27cae78e81b0a8dac6afb8ac80558451d74e0990356f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 02:02:08 GMT
x-content-type-options: nosniff
age: 32501
server-timing: gfet4t7; dur=0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16511
x-xss-protection: 0
last-modified: Fri, 01 Jan 2010 01:00:00 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
expires: Thu, 04 Mar 2021 02:02:08 GMT

GET
H3-Q050 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 6DD7 37 KB
5 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d1.3137152179472698&2d103.88818755851986&2m2&1d1.3403155914001537&2d103.9482529179296&2u16&4sen-US&5e0&6sm%40544000000&7b0&8e0&11e289&12e2&callback=_xdc_._31ta20&client=google-maps-embed&token=41971

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

d48d21afc75aaa8506d89c7850850bec3262da2cbd3b34946ca86603a83e24fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:49 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=40
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 6DD7 7 KB
2 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d1.317319140029535&2d103.90778606805243&2m2&1d1.3375354238616712&2d103.92800235188457&2u13&4sen-US&5e2&7b0&8e0&11e289&12e2&callback=_xdc_._7o1xqt&client=google-maps-embed&token=123529

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

270de39a6169c7466a3c699e4b73648f26bdbb742ab197abb019682960bd70cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:49 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 14 KB
14 KB 140ms
135ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51685!3i32526!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=66165

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

f6a316afd695d5d2cb415055a7c8dd718cd8f9ecebd98a19970600c6ce4975ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0c0a37cbb887918d0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=129
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14261
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 14 KB
15 KB 151ms
146ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51684!3i32526!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=129229

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

9f66591836499a64bf8d49f9533f527549e665411c36a081b8059a3ae262b8ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0b28e36cddfc4de1e
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14823
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 12 KB
12 KB 140ms
136ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51684!3i32525!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=52993

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

d9485275e8e3d56e09a558163acf5085fc5e363b5837eb7404f9d0ff96c6a1d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0b61a111285c40802
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=130
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12511
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 14 KB
14 KB 149ms
145ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51685!3i32525!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=121000

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

47f22fe3c75367640efe8c3b533d4bb6a5a6c91d5f912e145992b56c300862dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0eac3c3021889377e
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=135
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 11 KB
12 KB 134ms
130ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51686!3i32525!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=57936

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

ab27ece419eaa3852baefae2851bd7a529430049e185533d969f45619b7db88c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0e973afb8adc7c4de
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=124
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11602
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 11 KB
11 KB 148ms
145ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51686!3i32526!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=3101

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

4cefb7a88b5615090847907f56a8d45ab343886831c1df3fe795ef77e0342ec0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0b7caf8e8bd4afcb5
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=135
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11436
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 16 KB
16 KB 150ms
147ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51686!3i32527!4i256!2m3!1e0!2sm!3i544269822!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=98357

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

077ebf1273483e7538f104996e54ec80fe9f6e99c995f848bfdaffc990103226

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 013d20f38d269dff2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15977
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 17 KB
17 KB 156ms
153ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51685!3i32527!4i256!2m3!1e0!2sm!3i544269846!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=17670

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

a64194126660065b2e8dbad337326fdd30d9b9d565b5bc3a1ab2cd2db07e8482

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0dea5f937b6b41af4
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=141
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17014
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 17 KB
17 KB 156ms
154ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51684!3i32527!4i256!2m3!1e0!2sm!3i544269846!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=80734

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

9b08531146ac01dccefc2d6209de8adf2f43b2bd737d50075719f8efaf45b98a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0b658ef6e318338b6
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=146
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17792
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 14 KB
14 KB 160ms
157ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51683!3i32527!4i256!2m3!1e0!2sm!3i544269858!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=6387

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

f676cfe6eee9dbb51bafd54a315879e049f24191ae39449dcaee03432c71670c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 03b288a40691eff2f
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=150
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14091
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 14 KB
14 KB 148ms
145ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51683!3i32526!4i256!2m3!1e0!2sm!3i544269846!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=67562

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

941b8bb4e4d4916a4793f59b7025ea64ada0b9c6fa0d1f9067f28a8f10c567e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0a2374447e6d05954
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=136
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14556
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 11 KB
12 KB 158ms
155ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51683!3i32525!4i256!2m3!1e0!2sm!3i544269822!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=4006

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

6133a2749d81ddb111a3fbf4889c06e6f0a3f7c820cf9e2b285640153319d1bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0fafd15d6494c6b0a
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=148
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11770
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 13 KB
13 KB 142ms
139ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51687!3i32525!4i256!2m3!1e0!2sm!3i544269822!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=13892

