urlscan.io logo urlscan.io
SecurityTrails logo

news.sophos.com Open in urlscan Pro
2a04:fa87:fffd::c000:42e3  Public Scan

Go To Rescan Add Verdict Report
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Submission: On October 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 32 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:42e3, located in Ireland and belongs to AUTOMATTIC, US. The main domain is news.sophos.com. The Cisco Umbrella rank of the primary domain is 238978.
TLS certificate: Issued by E6 on October 10th 2024. Valid for: 3 months.
This is the only time news.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
1 184.25.216.9 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
32 8
21    2a04:fa87:fffd::c000:42e3 (Ireland)

ASN2635 (AUTOMATTIC, US)
news.sophos.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    184.25.216.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-216-9.deploy.static.akamaitechnologies.com
img03.en25.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
21 sophos.com
news.sophos.com — Cisco Umbrella Rank: 238978
771 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
18 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3409
pixel.wp.com — Cisco Umbrella Rank: 3394
3 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
240 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 en25.com
img03.en25.com — Cisco Umbrella Rank: 26070
3 KB
32 7
Domain Requested by
21 news.sophos.com news.sophos.com
3 stats.g.doubleclick.net news.sophos.com
2 unpkg.com 1 redirects news.sophos.com
2 www.googletagmanager.com news.sophos.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com news.sophos.com
1 img03.en25.com news.sophos.com
1 stats.wp.com news.sophos.com
32 8
Subject Issuer Validity Valid
news.sophos.com
E6		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-07-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Frame ID: 2A24D6870D72D3811FABC3AB6F533D23
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Location-based threats: How cybercriminals target you based on where you live – Sophos News

