staysafe.sophos.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure-bank-alerts.com/
Effective URL:
https://staysafe.sophos.com/
Submission Tags: falconsandbox
Submission: On July 08 via api (July 8th 2021, 8:44:03 pm UTC) from US

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is staysafe.sophos.com.
TLS certificate: Issued by R3 on May 12th 2021. Valid for: 3 months.

This is the only time staysafe.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.49.11.52 52.49.11.52	16509 (AMAZON-02) (AMAZON-02)
10	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
12	2

1 52.49.11.52 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-11-52.eu-west-1.compute.amazonaws.com

secure-bank-alerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.66.2 (United States)

ASN2635 (AUTOMATTIC, US)

staysafe.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sophos.com staysafe.sophos.com	271 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	secure-bank-alerts.com 1 redirects secure-bank-alerts.com	203 B
12	3

	Domain	Requested by
10	staysafe.sophos.com	staysafe.sophos.com
1	pixel.wp.com	staysafe.sophos.com
1	stats.wp.com	staysafe.sophos.com
1	secure-bank-alerts.com	1 redirects
12	4

This site contains links to these domains. Also see Links.

Domain
www.sophos.com

Subject Issuer	Validity	Valid
partnernews.sophos.com R3	`2021-05-12` - `2021-08-10`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://staysafe.sophos.com/
Frame ID: 42F4BDA939321AA784247EFD9ADDB47C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure-bank-alerts.com/ HTTP 301
https://staysafe.sophos.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

274 kB
Transfer

589 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sophos.com/phish-threat
Title: Sophos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-bank-alerts.com/ HTTP 301
https://staysafe.sophos.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
staysafe.sophos.com/
Redirect Chain

http://secure-bank-alerts.com/
https://staysafe.sophos.com/

11 KB
4 KB

265ms
183ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

567e16ce2957bbe446538bb4fb07e9d7473b680a8b9fcf84acba00dc21ac5ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: staysafe.sophos.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 08 Jul 2021 20:43:38 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
set-cookie: pll_language=en; expires=Fri, 08-Jul-2022 20:43:38 GMT; Max-Age=31536000; path=/
link: <https://staysafe.sophos.com/wp-json/>; rel="https://api.w.org/" <https://staysafe.sophos.com/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://wp.me/P9FdDB-b>; rel=shortlink
content-encoding: gzip
x-rq: hhn1 0 4 9980
age: 0
x-cache: miss
accept-ranges: bytes
strict-transport-security: max-age=31536000

Redirect headers

Date: Thu, 08 Jul 2021 20:43:38 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Server: nginx/1.16.1
Location: https://staysafe.sophos.com/

GET
H2 200 /
staysafe.sophos.com/_static/ 245 KB
45 KB 30ms
29ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==

Requested by

Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

10df8104b02891ac518d3629d25d995fb74471651863b5d98148687df7570621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:38 GMT
content-encoding: gzip
x-rq: hhn1 0 4 9980
last-modified: Thu, 08 Jul 2021 13:22:05 GMT
server: nginx
age: 25413
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 46077

GET
H2 200 / Show response
staysafe.sophos.com/_static/ 98 KB
34 KB 65ms
64ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZkamBsZmZqWkWAK9bIh8=

Requested by

Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZkamBsZmZqWkWAK9bIh8=
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:38 GMT
content-encoding: gzip
x-rq: hhn1 181 253 80
last-modified: Wed, 30 Jun 2021 07:04:15 GMT
server: nginx
age: 734056
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 34537

GET
H2 200 / Show response
staysafe.sophos.com/_static/ 43 KB
14 KB 60ms
59ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/_static/??-eJx1jlsKwzAMBC/URH3g/JWexQ9RK9iya8mE3r6mEOhHA4JFMCMtbHUi9qkHFFjHvDq2N3QCXxrOmXhe5QSHlFonv5QvrMgKNfUnsYAgCxJYEdSv2gXbFKxEV2wL/1SNmMebGkmixoZWd118ozrSdQ7psNxYMTvcbz/y/bJczfm2LMasH0qGWDU=

Requested by

Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e1eb7244e09f9a575253f5542113ca2bee7f8842fadbbd619ae1f41e1d99bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_static/??-eJx1jlsKwzAMBC/URH3g/JWexQ9RK9iya8mE3r6mEOhHA4JFMCMtbHUi9qkHFFjHvDq2N3QCXxrOmXhe5QSHlFonv5QvrMgKNfUnsYAgCxJYEdSv2gXbFKxEV2wL/1SNmMebGkmixoZWd118ozrSdQ7psNxYMTvcbz/y/bJczfm2LMasH0qGWDU=
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:38 GMT
content-encoding: gzip
x-rq: hhn1 181 253 80
last-modified: Wed, 30 Jun 2021 07:04:15 GMT
server: nginx
age: 732616
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14126

GET
H2 200 e-202127.js Show response
stats.wp.com/ 9 KB
3 KB 91ms
29ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202127.js
Requested by: Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 08 Jul 2021 20:43:39 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 27 Jun 2022 03:06:32 GMT

GET
H2 200 wp-emoji-release.min.js Show response
staysafe.sophos.com/wp-includes/js/ 14 KB
5 KB 29ms
29ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
content-encoding: gzip
x-rq: hhn1 103 42 3272
last-modified: Thu, 13 May 2021 00:00:43 GMT
server: nginx
age: 4899835
etag: W/"609c6c2b-3795"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4712
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 sophos-logo.png
staysafe.sophos.com/wp-content/themes/phishthreat/assets/images/ 4 KB
4 KB 32ms
28ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staysafe.sophos.com/wp-content/themes/phishthreat/assets/images/sophos-logo.png