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

093f8814e78bc580106789fc4cb11117c7e22f986919ec5e2a1002897022320a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0b625c418fd643e51
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=132
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 15 KB
15 KB 138ms
136ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51687!3i32526!4i256!2m3!1e0!2sm!3i544269822!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=90128

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

98c69e6288ad2d42a0c656a46e6ffd699ed8cde4eb8599f4f48b20818dff8f6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0ba297c65a2d98c27
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=128
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15391
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt
www.google.com/maps/ Frame 6DD7 10 KB
11 KB 149ms
147ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i16!2i51687!3i32527!4i256!2m3!1e0!2sm!3i544269822!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0&client=google-maps-embed&token=35293

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

01e27b86bb5cc2a31188fa42b5a0499b9e61cc0c4fcf9b26becf9b276c6a8875

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0d3b32051f4f72745
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
server-timing: gfet4t7; dur=138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10728
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:08:50 GMT

GET
H3-Q050 200 vt Show response
www.google.com/maps/ Frame 6DD7 24 KB
5 KB 143ms
142ms XHR
application/json 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i16!2i51683!3i32525!1m4!1m3!1i16!2i51683!3i32526!1m4!1m3!1i16!2i51683!3i32527!1m4!1m3!1i16!2i51684!3i32525!1m4!1m3!1i16!2i51685!3i32525!1m4!1m3!1i16!2i51684!3i32526!1m4!1m3!1i16!2i51684!3i32527!1m4!1m3!1i16!2i51685!3i32526!1m4!1m3!1i16!2i51685!3i32527!1m4!1m3!1i16!2i51686!3i32525!1m4!1m3!1i16!2i51687!3i32525!1m4!1m3!1i16!2i51686!3i32526!2m3!1e0!2sm!3i544269930!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&client=google-maps-embed&token=99223

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

4059664e2e6574c8fff4e749a91ea75654fdc5d1d35066357ba78af044618059

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=137
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4806
x-xss-protection: 0
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 053b32a38c97dd052
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 03 Mar 2021 11:03:50 GMT

GET
H3-Q050 200 vt Show response
www.google.com/maps/ Frame 6DD7 7 KB
2 KB 87ms
86ms XHR
application/json 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i16!2i51686!3i32527!1m4!1m3!1i16!2i51687!3i32526!1m4!1m3!1i16!2i51687!3i32527!2m3!1e0!2sm!3i544269930!2m40!1e2!2sspotlight!5i1!8m36!1m2!12m1!20e1!2m6!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!4m2!3d1.3273724!4d103.918079!5e0!11e11!13m14!2sa!14b1!18m7!5b0!6b0!9b1!12b1!16b0!20b1!21b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!25m2!3e2!4e2!3m12!2sen-US!3sMY!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1&client=google-maps-embed&token=105617

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

5a3660abe127721e139d4a15050c318dff6510da693a1104ddf5a9e0d51b1d07

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
server-timing: gfet4t7; dur=81
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1753
x-xss-protection: 0
x-server-version-bin: CggIBBDVzfWBBg==
server: paintfe
etag: 0dcde4a21328b1a7c
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Wed, 03 Mar 2021 11:03:50 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 6DD7 62 B
125 B 19ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Fpb%3D!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%253A0x1c4521c63dcf2e3d!2sComputer%2BAnalysts%2Band%2BRecovery%2BExperts%2BPte%2BLtd!5e0!3m2!1sen!2smy!4v1478834717326&2sgoogle-maps-embed&callback=_xdc_._vvbesp&client=google-maps-embed&token=96574

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9cc5bb7a20e1a9c176342cddbdbe4cb7e2b3ab73ba1e7a97a73cf67d93e199a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 6DD7 62 B
86 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Fpb%3D!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%253A0x1c4521c63dcf2e3d!2sComputer%2BAnalysts%2Band%2BRecovery%2BExperts%2BPte%2BLtd!5e0!3m2!1sen!2smy!4v1478834717326&2sgoogle-maps-embed&7stc0yfm&10e1&callback=_xdc_._hmc1xl&client=google-maps-embed&token=106106

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

37214fb09a5547ec81339521f9f956c6ec81dc112442d3213ecd2f2eceb47b88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK count.js Show response
advancetheme.disqus.com/ 1 KB
2 KB 47ms
46ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://advancetheme.disqus.com/count.js

Requested by

Host: www.care.biz
URL: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 11:03:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 274040
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 25 Feb 2021 23:44:33 GMT
Server: nginx
ETag: "60383661-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: zwfu96JwTN8Rt049DGG27JII_oz_oiuKOoMJ8zLIuXodUdPenSjWwg==

