news.sophos.com
Open in
urlscan Pro
2a04:fa87:fffd::c000:42c8
Public Scan
Submission: On February 19 via api from US
Summary
TLS certificate: Issued by R3 on January 16th 2021. Valid for: 3 months.
This is the only time news.sophos.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-83-71.deploy.static.akamaitechnologies.com
www.sophos.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-237-138.deploy.static.akamaitechnologies.com
img03.en25.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-96.dus51.r.cloudfront.net
scripts.demandbase.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-228-151.compute-1.amazonaws.com
tags.srv.stackadapt.com |
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
metadata-static-files.sfo2.cdn.digitaloceanspaces.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-100-238.compute-1.amazonaws.com
q.quora.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-70-9.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-111.dus51.r.cloudfront.net
segments.company-target.com |
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
id.rlcdn.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
21 | news.sophos.com |
news.sophos.com
|
6 | www.sophos.com |
news.sophos.com
|
5 | tags.srv.stackadapt.com |
news.sophos.com
tags.srv.stackadapt.com |
3 | stats.g.doubleclick.net |
1 redirects
news.sophos.com
|
2 | segments.company-target.com |
1 redirects
news.sophos.com
|
2 | match.prod.bidr.io | 2 redirects |
2 | www.facebook.com |
news.sophos.com
|
2 | px.ads.linkedin.com |
1 redirects
news.sophos.com
|
2 | www.google.de |
news.sophos.com
|
2 | www.google.com |
1 redirects
news.sophos.com
|
2 | connect.facebook.net |
news.sophos.com
connect.facebook.net |
2 | bat.bing.com |
news.sophos.com
|
2 | www.googletagmanager.com |
news.sophos.com
www.googletagmanager.com |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | id.rlcdn.com |
news.sophos.com
|
1 | api.company-target.com |
scripts.demandbase.com
|
1 | q.quora.com |
news.sophos.com
|
1 | t.co |
news.sophos.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.linkedin.com | 1 redirects |
1 | metadata-static-files.sfo2.cdn.digitaloceanspaces.com |
news.sophos.com
|
1 | a.quora.com |
news.sophos.com
|
1 | static.ads-twitter.com |
news.sophos.com
|
1 | scripts.demandbase.com |
news.sophos.com
|
1 | snap.licdn.com |
news.sophos.com
|
1 | pixel.wp.com |
news.sophos.com
|
1 | img03.en25.com |
news.sophos.com
|
1 | stats.wp.com |
news.sophos.com
|
1 | secure.gravatar.com |
news.sophos.com
|
63 | 30 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sophos.com |
secure2.sophos.com |
twitter.com |
www.facebook.com |
www.linkedin.com |
github.com |
www.csoonline.com |
sandsprite.com |
www.instagram.com |
www.youtube.com |
wpvip.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
news.sophos.com R3 |
2021-01-16 - 2021-04-16 |
3 months | crt.sh |
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-14 - 2022-11-16 |
2 years | crt.sh |
www.sophos.com GlobalSign Extended Validation CA - SHA256 - G3 |
2020-11-18 - 2021-12-20 |
a year | crt.sh |
*.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.en25.com DigiCert SHA2 Secure Server CA |
2020-08-13 - 2021-11-12 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
tag.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2020-10-14 - 2021-11-15 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
quora.com R3 |
2021-02-07 - 2021-05-08 |
3 months | crt.sh |
*.srv.stackadapt.com Amazon |
2020-12-09 - 2022-01-07 |
a year | crt.sh |
*.sfo2.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA |
2020-03-11 - 2021-04-14 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2021-01-06 - 2021-07-05 |
6 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
t.co DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-12 - 2022-01-11 |
a year | crt.sh |
*.quora.com R3 |
2021-02-07 - 2021-05-08 |
3 months | crt.sh |
api.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2020-10-09 - 2021-10-28 |
a year | crt.sh |
*.company-target.com Go Daddy Secure Certificate Authority - G2 |
2019-06-19 - 2021-08-18 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-30 - 2021-11-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://news.sophos.com/en-us/2021/02/16/conti-ransomware-evasive-by-nature/
Frame ID: A5FC8D0A513A703A794294438A03533E
Requests: 72 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
40 Outgoing links
These are links going to different origins than the main page.