Requested by

Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5940cb8b477258b23e3d3e2136f22ec12ff9d26964e54e81a4d4582ceb032169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/phishthreat/assets/images/sophos-logo.png
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
x-rq: hhn1 98 151 3256
last-modified: Fri, 30 Apr 2021 22:05:51 GMT
server: nginx
age: 5676714
etag: "608c7f3f-10dc"
strict-transport-security: max-age=31536000
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4316
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 secondary-logo.png
staysafe.sophos.com/wp-content/themes/phishthreat/assets/images/ 12 KB
12 KB 31ms
29ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staysafe.sophos.com/wp-content/themes/phishthreat/assets/images/secondary-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a4007fcbdbb05010eeb3b8401048e2c6aef424ff851d25c8409ffe08eb6f526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/phishthreat/assets/images/secondary-logo.png
pragma: no-cache
cookie: pll_language=en
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
x-rq: hhn1 98 151 3256
last-modified: Fri, 30 Apr 2021 22:05:51 GMT
server: nginx
age: 5676714
etag: "608c7f3f-2fe0"
strict-transport-security: max-age=31536000
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12256
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 flama-book-webfont.ttf
staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/ 50 KB
50 KB 133ms
131ms Font
application/octet-stream 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/flama-book-webfont.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d088c5e7ccc85feda2e2f398f4188c8c49f6c0178e75e2e758f9a9c4e3fddff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://staysafe.sophos.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: pll_language=en
:path: /wp-content/themes/phishthreat/assets/fonts/flama-book-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://staysafe.sophos.com
Referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 51440
x-rq: hhn1 0 4 9980
last-modified: Wed, 09 Jun 2021 18:01:16 GMT
server: nginx
etag: "60c101ec-c8f0"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 flama-light-webfont.ttf
staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/ 50 KB
50 KB 124ms
123ms Font
application/octet-stream 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/flama-light-webfont.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1eee700208fddc9dbea7fd453e8a1dbaca020a9c0dedb43f985f3fd1ddcbda2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://staysafe.sophos.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: pll_language=en
:path: /wp-content/themes/phishthreat/assets/fonts/flama-light-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://staysafe.sophos.com
Referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 51480
x-rq: hhn1 0 4 9980
last-modified: Wed, 09 Jun 2021 18:01:16 GMT
server: nginx
etag: "60c101ec-c918"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 flama-medium-webfont.ttf
staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/ 51 KB
51 KB 139ms
138ms Font
application/octet-stream 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://staysafe.sophos.com/wp-content/themes/phishthreat/assets/fonts/flama-medium-webfont.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ec341c00863f513a04b66db10c2180649ab00b68275db6dcd7abdf6bd780b947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-fetch-mode: cors
origin: https://staysafe.sophos.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: pll_language=en
:path: /wp-content/themes/phishthreat/assets/fonts/flama-medium-webfont.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: staysafe.sophos.com
referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://staysafe.sophos.com
Referer: https://staysafe.sophos.com/_static/??-eJyNj0EOwjAMBD9Ea6gUUA+It7ip1QScNIpdofyeFDi0EgeOo93R2vBMjY+Wl5EErAiMXhQGnu2jYT9kzAVEC1MbfGxr4QBb4y4QaPRITIGi7iAxFsoN04S2/KfXbMs7yc5R1466mgkk58Wpy4QKKEL6OT+gKOWfYliaxMvkY90lTVg/7Nv+bX15VW7hejp35mKOpjMvtLtp/w==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 52464
x-rq: hhn1 0 4 9980
last-modified: Wed, 09 Jun 2021 18:01:16 GMT
server: nginx
etag: "60c101ec-ccf0"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 20:43:39 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 30ms
29ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.9&blog=142810899&post=11&tz=0&srv=staysafe.sophos.com&host=staysafe.sophos.com&ref=&fcp=534&rand=0.9626762146648871
Requested by: Host: staysafe.sophos.com
URL: https://staysafe.sophos.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://staysafe.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:43:39 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			staysafe.sophos.com/	1970-01-20 04:21:53	Name: pll_language Value: en

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://staysafe.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZkamBsZmZqWkWAK9bIh8=(Line 5) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pixel.wp.com
secure-bank-alerts.com
stats.wp.com
staysafe.sophos.com
192.0.66.2
192.0.76.3
52.49.11.52
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10df8104b02891ac518d3629d25d995fb74471651863b5d98148687df7570621
1eee700208fddc9dbea7fd453e8a1dbaca020a9c0dedb43f985f3fd1ddcbda2d
567e16ce2957bbe446538bb4fb07e9d7473b680a8b9fcf84acba00dc21ac5ac4
5940cb8b477258b23e3d3e2136f22ec12ff9d26964e54e81a4d4582ceb032169
7e1eb7244e09f9a575253f5542113ca2bee7f8842fadbbd619ae1f41e1d99bc7
7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c
8a4007fcbdbb05010eeb3b8401048e2c6aef424ff851d25c8409ffe08eb6f526
d088c5e7ccc85feda2e2f398f4188c8c49f6c0178e75e2e758f9a9c4e3fddff0
ec341c00863f513a04b66db10c2180649ab00b68275db6dcd7abdf6bd780b947
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

staysafe.sophos.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

274 kBTransfer

589 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

staysafe.sophos.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

274 kB
Transfer

589 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions