news.sophos.com
Open in
urlscan Pro
2a04:fa87:fffd::c000:42c8
Public Scan
Submission: On January 29 via manual from SE
Summary
TLS certificate: Issued by R3 on January 16th 2021. Valid for: 3 months.
This is the only time news.sophos.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-55-47.deploy.static.akamaitechnologies.com
www.sophos.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-55-181.deploy.static.akamaitechnologies.com
img03.en25.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-13.fra2.r.cloudfront.net
scripts.demandbase.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-8-225.compute-1.amazonaws.com
tags.srv.stackadapt.com |
ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
metadata-static-files.sfo2.cdn.digitaloceanspaces.com |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-115-141.compute-1.amazonaws.com
q.quora.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-38.fra50.r.cloudfront.net
api.company-target.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-192-197.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-54.fra2.r.cloudfront.net
segments.company-target.com |
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
id.rlcdn.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
16 | news.sophos.com |
news.sophos.com
|
6 | www.sophos.com |
news.sophos.com
|
5 | tags.srv.stackadapt.com |
news.sophos.com
tags.srv.stackadapt.com |
3 | stats.g.doubleclick.net |
1 redirects
news.sophos.com
|
2 | segments.company-target.com |
1 redirects
news.sophos.com
|
2 | match.prod.bidr.io | 2 redirects |
2 | www.facebook.com |
news.sophos.com
|
2 | px.ads.linkedin.com |
1 redirects
news.sophos.com
|
2 | connect.facebook.net |
news.sophos.com
connect.facebook.net |
2 | bat.bing.com |
news.sophos.com
|
2 | www.google.de |
news.sophos.com
|
2 | www.google.com |
1 redirects
news.sophos.com
|
2 | www.googletagmanager.com |
news.sophos.com
www.googletagmanager.com |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | id.rlcdn.com |
news.sophos.com
|
1 | api.company-target.com |
scripts.demandbase.com
|
1 | q.quora.com |
news.sophos.com
|
1 | t.co |
news.sophos.com
|
1 | www.linkedin.com | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | metadata-static-files.sfo2.cdn.digitaloceanspaces.com |
news.sophos.com
|
1 | a.quora.com |
news.sophos.com
|
1 | static.ads-twitter.com |
news.sophos.com
|
1 | scripts.demandbase.com |
news.sophos.com
|
1 | snap.licdn.com |
news.sophos.com
|
1 | pixel.wp.com |
news.sophos.com
|
1 | img03.en25.com |
news.sophos.com
|
1 | stats.wp.com |
news.sophos.com
|
57 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sophos.com |
secure2.sophos.com |
twitter.com |
www.facebook.com |
www.linkedin.com |
docs.microsoft.com |
github.com |
attack.mitre.org |
support.citrix.com |
www.instagram.com |
www.youtube.com |
wpvip.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
news.sophos.com R3 |
2021-01-16 - 2021-04-16 |
3 months | crt.sh |
www.sophos.com GlobalSign Extended Validation CA - SHA256 - G3 |
2020-11-18 - 2021-12-20 |
a year | crt.sh |
*.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.en25.com DigiCert SHA2 Secure Server CA |
2020-08-13 - 2021-11-12 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-01-19 - 2021-07-19 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
tag.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2020-10-14 - 2021-11-15 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
quora.com R3 |
2021-01-17 - 2021-04-17 |
3 months | crt.sh |
*.srv.stackadapt.com Amazon |
2020-12-09 - 2022-01-07 |
a year | crt.sh |
*.sfo2.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA |
2020-03-11 - 2021-04-14 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2021-01-06 - 2021-07-05 |
6 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.quora.com R3 |
2021-01-17 - 2021-04-17 |
3 months | crt.sh |
api.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2020-10-09 - 2021-10-28 |
a year | crt.sh |
*.company-target.com Go Daddy Secure Certificate Authority - G2 |
2019-06-19 - 2021-08-18 |
2 years | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-30 - 2021-11-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/
Frame ID: 9C5681E86B047F4BB42B7920C43EB86B
Requests: 66 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
45 Outgoing links
These are links going to different origins than the main page.