GET
H3-Q050 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ Frame 6DD7 214 KB
58 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&region=my&callback=onApiLoad

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ff20cb4f90a841573aef52d242ddb9865be992bf4883774ec2338ecb10b2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 175642
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58804
x-xss-protection: 0
expires: Tue, 01 Mar 2022 10:16:28 GMT

GET
H3-Q050 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 6DD7 62 B
86 B 18ms
17ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Fpb%3D!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%253A0x1c4521c63dcf2e3d!2sComputer%2BAnalysts%2Band%2BRecovery%2BExperts%2BPte%2BLtd!5e0!3m2!1sen!2smy!4v1478834717326&2sgoogle-maps-embed&7stc0ylm&10e1&callback=_xdc_._5m7t32&client=google-maps-embed&token=80555

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1d423fdd5dd4b7ff48d66fa2561446541542922791199961fae1a5d013a2ef01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 11:03:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6DD7 13 KB
1 KB 40ms
21ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5fecd53987d942d4a84aa8a59fe11bdef4985402cf286f7c80e43ac48e621c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 10:37:52 GMT
server: ESF
date: Wed, 03 Mar 2021 11:03:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 11:03:50 GMT

GET
H3-Q050 200 entity11.png
maps.gstatic.com/mapfiles/embed/images/ Frame 6DD7 5 KB
5 KB 14ms
14ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/entity11.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea80d10d991b201e42309c3fc535f9abe17f5f37e4128a69e41e05b233dfb223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3988.7476703705233!2d103.91589031446763!3d1.3273777620177005!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31da196d4acfec5f%3A0x1c4521c63dcf2e3d!2sComputer+Analysts+and+Recovery+Experts+Pte+Ltd!5e0!3m2!1sen!2smy!4v1478834717326
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4765
x-xss-protection: 0
expires: Wed, 03 Mar 2021 11:03:50 GMT

GET
DATA 200
OK truncated
/ Frame 6DD7 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773ae0c19293a48dcfd33f81394339f35a6ac09e589aa305510d382b2f3f9deb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6410956699af026677de0f3b643d8191768046fcd7da54a5b101f3dd21db4da6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bb99306bcfd8641b283c5c41e761730b46b9304ff80c0919c7da0c03e493da3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1da17fe1238254c32c1ed7c669e8d8817f5e4ade1ef82c5dfaafc18684c053a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 132 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773827bd6ed809a5a563325339040ff9867438a200d4cfcff5e3e32134d20eae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 132 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfed6c288fad15a227d08b7bb678e951f31ff419338547366eb4860cafe86ba9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DD7 132 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb73af558883a1f15ebc6da688c07e26581bd91b97e178125a558aae1f95f8d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6DD7 11 KB
11 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 455891
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6DD7 11 KB
11 KB 30ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 450676
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:34 GMT

POST
H2 200 AjxHandler.ashx Show response
livesupport.care.biz/ 171 B
321 B 229ms
229ms XHR
text/plain 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/AjxHandler.ashx?methodName=dotnetLIVEHELP.Checker.CheckForChatAbility
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 11:03:52 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 260

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 232ms
232ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:52 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

POST
H2 200 AjxHandler.ashx Show response
livesupport.care.biz/ 171 B
321 B 230ms
229ms XHR
text/plain 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/AjxHandler.ashx?methodName=dotnetLIVEHELP.Checker.CheckForChatAbility
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 11:03:55 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 260

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 233ms
232ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:55 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

POST
H2 200 AjxHandler.ashx Show response
livesupport.care.biz/ 171 B
321 B 230ms
229ms XHR
text/plain 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/AjxHandler.ashx?methodName=dotnetLIVEHELP.Checker.CheckForChatAbility
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 11:03:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 260

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 232ms
232ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:03:58 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

POST
H2 200 AjxHandler.ashx Show response
livesupport.care.biz/ 171 B
321 B 230ms
229ms XHR
text/plain 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/AjxHandler.ashx?methodName=dotnetLIVEHELP.Checker.CheckForChatAbility
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 11:04:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 260

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 232ms
232ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:04:02 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

POST
H2 200 AjxHandler.ashx Show response
livesupport.care.biz/ 171 B
321 B 232ms
231ms XHR
text/plain 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to

Full URL: https://livesupport.care.biz/AjxHandler.ashx?methodName=dotnetLIVEHELP.Checker.CheckForChatAbility
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 11:04:05 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 260