Title: Sophos News
Search URL Search Domain Scan URL
Title: Products
Search URL Search Domain Scan URL
Title: Solutions
Search URL Search Domain Scan URL
Title: Partners
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Company
Search URL Search Domain Scan URL
Title: Free TrialsAll product trials in one place.
Search URL Search Domain Scan URL
Title: Free ToolsTry our tools for use at home.
Search URL Search Domain Scan URL
Title: Get PricingThe right price every time.
Search URL Search Domain Scan URL
Title: Search
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Events
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Share on Twitter
Search URL Search Domain Scan URL
Title: Share on Facebook
Search URL Search Domain Scan URL
Title: Share on LinkedIn
Search URL Search Domain Scan URL
Title: trevor.profile, published on a public Github archive
Search URL Search Domain Scan URL
Title: found an insect in a milkshake
Search URL Search Domain Scan URL
Title: API-by-hash
Search URL Search Domain Scan URL
Title: posted to the SophosLabs Github
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Find a Partner
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Technical Papers
Search URL Search Domain Scan URL
Title: Whitepapers
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Information
Search URL Search Domain Scan URL
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
Title: WordPress.com VIP
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=122709159&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Conti%20ransomware%3A%20Evasive%20by%20nature%20%E2%80%93%20Sophos%20News&utmhid=1053139561&utmr=-&utmp=%2Fcorpblog%2Fen-us%2F2021%2F02%2F16%2Fconti-ransomware-evasive-by-nature%2F&utmht=1613741385577&utmac=UA-737537-1&utmcc=__utma%3D1.1676069777.1613741386.1613741386.1613741386.1%3B%2B__utmz%3D1.1613741386.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1781825150&utmredir=3&utmu=q1CAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1676069777.1613741386&jid=1781825150&_v=5.7.2dc&z=122709159 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1676069777.1613741386&jid=1781825150&_v=5.7.2dc&z=122709159&slf_rd=1&random=2750036359
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1613741385591&url=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2021%2F02%2F16%2Fconti-ransomware-evasive-by-nature%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D461060%26time%3D1613741385591%26url%3Dhttps%253A%252F%252Fnews.sophos.com%252Fen-us%252F2021%252F02%252F16%252Fconti-ransomware-evasive-by-nature%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1613741385591&url=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2021%2F02%2F16%2Fconti-ransomware-evasive-by-nature%2F&liSync=true
- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAHJwU7AX3sAABADdCgLNQ HTTP 303
- https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHJwU7AX3sAABADdCgLNQ&verifyHash=15a1c68aa90cb97d5424d2eca84bafec76a95ee2
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
news.sophos.com/en-us/2021/02/16/conti-ransomware-evasive-by-nature/ |
44 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
453 KB 198 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
98 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
216532880604c8cf0600f4bc964cf01d
secure.gravatar.com/avatar/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Anand.png
news.sophos.com/wp-content/uploads/2020/08/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
600 B 905 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
923 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rss-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
461 B 816 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
792 B 936 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
140 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202107.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
news.sophos.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.css
news.sophos.com/wp-content/themes/sophosnews-2017/ |
3 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
435 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
342 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
518 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
469 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
665 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
349 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-conti-ransomware-web-banner-1200x628px-option-2-1.png
news.sophos.com/wp-content/uploads/2021/02/ |
81 KB 81 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot-2021-02-10-at-10.58.02.png
news.sophos.com/wp-content/uploads/2021/02/ |
81 KB 82 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Account-creds2.jpg
news.sophos.com/wp-content/uploads/2021/01/ |