Title: Sophos News
Search URL Search Domain Scan URL
Title: Products
Search URL Search Domain Scan URL
Title: Solutions
Search URL Search Domain Scan URL
Title: Partners
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Company
Search URL Search Domain Scan URL
Title: Free TrialsAll product trials in one place.
Search URL Search Domain Scan URL
Title: Free ToolsTry our tools for use at home.
Search URL Search Domain Scan URL
Title: Get PricingThe right price every time.
Search URL Search Domain Scan URL
Title: Search
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Events
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Share on Twitter
Search URL Search Domain Scan URL
Title: Share on Facebook
Search URL Search Domain Scan URL
Title: Share on LinkedIn
Search URL Search Domain Scan URL
Title: Sophos Rapid Response
Search URL Search Domain Scan URL
Title: Intercept X
Search URL Search Domain Scan URL
Title: Audit Policies
Search URL Search Domain Scan URL
Title: SophosLabs Github
Search URL Search Domain Scan URL
Title: MITRE ATT&CK T1190
Search URL Search Domain Scan URL
Title: CVE-2019-11634
Search URL Search Domain Scan URL
Title: CVE-2019-13608
Search URL Search Domain Scan URL
Title: CVE-2020-8269
Search URL Search Domain Scan URL
Title: Managed Threat Response
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Find a Partner
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Technical Papers
Search URL Search Domain Scan URL
Title: Whitepapers
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Information
Search URL Search Domain Scan URL
Title: Modern Slavery Statement
Search URL Search Domain Scan URL
Title: WordPress.com VIP
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1886160334&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Nefilim%20Ransomware%20Attack%20Uses%20%E2%80%9CGhost%E2%80%9D%20Credentials%20%E2%80%93%20Sophos%20News&utmhid=1911250402&utmr=-&utmp=%2Fcorpblog%2Fen-us%2F2021%2F01%2F26%2Fnefilim-ransomware-attack-uses-ghost-credentials%2F&utmht=1611901030615&utmac=UA-737537-1&utmcc=__utma%3D1.844060608.1611901031.1611901031.1611901031.1%3B%2B__utmz%3D1.1611901031.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1727076947&utmredir=3&utmu=q1CAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=844060608.1611901031&jid=1727076947&_v=5.7.2dc&z=1886160334 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=844060608.1611901031&jid=1727076947&_v=5.7.2dc&z=1886160334&slf_rd=1&random=2174471769
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1611901030669&url=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2021%2F01%2F26%2Fnefilim-ransomware-attack-uses-ghost-credentials%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D461060%26time%3D1611901030669%26url%3Dhttps%253A%252F%252Fnews.sophos.com%252Fen-us%252F2021%252F01%252F26%252Fnefilim-ransomware-attack-uses-ghost-credentials%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1611901030669&url=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2021%2F01%2F26%2Fnefilim-ransomware-attack-uses-ghost-credentials%2F&liSync=true
- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAEvHU7AJ1EAABEvcHHRag HTTP 303
- https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEvHU7AJ1EAABEvcHHRag&verifyHash=7c9ecadf032a3076b0475fcf9ba15179e9de78df
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ |
42 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
453 KB 198 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
98 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar-three.png
news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
600 B 905 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
923 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rss-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
461 B 919 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube-icon.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Navigation/Footer/ |
792 B 989 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news.sophos.com/_static/ |
140 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202104.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
91 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
news.sophos.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.css
news.sophos.com/wp-content/themes/sophosnews-2017/ |
3 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
435 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
342 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