GET
H2 200 i_id_3_offline.jpg
livesupport.care.biz/UploadedFiles/ 4 KB
4 KB 231ms
231ms Image
image/jpeg 158.140.133.77
MYREPUBLIC-SG MyR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://livesupport.care.biz/UploadedFiles/i_id_3_offline.jpg
Requested by: Host: livesupport.care.biz
URL: https://livesupport.care.biz/button.ashx?deptid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.140.133.77 Singapore, Singapore, ASN56300 (MYREPUBLIC-SG MyRepublic Ltd., SG),
Reverse DNS: helpdesk.care.biz
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146

Request headers

Referer: https://www.care.biz/contact?utm_source=Info_Jan_02&utm_medium=email&utm_campaign=EMOTET+MALWARE+ATTACK%3A+WHAT+TO+KNOW&utm_content=HTML
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 11:04:05 GMT
last-modified: Thu, 17 Nov 2016 09:21:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b6030fbb340d21:0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4016

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.care.biz/	1970-01-19 16:32:49	Name: _gat_gtag_UA_5980948_2 Value: 1
.care.biz/	1970-01-19 16:34:15	Name: _gid Value: GA1.2.914138439.1614769430
.care.biz/	1970-01-20 10:04:01	Name: _ga Value: GA1.2.1120621597.1614769430
www.care.biz/	1970-01-19 16:42:54	Name: PHPSESSID Value: 2v4sf86afde39tkbr3uo7s1ie2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advancetheme.disqus.com
bc01.care.net.sg
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
khms0.googleapis.com
livesupport.care.biz
maps.googleapis.com
maps.gstatic.com
stats.g.doubleclick.net
www.care.biz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
151.101.12.134
158.140.133.77
202.55.81.249
202.73.54.248
2606:4700::6810:125e
2a00:1450:4001:800::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c1b::9d
01e27b86bb5cc2a31188fa42b5a0499b9e61cc0c4fcf9b26becf9b276c6a8875
0230797e54d0649c0e667ad5c761091c7b5d06eb05ed9b62b96a6e2fe37d926a
077ebf1273483e7538f104996e54ec80fe9f6e99c995f848bfdaffc990103226
093f8814e78bc580106789fc4cb11117c7e22f986919ec5e2a1002897022320a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
14ac2a58f1f7019ab5b02fd9c339a8fff69a0218a3f1b3644ffd5831afc02794
1d423fdd5dd4b7ff48d66fa2561446541542922791199961fae1a5d013a2ef01
26d2b857cba9ea00760ff5109c6e5cd29f9802a70391bbdf0ae775a398d5ba61
270de39a6169c7466a3c699e4b73648f26bdbb742ab197abb019682960bd70cf
2abc7c03cbeb49747917631e8bc8677e5a2982b740b6be072f36884289edeeec
2f787c32a44e2765b83e855cf7ce17485ba1d61fee8cb4fd7f8767b25997b530
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
37214fb09a5547ec81339521f9f956c6ec81dc112442d3213ecd2f2eceb47b88
3bb99306bcfd8641b283c5c41e761730b46b9304ff80c0919c7da0c03e493da3
3f5967b1fd70e1f398587fc6b4851bd3108ec73ff6ba935039f8c365492ae62e
3f6c50de565920f1052645b646f7338221f9c9561d23863f44f27f405c9c5a13
4059664e2e6574c8fff4e749a91ea75654fdc5d1d35066357ba78af044618059
42032ffebf225507d2ae40244e8ec83c543494e18f1196fb86773caab99c24e7
456026b895217b89884d71cbbf0985451b223eac897fb78c8f74a8784c26c7d4
47640065be2b3b2c2fe978ef3c9d05af69f488696a4fe5f657bdfadc7cd137da
47f22fe3c75367640efe8c3b533d4bb6a5a6c91d5f912e145992b56c300862dd
498dda883cf752f4885da0510f72c3621ef31342651b8b93a8fa51c0668a13f8
4cefb7a88b5615090847907f56a8d45ab343886831c1df3fe795ef77e0342ec0
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
551e4c61eb9e78fc57aef7f4938938459fd83fa0ac26711682158f757f7a64f7
5a3660abe127721e139d4a15050c318dff6510da693a1104ddf5a9e0d51b1d07
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e694279b3e9799c9047c88f64522fa8b0025796d97950dc1443b2fb5a670d34
6047386ebebf478d0ecd9ce44ef4404305de1f53d99d1a657b2c1fec58d5671f
6133a2749d81ddb111a3fbf4889c06e6f0a3f7c820cf9e2b285640153319d1bd
6410956699af026677de0f3b643d8191768046fcd7da54a5b101f3dd21db4da6
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
755c72451ab1358cf15089da5bbbeb4b761fea1e5c28df967db00c9d1e99e341
75cc661d16aa7d7ca2c58206c7222b981dab13dc7c425118dd4244d62e71b2f1
773827bd6ed809a5a563325339040ff9867438a200d4cfcff5e3e32134d20eae
773ae0c19293a48dcfd33f81394339f35a6ac09e589aa305510d382b2f3f9deb
7a57b0c94cbe5e75b2996c72492226a10216fd023acdc4d0ba079bb30a2b92ef
7d66b06f3b6c15341ee288a3a939ca1b3f4422015ef3329c04939dc97ccb3fbb
8032db4df59489cd308b819496eb3a6d24cb62c60010ce3cd8cc5c9b18dedc41
8042a7178a3a4d16b167033f2def5721bfbaf4b6e62806c873527fa13b9b60dd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8656ca419df91af577148827927a70412fc525b55351c8d3871d25b971611bdb
8f165dc8cec53302ad505fa150924389db1b283f69178ba5d2bd07c5dc00994b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
941b8bb4e4d4916a4793f59b7025ea64ada0b9c6fa0d1f9067f28a8f10c567e5
945875f23cb12f20afd44a275e957bdd98d0f413c33617897e1658081d3ba49e
98c69e6288ad2d42a0c656a46e6ffd699ed8cde4eb8599f4f48b20818dff8f6c
9b08531146ac01dccefc2d6209de8adf2f43b2bd737d50075719f8efaf45b98a
9cc5bb7a20e1a9c176342cddbdbe4cb7e2b3ab73ba1e7a97a73cf67d93e199a5
9f66591836499a64bf8d49f9533f527549e665411c36a081b8059a3ae262b8ca
a64194126660065b2e8dbad337326fdd30d9b9d565b5bc3a1ab2cd2db07e8482
ab27ece419eaa3852baefae2851bd7a529430049e185533d969f45619b7db88c
ad643af4b235b858a4fca96a23d53a9b27929123164d19d5e8804a717703c25a
af1f237df8f435974b1d553271808291ea597499437864b74f1ec8cf647b6d86
b1da17fe1238254c32c1ed7c669e8d8817f5e4ade1ef82c5dfaafc18684c053a
b20bff368216158fe79c27cae78e81b0a8dac6afb8ac80558451d74e0990356f
b6eb47d9255456afa3f8299d37add925a6b7fcae79e042a93a71abe2ce8270fa
bc081f548c557ff07b896bd2d171671ee32dbb34ed7bc10b49c643aade5d0fb3
c3d8a8edc625a705c4754b9a7f60d08bfe015d1ffb6093fdb73966ce7649c3d3
cb86e6823288d95d5c1639e8d5e586b35cd4c5e42ff4633903351a0e52953348
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d11683973fae20b3c415e1a84898558b70013251e6521e8f6d9dc5c8e56eb1b8
d48d21afc75aaa8506d89c7850850bec3262da2cbd3b34946ca86603a83e24fd
d7ff20cb4f90a841573aef52d242ddb9865be992bf4883774ec2338ecb10b2ae
d9485275e8e3d56e09a558163acf5085fc5e363b5837eb7404f9d0ff96c6a1d0
d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed6c288fad15a227d08b7bb678e951f31ff419338547366eb4860cafe86ba9
e369654514e7e2a12abe2765ac8e050cc081c5f5fb5f8b283eaeb7fe4fde4d12
e5fecd53987d942d4a84aa8a59fe11bdef4985402cf286f7c80e43ac48e621c4
ea80d10d991b201e42309c3fc535f9abe17f5f37e4128a69e41e05b233dfb223
eb73af558883a1f15ebc6da688c07e26581bd91b97e178125a558aae1f95f8d9
ece6d1a07f0c2efaaec4e50ca785305e34884ea0fd2c031f41fee1de53d4e146
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdcd08647c0d32d21b60a5ae3c444d06bde06cd1a27bb9e322cba63724657de
f676cfe6eee9dbb51bafd54a315879e049f24191ae39449dcaee03432c71670c
f6a316afd695d5d2cb415055a7c8dd718cd8f9ecebd98a19970600c6ce4975ed
fbf2eb84a14814a2b4cf0ddbabf2b033616f3f20ac8672bed14b93031bafe2f1
fc4425d4769243c2cfa631ff0ab48ee6c9b0d5d973a4e590747c46d68c52f454

www.care.biz Open in urlscan Pro 202.73.54.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

75 %IPv6

11 Domains

15 Subdomains

16 IPs

4 Countries

1392 kBTransfer

2906 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.care.biz Open in urlscan Pro
202.73.54.248 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

1392 kB
Transfer

2906 kB
Size

4
Cookies

88 HTTP transactions
7 data transactions