urlscan.io logo urlscan.io
SecurityTrails logo

news.sophos.com Open in urlscan Pro
2a04:fa87:fffd::c000:42e3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blogs.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Effective URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Submission: On May 26 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:42e3, located in Ireland and belongs to AUTOMATTIC, US. The main domain is news.sophos.com. The Cisco Umbrella rank of the primary domain is 324603.
TLS certificate: Issued by R3 on April 1st 2023. Valid for: 3 months.
This is the only time news.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    2a04:fa87:fffd::c000:42e3 (Ireland)

ASN2635 (AUTOMATTIC, US)
blogs.sophos.com
news.sophos.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.201.242.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-242-231.deploy.static.akamaitechnologies.com
img03.en25.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
9570324.fls.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.it
Apex Domain
Subdomains		 Transfer
21 sophos.com
blogs.sophos.com
news.sophos.com — Cisco Umbrella Rank: 324603
838 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
9570324.fls.doubleclick.net — Cisco Umbrella Rank: 376523
19 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 22201
adservice.google.it — Cisco Umbrella Rank: 54302
923 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
1 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2626
pixel.wp.com — Cisco Umbrella Rank: 2471
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
171 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
254 B
1 en25.com
img03.en25.com — Cisco Umbrella Rank: 20285
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
9 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1832
5 KB
33 10
Domain Requested by
20 news.sophos.com 1 redirects news.sophos.com
3 stats.g.doubleclick.net 1 redirects news.sophos.com
2 9570324.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com news.sophos.com
www.googletagmanager.com
1 adservice.google.it adservice.google.com
1 adservice.google.com 9570324.fls.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.it news.sophos.com
1 www.google.com 1 redirects
1 pixel.wp.com news.sophos.com
1 img03.en25.com news.sophos.com
1 stats.wp.com news.sophos.com
1 cdn.jsdelivr.net news.sophos.com
1 secure.gravatar.com news.sophos.com
1 blogs.sophos.com 1 redirects
33 15
Subject Issuer Validity Valid
news.sophos.com
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-21 -
2024-05-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.it
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Frame ID: 793F1B1235662F64380AF7434D7BCFD4
Requests: 30 HTTP requests in this frame

Frame: https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Frame ID: A5D30CC5A71C94F3D399A28390E8FA70
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Frame ID: FB0712576FD433E3193F984B57A80374
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.it/ddm/fls/i/dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Frame ID: AF0DE656849F691454D9FEF939159B22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The current state of ransomware: TorrentLocker – Sophos News

Page URL History Show full URLs

  1. https://blogs.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/ HTTP 301
    https://news.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/ HTTP 301
    https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

33
Requests

97 %
HTTPS

77 %
IPv6

10
Domains

15
Subdomains

12
IPs

4
Countries

1050 kB
Transfer

1608 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blogs.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/ HTTP 301
    https://news.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/ HTTP 301
    https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=152947582&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20current%20state%20of%20ransomware%3A%20TorrentLocker%20%E2%80%93%20Sophos%20News&utmhid=490043555&utmr=-&utmp=%2Fcorpblog%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F&utmht=1685089798583&utmac=UA-737537-1&utmcc=__utma%3D1.1366658718.1685089799.1685089799.1685089799.1%3B%2B__utmz%3D1.1685089799.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=723036631&utmredir=3&utmu=q1CAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582 HTTP 302
  • https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582&slf_rd=1&random=3728494558
Request Chain 27
  • https://9570324.fls.doubleclick.net/activityi;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F HTTP 302
  • https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Redirect Chain
  • https://blogs.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/
  • https://news.sophos.com/2015/12/23/the-current-state-of-ransomware-torrentlocker/
  • https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
83 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
770cb166a1a9484d5ad24ddcd453d8b5ce5698d1f00c2b43ac759c188fb73ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 08:29:58 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://news.sophos.com/wp-json/>; rel="https://api.w.org/" <https://news.sophos.com/wp-json/wp/v2/posts/30419>; rel="alternate"; type="application/json" <https://news.sophos.com/?p=30419>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
mxp2 111 253 443