518 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
469 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
665 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
349 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-news-ft-img-mtr_v1.png
news.sophos.com/wp-content/uploads/2020/08/ |
27 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-mtr-2.png
news.sophos.com/wp-content/uploads/2020/09/ |
45 KB 46 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-news-ft-img-mtr_v3.png
news.sophos.com/wp-content/uploads/2020/08/ |
48 KB 48 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Regular.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
24 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Light.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Medium.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SophosSans-Semibold.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Account-creds2.jpg
news.sophos.com/wp-content/uploads/2021/01/ |
150 KB 150 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-mtr-rapid-response-timeline-nefilim_v2-1.png
news.sophos.com/wp-content/uploads/2021/01/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
elqCfg.min.js
img03.en25.com/i/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ |
50 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
__utm.gif
stats.g.doubleclick.net/r/ |
35 B 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
91 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WuEFNglz.min.js
scripts.demandbase.com/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qevents.js
a.quora.com/ |
39 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
events.js
tags.srv.stackadapt.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lp.js
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ |
5 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
334990480506518
connect.facebook.net/signals/config/ |
241 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 261 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
q.quora.com/_/ad/6bed874137d04358a290eecc797a0cd6/ |
43 B 420 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ip.json
api.company-target.com/api/v2/ |
438 B 941 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validateCookie
segments.company-target.com/ Redirect Chain
|
26 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
464526.gif
id.rlcdn.com/ |
0 66 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/743773256/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/743773256/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/743773256/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sa.css
tags.srv.stackadapt.com/ |
83 B 310 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sa.jpeg
tags.srv.stackadapt.com/ |
0 881 B |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 651 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saq_pxl
tags.srv.stackadapt.com/ |
94 B 397 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_tracking
tags.srv.stackadapt.com/ |
0 250 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| PG8Data object| PG8 object| Sophos object| ak_js object| commentForm undefined| replyRowContainer undefined| children function| Cookies object| Stickyfill function| Spinner function| Tether function| Drop object| _gaq object| addComment object| wp object| _stq object| twemoji function| st_go function| linktracker_init object| wpcom function| postscribe object| google_tag_manager object| _gat object| gaGlobal object| google_tag_data object| uetq function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq function| qp function| saq function| _saq object| _elqQ object| _elq function| gtag function| lintrk boolean| _already_called_lintrk function| UET object| twttr object| qevents function| __extends object| Demandbase object| __db function| DBSegment function| ga object| Metadata function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| res string| current_window_url_param15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sophos.com/ | Name: _fbp Value: fb.1.1611901030695.2071410576 |
|
.sophos.com/ | Name: _gcl_au Value: 1.1.1592203990.1611901031 |
|
.news.sophos.com/ | Name: __utmb Value: 204943247.1.10.1611901031 |
|
.news.sophos.com/ | Name: __utmz Value: 204943247.1611901031.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.news.sophos.com/ | Name: __utmc Value: 204943247 |
|
.sophos.com/ | Name: __utmz Value: 1.1611901031.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.sophos.com/ | Name: __utmb Value: 1.1.10.1611901031 |
|
.sophos.com/ | Name: CampaignID Value: 70130000001xKqzAAE |
|
.news.sophos.com/ | Name: __utmt_news Value: 1 |
|
.sophos.com/ | Name: __utmt Value: 1 |
|
.sophos.com/ | Name: _uetvid Value: 9ef98d1061f911eb8bbca7c6c8b42c49 |
|
.news.sophos.com/ | Name: __utma Value: 204943247.1308216970.1611901031.1611901031.1611901031.1 |
|
.sophos.com/ | Name: __utmc Value: 1 |
|
.sophos.com/ | Name: _uetsid Value: 9ef995a061f911ebb1efcd62e4ffe567 |
|
.sophos.com/ | Name: __utma Value: 1.844060608.1611901031.1611901031.1611901031.1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.quora.com
analytics.twitter.com
api.company-target.com
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
id.rlcdn.com
img03.en25.com
match.prod.bidr.io
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
news.sophos.com
pixel.wp.com
px.ads.linkedin.com
q.quora.com
scripts.demandbase.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
tags.srv.stackadapt.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sophos.com
104.108.55.181
104.108.55.47
104.244.42.133
104.244.42.3
13.224.194.13
13.225.80.54
142.250.74.194
143.204.93.38
151.101.12.157
151.101.13.2
192.0.76.3
205.185.216.10
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2008
2a00:1450:4001:824::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9c
2a02:26f0:10c:582::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffd::c000:42c8
2a05:f500:11:101::b93f:9005
3.225.115.141
34.120.207.148
52.205.8.225
54.228.192.197
011ee00e2221fd2994156f01b85251391099270cc849857806d6a249481c90ff
04029edaf619462965453e8ac9cf74c584b1ef526c95f71185acc63a696b7f1c
058b79d96bbf2a9f0558efaff44f70126cb2f5e73d8758d0f9b86ea1672d642e
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0ce7b19357902318f5e2db207e64647d6a78d7f9f620ef55a8a07ad2f8e6d798
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1875cad468466b9b4ea2ebd196b8969f905ab31c20cd5e0a0c2da9b37fa12095
20b11d2c0012e286c38350d6c9b2ba03341667d9bc7226bf526fb47e89668fd9
29e135bc96ba3ec4a643931a8ef458e48aa372894da5c635433993ea961ab7ae
34ef55554d73540815abb072133dccdc4e5ff6d62e8470317258c315f67874ea
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f510f8a21c09db2bb8f964b3e424fce6a77aea73ac791e9c0c6b8b238405366
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
52600b30637371871a7d5d50ba86cb9a29ad65d75a78824b4daba442c4eee113
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5572c863ab7c9fbc6f64ef41a39b12e7a4a24e3c298989ed9796e9e14f8925d3
5bdf8ed4732a6548d90627c662c8e43cb440cf7a1cabb72ef55dcef7f438be80
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61a2d2d9e72b541b52b029da2febf1203b443126b6cccbc4fa23a8718af52a3a
633210530499824ad06b2b30a04a9ee18b4b8e2071620691a58c9a476dc728b9
6745f5377fb3204310b1686e12cf36eaded1a37d833e01bbc7b70d74006fa7b1
6906c618e970bb59fb5a787b726cc847bcfa3ab2e6a963376389f7d6f833a778
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
7a7dadc7ff2068d9772a91502491eefdd1a6affb4d31da24a90c15937dc2070d
7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c
7eb69c20bdfe9d883c00bc771f731f5841e0a62ba2c7a0b5d96300a9bf79832f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b65669f1a8c624b7ff0a0701a9710eb9064a91d7d108663597c53fb95a04d08
98e7456c4f008e4218533603a2b3b9d7812b6eb4b177a2b225a551b65af55176
9e28da38d10d6ec726ed26585e88e35fd637c22a23f8f7ddb18cd26425140b51
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f67d83d034c658809bf7a06ff6d74a417ea25a0005f4561abd5254652b6d7c6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0348edeb29dc1accfecb54a863c8597ea124c1ab9f1a38f3b9e12e953364a05
b7c9fd97a3a7165755766cd3ba55676f6505642b8c522d89d6f0ab0cabaaa8d7
b85ed9ff65cb89798ff1ac4b0d9a9b2c2d14f27a949ac3c19bae5c228ecc8f38
c1da7a3d76f2fd71ba637d968b49556520ee94d72a5b60a5d21f34f5e4029ec4
c3f29f8d36265767daee6fbb5097ff97a51d9247e7464d0220a96a83b129769e
c53fdbaddaff19b7b3926c8e99c839a7e43cdeb9265fb178dbbc2c22e51edd39
c6f378c4d31ede24622009dc2d5e85386926ea9881e94326252146bff0fd5110
c87eb0c349fe4518e3ffd3d05b3f43f90d4f8709eb7f9924e74e858a6efdb6ed
c8fa9e46358747cc949be0709256687b7ac1f8fd295f0de4073b11a41c534b62
d09134205cab3b30759c2219ff841afc14efb0bf475cc3914b221e62354a7785
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f2792fa9c99f81eaf3035f2ba7634dd84f42526df8a1f31196912de7e55c815e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f81f3b44c5da8f8b9b365294b2146763d666b9f445e1b2285466910d5361cec5
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
f9b3c3cf0d586f12051411da0bc10e6c4c0a747db04588c9adcab62ca0b4325c