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

94 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

1059 kB
Transfer

2084 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js?ver=2.0.3 HTTP 302
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/ 		82 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
b1f8057091e3df8aeed34c3af582e134be0d41fe03f632116128d52d6156efda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=300, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 11 Oct 2024 18:44:47 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://news.sophos.com/wp-json/>; rel="https://api.w.org/" <https://news.sophos.com/wp-json/wp/v2/posts/31356>; rel="alternate"; title="JSON"; type="application/json" <https://news.sophos.com/?p=31356>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
EXPIRED
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
ams8 111 253 443
style.min.css
news.sophos.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/css/dist/block-library/style.min.css?m=1725982252g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 254 443
etag
W/"66e0662c-1b72b"
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 15:30:52 GMT
server
nginx
vary
Accept-Encoding
/
news.sophos.com/_static/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobmVpaGBmZGgEARN0u5g==
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 254 443
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Tue, 10 Sep 2024 15:30:52 GMT
related-posts-block-styles.min.css
news.sophos.com/wp-content/mu-plugins/search/elasticpress/dist/css/ 		222 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?m=1725466133g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 111 253 443
etag
"66d88615-de"
accept-ranges
bytes
x-cache
HIT
content-length
222
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
text/css
last-modified
Wed, 04 Sep 2024 16:08:53 GMT
server
nginx
style-2021.css
news.sophos.com/wp-content/themes/sophosnews-2017/ 		63 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11ef9c10a9a5cb3b67c600a654b6e32b2a022673a0c7045870e9597c9f712605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 253 443
etag
W/"66abc5cb-fb91"
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
text/css
last-modified
Thu, 01 Aug 2024 17:28:43 GMT
server
nginx
vary
Accept-Encoding
/
news.sophos.com/_static/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5kamlhZGRqVEWAK+YIiM=
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 10 Sep 2024 15:30:52 GMT
89cf45e3-ed01-471e-b0cb-1fa5a63bbd88
https://news.sophos.com/ 		0
0
gtm.js
www.googletagmanager.com/ 		486 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b13fc736342e17665f89bdc5f614e8d9ccea4eab56d84ca338dce550218938da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 11 Oct 2024 18:44:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 11 Oct 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140020
x-xss-protection
0
server
Google Tag Manager
geo-malware.png
news.sophos.com/wp-content/uploads/2016/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2016/04/geo-malware.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
834c4a8fb5481b3fb18944b9309cf33b7532a36e84f064c84c16385a5cdf2348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 94 443
etag
"2a593512aa79e4c8"
accept-ranges
bytes, bytes
x-cache
MISS
content-length
21190
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Fri, 11 Oct 2024 18:44:47 GMT
server
nginx
vary
Accept
geomalware-tds.png
news.sophos.com/wp-content/uploads/2016/04/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2016/04/geomalware-tds.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7f262ce89627332dcc95f9d95460dd1522f1ce5c57ac82d66cf2b85f79545dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 154 443
etag
"35d8dee0b4b75a7c"
accept-ranges
bytes, bytes
x-cache
MISS
content-length
53752
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Fri, 11 Oct 2024 18:44:47 GMT
server
nginx
vary
Accept
geomalware-torrentlocker.png
news.sophos.com/wp-content/uploads/2016/04/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2016/04/geomalware-torrentlocker.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
856d39e77f8760bd4e62afdebe352159c91273c489e811e85fc6b23a8c74c6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 208 443
etag
"e242af912abf412d"
accept-ranges
bytes, bytes
x-cache
MISS
content-length
53972
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Fri, 11 Oct 2024 18:44:47 GMT
server
nginx
vary
Accept
chester-wisniewski.png
news.sophos.com/wp-content/uploads/2020/01/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2020/01/chester-wisniewski.png?w=396
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bbc7b9796b3b1e4d8c0e895be412a31160a43dcd2c7c5ae5afc8013293053b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 200 443
etag
"9248e59183a33f68"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
137224
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Wed, 22 Nov 2023 00:51:52 GMT
server
nginx
vary
Accept
/
news.sophos.com/_static/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJyVjFEOAiEMBS8kICVmv4xnaUizC0ohtLoeX8xeYEne12Tmub2ZWFmJ1elGhcRJbVsVpl0MXP3isowNqT4TmQ9YsH4AewCb5eJOfcTaJ2z6akc57x/IvjW95quIpWFaeTps2JWpT3crTid/NqJHufsF4BZCgJB/oGigNw==
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 01 Aug 2024 17:28:43 GMT
alpine.js
unpkg.com/alpinejs@2.8.1/dist/
Redirect Chain
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js?ver=2.0.3
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js
75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@2.8.1/dist/alpine.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ef5d88325642180635eefe64e093b230dab8b0af4240f6ac4d0020138713b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"12cbb-bpXmlqHGZCDMOrq5PlgCDbjJFNQ"
age
3941259
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J68ZNVW3P6QCM5W0VN163RP6-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1100e5ca940418-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
location
/alpinejs@2.8.1/dist/alpine.js
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d1100e57a220418-FRA
access-control-allow-origin
*
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01J9YEBJW437YBW1305NSPJBKQ-fra
server
cloudflare
comment-reply.min.js
news.sophos.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/js/comment-reply.min.js?m=1725982253g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 254 443
etag
W/"66e0662d-ba5"
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 15:30:53 GMT
server
nginx
vary
Accept-Encoding
e-202441.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202441.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT ams
etag
W/14421-1717166113627.1218
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Sun, 05 Oct 2025 10:17:25 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
akismet-frontend.js
news.sophos.com/wp-content/mu-plugins/akismet/_inc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/mu-plugins/akismet/_inc/akismet-frontend.js?m=1725466130g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 254 443
etag
W/"66d88612-2c7c"
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
last-modified
Wed, 04 Sep 2024 16:08:50 GMT
server
nginx
vary
Accept-Encoding
sophos-ransomware-web-banner-1200x628px-option-2.png
news.sophos.com/wp-content/uploads/2021/05/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2021/05/sophos-ransomware-web-banner-1200x628px-option-2.png?w=640
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d93cea00230540bc488dbe3afab54b37f88bd1b65aeb9bb576edaa7b8d0b4035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 202 443
etag
"3d884a5f4a28587b"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
170202
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Fri, 10 May 2024 17:45:46 GMT
server
nginx
vary
Accept
sophos-edr-news-blog-image-838x440px@2x.png
news.sophos.com/wp-content/uploads/2021/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2021/05/sophos-edr-news-blog-image-838x440px@2x.png?w=640
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1fa648f58cc0b3ce7d4574578aeb59038d1b5ddc00de3f568655be62a1d5c0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 86 443
etag
"6c0f474bfb278822"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
21526
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Thu, 30 May 2024 05:05:17 GMT
server
nginx
vary
Accept
sophos-xdr.png
news.sophos.com/wp-content/uploads/2021/05/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2021/05/sophos-xdr.png?w=640
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
56c4c9c31e9c4febdaaed356a15c9566084977d2a7a86842b14e9af3a71f9baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 92 443
etag
"ec425809dad41d82"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
109794
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/webp
last-modified
Thu, 30 May 2024 05:05:17 GMT
server
nginx
vary
Accept
SophosSans-Light.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Light.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
ams8 111 254 443
etag
"66abc5cb-62e4"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
25316
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/font-woff2
last-modified
Thu, 01 Aug 2024 17:28:43 GMT
server
nginx
SophosSans-Medium.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Medium.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
ams8 111 254 443
etag
"66abc5cb-67a4"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
26532
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/font-woff2
last-modified
Thu, 01 Aug 2024 17:28:43 GMT
server
nginx
SophosSans-Semibold.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Semibold.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722533323g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
ams8 111 254 443
etag
"66abc5cb-6828"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
26664
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/font-woff2
last-modified
Thu, 01 Aug 2024 17:28:43 GMT
server
nginx
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjFEOAiEMBS8kICVmv4xnaUizC0ohtLoeX8xeYEne12Tmub2ZWFmJ1elGhcRJbVsVpl0MXP3isowNqT4TmQ9YsH4AewCb5eJOfcTaJ2z6akc57x/IvjW95quIpWFaeTps2JWpT3crTid/NqJHufsF4BZCgJB/oGigNw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
gzip
age
6669
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:123:0"}],}
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 18:53:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 16:53:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:123:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17093
server
Golfe2
elqCfg.min.js
img03.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/elqCfg.min.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjFEOAiEMBS8kICVmv4xnaUizC0ohtLoeX8xeYEne12Tmub2ZWFmJ1elGhcRJbVsVpl0MXP3isowNqT4TmQ9YsH4AewCb5eJOfcTaJ2z6akc57x/IvjW95quIpWFaeTps2JWpT3crTid/NqJHufsF4BZCgJB/oGigNw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-216-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
ETag
"5fbd42741dd4da1:0"
X-Content-Type-Options
nosniff
Expires
Fri, 11 Oct 2024 18:44:48 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Date
Fri, 11 Oct 2024 18:44:48 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 12 Jul 2024 05:36:33 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-store
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2183
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		298 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ddfb5e73bbea0d08727a00d88ef32351dc3b32ed7c92eacf3fbe9a8dd848fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 18:44:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104959
x-xss-protection
0
server
Google Tag Manager
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1463790509&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Location-based%20threats%3A%20How%20cybercriminals%20target%20you%20based%20on%20where%20you%20live%20%E2%80%93%20Sophos%20News&utmhid=1245708371&utmr=-&utmp=%2Fcorpblog%2Fen-us%2F2016%2F05%2F03%2Flocation-based-ransomware-threat-research%2F&utmht=1728672287719&utmac=UA-737537-1&utmcc=__utma%3D1.552465659.1728672288.1728672288.1728672288.1%3B%2B__utmz%3D1.1728672288.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1270873691&utmredir=3&utmu=q1CAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:143:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 18:44:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:143:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=128410395&utmhn=news.sophos.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Location-based%20threats%3A%20How%20cybercriminals%20target%20you%20based%20on%20where%20you%20live%20%E2%80%93%20Sophos%20News&utmhid=1245708371&utmr=-&utmp=%2Fen-us%2F2016%2F05%2F03%2Flocation-based-ransomware-threat-research%2F&utmht=1728672287722&utmac=UA-737537-53&utmcc=__utma%3D204943247.1382180776.1728672288.1728672288.1728672288.1%3B%2B__utmz%3D204943247.1728672288.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1589315258&utmredir=3&utmmt=1&utmu=q1CgAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:143:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 18:44:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:143:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=166161023&post=31356&tz=-4&srv=news.sophos.com&hp=vip&j=1%3A13.8.1&host=news.sophos.com&ref=&fcp=0&rand=0.21382552595940263
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
image/gif
server
nginx
wp-emoji-release.min.js
news.sophos.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
ams8 111 254 443
etag
W/"66e0662d-4926"
accept-ranges
bytes
x-cache
HIT
date
Fri, 11 Oct 2024 18:44:47 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 15:30:53 GMT
server
nginx
vary
Accept-Encoding
cropped-sophos.png
news.sophos.com/wp-content/uploads/2020/01/ 		262 B
508 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d4a08e8e72a67872279469a89ca78eef19b19d15da89506562629ef8f2c541a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/2016/05/03/location-based-ransomware-threat-research/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
ams8 109 92 443
etag
"529d3975430642cb"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
262
date
Fri, 11 Oct 2024 18:44:48 GMT
content-type
image/webp
last-modified
Sat, 11 May 2024 15:02:04 GMT
server
nginx
vary
Accept
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V88TEQ7EYL&gtm=45je4a90v9105765022z89102479716za200zb9102479716&_p=1728672287547&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101533422~101671035~101686685&cid=1858519645.1728672288&ul=de-de&are=1&frm=0&pscdl=denied&_geo=1&_rdi=1&_s=1&sid=1728672287&sct=1&seg=0&dl=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2016%2F05%2F03%2Flocation-based-ransomware-threat-research%2F&dt=Location-based%20threats%3A%20How%20cybercriminals%20target%20you%20based%20on%20where%20you%20live%20%E2%80%93%20Sophos%20News&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1465
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://news.sophos.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 18:44:48 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
news.sophos.com
URL
blob:https://news.sophos.com/89cf45e3-ed01-471e-b0cb-1fa5a63bbd88