116 KB 116 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egregor.png
news.sophos.com/wp-content/uploads/2020/12/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Regular.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
24 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Light.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Medium.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Semibold.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-conti-ransomware-web-banner-1200x628px-option-2-1.png
news.sophos.com/wp-content/uploads/2021/02/ |
114 KB 114 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meterpreter_shellcode_crop.png
news.sophos.com/wp-content/uploads/2021/02/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trevor_top_s.png
news.sophos.com/wp-content/uploads/2021/02/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cobalt-config-32-vs-64.png
news.sophos.com/wp-content/uploads/2021/02/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conti-c2-URLs.png
news.sophos.com/wp-content/uploads/2021/02/ |
76 KB 76 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conti-spamming-445-tcp-smb-during-infection_s.png
news.sophos.com/wp-content/uploads/2021/02/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
elqCfg.min.js
img03.en25.com/i/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ |
50 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
98 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WuEFNglz.min.js
scripts.demandbase.com/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qevents.js
a.quora.com/ |
39 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
events.js
tags.srv.stackadapt.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lp.js
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ |
5 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
__utm.gif
stats.g.doubleclick.net/r/ |
35 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 57 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
334990480506518
connect.facebook.net/signals/config/ |
241 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 147 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
31 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
q.quora.com/_/ad/6bed874137d04358a290eecc797a0cd6/ |
43 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.json
api.company-target.com/api/v2/ |
436 B 938 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validateCookie
segments.company-target.com/ Redirect Chain
|
26 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
464526.gif
id.rlcdn.com/ |
0 66 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/743773256/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/743773256/ |
42 B 289 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/743773256/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sa.css
tags.srv.stackadapt.com/ |
82 B 309 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sa.jpeg
tags.srv.stackadapt.com/ |
0 881 B |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saq_pxl
tags.srv.stackadapt.com/ |
94 B 397 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_tracking
tags.srv.stackadapt.com/ |
0 250 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| PG8Data object| PG8 object| Sophos object| ak_js object| commentForm undefined| replyRowContainer undefined| children function| Cookies object| Stickyfill function| Spinner function| Tether function| Drop object| _gaq object| addComment object| wp object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji function| postscribe object| google_tag_manager object| google_tag_data object| uetq function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq function| qp function| saq function| _saq object| _gat object| gaGlobal object| _elqQ object| _elq function| lintrk boolean| _already_called_lintrk function| UET function| gtag object| twttr object| qevents object| Metadata function| __extends object| Demandbase object| __db function| DBSegment function| ga function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| res string| current_window_url_param15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sophos.com/ | Name: _fbp Value: fb.1.1613741385634.979150073 |
|
.news.sophos.com/ | Name: __utmb Value: 204943247.1.10.1613741386 |
|
.sophos.com/ | Name: __utmz Value: 1.1613741386.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.sophos.com/ | Name: __utmb Value: 1.1.10.1613741386 |
|
.sophos.com/ | Name: CampaignID Value: 70130000001xKqzAAE |
|
.news.sophos.com/ | Name: __utmt_news Value: 1 |
|
.sophos.com/ | Name: __utmt Value: 1 |
|
.sophos.com/ | Name: _uetvid Value: 87fd87c072b611ebbd961500cf734e26 |
|
.news.sophos.com/ | Name: __utma Value: 204943247.736818980.1613741386.1613741386.1613741386.1 |
|
.sophos.com/ | Name: __utmc Value: 1 |
|
.sophos.com/ | Name: _uetsid Value: 87fd5de072b611eb9dceb7d9f18dc4c4 |
|
.sophos.com/ | Name: __utma Value: 1.1676069777.1613741386.1613741386.1613741386.1 |
|
.news.sophos.com/ | Name: __utmz Value: 204943247.1613741386.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.news.sophos.com/ | Name: __utmc Value: 204943247 |
|
.sophos.com/ | Name: _gcl_au Value: 1.1.1242792692.1613741386 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.quora.com
analytics.twitter.com
api.company-target.com
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
id.rlcdn.com
img03.en25.com
match.prod.bidr.io
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
news.sophos.com
pixel.wp.com
px.ads.linkedin.com
q.quora.com
scripts.demandbase.com
secure.gravatar.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
tags.srv.stackadapt.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sophos.com
104.244.42.131
104.244.42.69
13.226.159.111
13.226.159.96
142.250.185.66
151.101.12.157
151.101.13.2
184.31.83.71
192.0.76.3
205.185.216.10
23.36.237.138
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c07::9b
2a02:26f0:7100:481::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffd::c000:42c8
2a04:fa87:fffe::c000:4902
3.213.100.238
34.120.207.148
52.202.228.151
52.214.70.9
65.9.96.38
011ee00e2221fd2994156f01b85251391099270cc849857806d6a249481c90ff
04029edaf619462965453e8ac9cf74c584b1ef526c95f71185acc63a696b7f1c
058b79d96bbf2a9f0558efaff44f70126cb2f5e73d8758d0f9b86ea1672d642e
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08a7a0874ee5fb2ee701c01ae6435a2dc2cbda46db56cb7b32e7666a622134b4
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ce7b19357902318f5e2db207e64647d6a78d7f9f620ef55a8a07ad2f8e6d798
0d24e9923edbf8af778b0e4b424f25f68e5eaf62a395eb7a2242206bf4955b30
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
140cc0229a8a48c70617149b5af506c02528084490bd926169c5e829570e3a1c
1875cad468466b9b4ea2ebd196b8969f905ab31c20cd5e0a0c2da9b37fa12095
19138056192c401bf00277e95ec8ce7bef7873f1699a847e0369498921696b99
20b11d2c0012e286c38350d6c9b2ba03341667d9bc7226bf526fb47e89668fd9
23e3eb42b6dfd84010c65dac237d463eec1e57d4043e89762be957e7eea4b990
29e135bc96ba3ec4a643931a8ef458e48aa372894da5c635433993ea961ab7ae
311bf253920081421b51362421eb6da3379159be22e0011b5f7e433f0e171e84
32e70a1d8a3c71cf746f74dc3afbd4dd89f1c8d5db58ceb10fa1bbf2cf852047
344165dd87edae72118753f5eb282abc235005e020875994cd9bb63758a0e42a
3ae6b26ac6cf9c8b04b7dfd6c07fc66c5c9aae525803c3d0bde51fe146839d94
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f510f8a21c09db2bb8f964b3e424fce6a77aea73ac791e9c0c6b8b238405366
456c6839a323a1c27ec8abb097fa4664897df53478e84f8381e8ade1f1120c41
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
52600b30637371871a7d5d50ba86cb9a29ad65d75a78824b4daba442c4eee113
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551f998f64469359651068d074a3ae3f4fd3f252b879e387ab55089caa4dc161
5e3bebfd41700b7e79a1c2ba6e80593651269137661f3f87643fc68f0312db16
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
633210530499824ad06b2b30a04a9ee18b4b8e2071620691a58c9a476dc728b9
6a7798c5de0231d9920286def790091cea96452b69778279eeedb0f83ac5ac83
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
70c7c5f0833f308ce9e4f2c3f1e9f08da3db99b75600f6c8f0a5a98d243b2a97
73804d2385d19c3ec1bd8fc6eb08b15086160a89dd3e74aea07318ad427edfe4
7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c
819276b576d25c7713494046c88533380256557869860f15d573d45b1bbee10a
824017784416082af7bc42e59944de9cb666a38bc7a85b4763ac758cb9e35eff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
988e6b5985851b60bf87907f758e625fb48215d730d843e03320a589b85bf760
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f67d83d034c658809bf7a06ff6d74a417ea25a0005f4561abd5254652b6d7c6
a2e508d4cd7d28288c388909263374730a15769f3d53044334c9c25681c512e1
a988b5aa1de46505228262448ce5f82ad6f90611ed840c3fe2b37d7081fec524
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0348edeb29dc1accfecb54a863c8597ea124c1ab9f1a38f3b9e12e953364a05
b7c9fd97a3a7165755766cd3ba55676f6505642b8c522d89d6f0ab0cabaaa8d7
c1da7a3d76f2fd71ba637d968b49556520ee94d72a5b60a5d21f34f5e4029ec4
c6f378c4d31ede24622009dc2d5e85386926ea9881e94326252146bff0fd5110
c87eb0c349fe4518e3ffd3d05b3f43f90d4f8709eb7f9924e74e858a6efdb6ed
c8fa9e46358747cc949be0709256687b7ac1f8fd295f0de4073b11a41c534b62
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12b65b2f263418c454da0dfb28dc355a142e3e8e398636799722d27b661fdc1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f2792fa9c99f81eaf3035f2ba7634dd84f42526df8a1f31196912de7e55c815e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f81f3b44c5da8f8b9b365294b2146763d666b9f445e1b2285466910d5361cec5
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
f9b3c3cf0d586f12051411da0bc10e6c4c0a747db04588c9adcab62ca0b4325c