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| _wpemojiSettings function| jQuery object| PG8Data object| PG8 object| Sophos function| Cookies object| Stickyfill function| Spinner function| Tether function| Drop object| _gaq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _gat object| gaGlobal object| Alpine object| addComment function| st_go function| linktracker_init object| wpcom object| _stq object| twemoji object| wp object| _elqQ object| _elq

11 Cookies

Domain/Path Name / Value
.sophos.com/ Name: CampaignID
Value: 70130000001xKqzAAE
.sophos.com/ Name: __utma
Value: 1.552465659.1728672288.1728672288.1728672288.1
.sophos.com/ Name: __utmc
Value: 1
.sophos.com/ Name: __utmz
Value: 1.1728672288.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.sophos.com/ Name: __utmt
Value: 1
.sophos.com/ Name: __utmb
Value: 1.1.10.1728672288
.news.sophos.com/ Name: __utma
Value: 204943247.1382180776.1728672288.1728672288.1728672288.1
.news.sophos.com/ Name: __utmc
Value: 204943247
.news.sophos.com/ Name: __utmz
Value: 204943247.1728672288.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.news.sophos.com/ Name: __utmt_news
Value: 1
.news.sophos.com/ Name: __utmb
Value: 204943247.1.10.1728672288

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img03.en25.com
news.sophos.com
pixel.wp.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
unpkg.com
www.googletagmanager.com
news.sophos.com
184.25.216.9
192.0.76.3
2001:4860:4802:32::36
2606:4700::6811:f5cb
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a04:fa87:fffd::c000:42e3
11ef9c10a9a5cb3b67c600a654b6e32b2a022673a0c7045870e9597c9f712605
1fa648f58cc0b3ce7d4574578aeb59038d1b5ddc00de3f568655be62a1d5c0ec
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3ddfb5e73bbea0d08727a00d88ef32351dc3b32ed7c92eacf3fbe9a8dd848fd3
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
56c4c9c31e9c4febdaaed356a15c9566084977d2a7a86842b14e9af3a71f9baa
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
7f262ce89627332dcc95f9d95460dd1522f1ce5c57ac82d66cf2b85f79545dcd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834c4a8fb5481b3fb18944b9309cf33b7532a36e84f064c84c16385a5cdf2348
856d39e77f8760bd4e62afdebe352159c91273c489e811e85fc6b23a8c74c6ba
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9bbc7b9796b3b1e4d8c0e895be412a31160a43dcd2c7c5ae5afc8013293053b6
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
b13fc736342e17665f89bdc5f614e8d9ccea4eab56d84ca338dce550218938da
b1f8057091e3df8aeed34c3af582e134be0d41fe03f632116128d52d6156efda
c0ef5d88325642180635eefe64e093b230dab8b0af4240f6ac4d0020138713b2
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
d4a08e8e72a67872279469a89ca78eef19b19d15da89506562629ef8f2c541a5
d93cea00230540bc488dbe3afab54b37f88bd1b65aeb9bb576edaa7b8d0b4035
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5