Redirect headers

age
0
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 08:29:57 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
server
nginx
strict-transport-security
max-age=31536000
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
mxp2 111 254 443
style.min.css
news.sophos.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/css/dist/block-library/style.min.css?m=1684764845g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 22 May 2023 14:14:05 GMT
server
nginx
x-rq
mxp2 111 254 443
etag
W/"646b78ad-17ced"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
/
news.sophos.com/_static/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGppZmJibmViYmAIARQIu8A==
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Mon, 22 May 2023 14:14:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15521
/
news.sophos.com/_static/ 		512 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css,/wp-includes/css/classic-themes.min.css?m=1685032884
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dabfe5e004cb6e7cbaf2aa26f9ab0d80104a898c7523904b0f6d3b658d38a4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Thu, 25 May 2023 16:41:24 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
512
/
news.sophos.com/_static/ 		153 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c2cf7fa431fbdc22a30eaa3b547c5453f9598ac3ea8735d1afc744af19399e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 254 443
last-modified
Thu, 25 May 2023 16:41:36 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
156484
/
news.sophos.com/_static/ 		101 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZhYm5mYmFiWkWAK/HIi0=
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03163fb7b374fe2300420baafc172c762df151ebe6299d6b23c4d9d683c67c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 254 443
last-modified
Mon, 22 May 2023 14:14:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
103243
gtm.js
www.googletagmanager.com/ 		320 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dd7dda58f61c074a25ea401c8e6d1f198222659b5b89810c3b582182703b780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100879
x-xss-protection
0
last-modified
Fri, 26 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 May 2023 08:29:58 GMT
wp-emoji-release.min.js
news.sophos.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 22 May 2023 14:14:06 GMT
server
nginx
x-rq
mxp2 111 254 443
etag
W/"646b78ae-4904"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
ransomware-150.png
news.sophos.com/wp-content/uploads/2015/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2015/12/ransomware-150.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
de35cf1643aec2d5e935a162565bac412cdd96ce8f980a46feadcd71ad10b4ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 109 84 443
last-modified
Fri, 26 May 2023 08:29:58 GMT
server
nginx
etag
"e8dfff73dbd8e654"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9256
avatar-three.png
news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-three.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b85ed9ff65cb89798ff1ac4b0d9a9b2c2d14f27a949ac3c19bae5c228ecc8f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 254 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
etag
"642a5cba-7ba"
x-cache
HIT
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1978
avatar-two.png
news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-two.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6a71b6aa693b3084d28e6dfd65755fe543c24278fac68b175b3b5fcdda059577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
etag
"642a5cba-637"
x-cache
HIT
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1591
025c4bb891cbc5a1bb24a4854f823e48
secure.gravatar.com/avatar/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/025c4bb891cbc5a1bb24a4854f823e48?s=60&d=blank&r=g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c9e5ce4a745398c82c6afcbb22d8d8c9c42e42869a2831d0e66830943ca80a8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc
HIT mxp 3
date
Fri, 26 May 2023 08:29:58 GMT
last-modified
Thu, 20 Apr 2023 22:05:59 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="025c4bb891cbc5a1bb24a4854f823e48.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/025c4bb891cbc5a1bb24a4854f823e48?s=60&d=blank&r=g>; rel="canonical"
content-length
5262
expires
Fri, 26 May 2023 08:34:58 GMT
/
news.sophos.com/_static/ 		135 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJyVjEsOwjAMBS9EvgJaFoizRJHVJhAnig3l+AT1ArX0VqOZZ7amYkUGZMMrFCBDta2VEDZS3rrJZBobUn0mUB+vvXYD6B3oTCdz6CPWLrDhyz3QcX9H+s3pJa9iKC2kBcVhC50Rurhbgjj5sxE9yt1dZ3u+TfPF5h+gzKBI
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
138068
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/alpine.min.js?ver=2.0.1
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 May 2023 08:29:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
1487897
x-jsd-version
2.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9041
x-served-by
cache-fra-eddf8230065-FRA, cache-mxp6920-MXP
x-jsd-version-type
version
etag
W/"6964-M33llwtEtRbUwMPPG0SKpWL3vX8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
/
news.sophos.com/_static/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??/wp-includes/js/comment-reply.min.js,/wp-content/mu-plugins/akismet/_inc/akismet-frontend.js?m=1685032882j
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04ad4c921bf8da03b20e88656f4e840ed22d6010290705a45a81072fc42af91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 254 443
last-modified
Thu, 25 May 2023 16:41:22 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13718
e-202321.js
stats.wp.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202321.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc
HIT mxp
date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
br
last-modified
Fri, 19 May 2023 02:56:22 GMT
server
nginx
etag
W/"6466e556-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 19 May 2024 21:22:04 GMT
sophos-ransomware-web-banner-1200x628px-option-2.png
news.sophos.com/wp-content/uploads/2021/05/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2021/05/sophos-ransomware-web-banner-1200x628px-option-2.png?w=640
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d93cea00230540bc488dbe3afab54b37f88bd1b65aeb9bb576edaa7b8d0b4035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 109 139 443
last-modified
Wed, 03 May 2023 18:03:02 GMT
server
nginx
etag
"3829e4230e8aafcf"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
170202
/
news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
age
0
x-powered-by
WordPress VIP <https://wpvip.com>
x-cache
hit
host-header
a9130478a60e5f9135f765b23f26593b
content-length
23298
x-rq
mxp2 111 253 443
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=300, must-revalidate
accept-ranges
bytes
link
<https://news.sophos.com/wp-json/>; rel="https://api.w.org/", <https://news.sophos.com/wp-json/wp/v2/posts/30419>; rel="alternate"; type="application/json", <https://news.sophos.com/?p=30419>; rel=shortlink
SophosSans-Light.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Light.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Origin
https://news.sophos.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
etag
"642a5cba-62e4"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25316
SophosSans-Medium.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Medium.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Origin
https://news.sophos.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 254 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
etag
"642a5cba-67a4"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26532
SophosSans-Semibold.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Semibold.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.sophos.com/_static/??/wp-content/themes/sophosnews-2017/style-2021.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1685032896
Origin
https://news.sophos.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 111 253 443
last-modified
Mon, 03 Apr 2023 04:57:30 GMT
server
nginx
etag
"642a5cba-6828"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26664
figure-1-torrentlocker-office-of-state-revenue-spam.png
news.sophos.com/wp-content/uploads/2015/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2015/12/figure-1-torrentlocker-office-of-state-revenue-spam.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
092d3e0daf1e4670efcbd6afa13196ec9525d9a045bea4dbeca8c4d7859a247e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 109 142 443
last-modified
Fri, 26 May 2023 08:29:58 GMT
server
nginx
etag
"31eff2b978aa7601"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35420
figure-2-torrentlocker-royal-mail-spam.png
news.sophos.com/wp-content/uploads/2015/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.sophos.com/wp-content/uploads/2015/12/figure-2-torrentlocker-royal-mail-spam.png
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b1dabfd8c891f8dc85b58fa6ae8a535222693d59dc76b5fe160752510f01601f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
strict-transport-security
max-age=31536000
x-rq
mxp2 109 198 443
last-modified
Fri, 26 May 2023 08:29:58 GMT
server
nginx
etag
"e17bb493142093d4"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4224
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjEsOwjAMBS9EvgJaFoizRJHVJhAnig3l+AT1ArX0VqOZZ7amYkUGZMMrFCBDta2VEDZS3rrJZBobUn0mUB+vvXYD6B3oTCdz6CPWLrDhyz3QcX9H+s3pJa9iKC2kBcVhC50Rurhbgjj5sxE9yt1dZ3u+TfPF5h+gzKBI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 May 2023 07:54:23 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2135
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
expires
Fri, 26 May 2023 09:54:23 GMT
elqCfg.min.js
img03.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/elqCfg.min.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjEsOwjAMBS9EvgJaFoizRJHVJhAnig3l+AT1ArX0VqOZZ7amYkUGZMMrFCBDta2VEDZS3rrJZBobUn0mUB+vvXYD6B3oTCdz6CPWLrDhyz3QcX9H+s3pJa9iKC2kBcVhC50Rurhbgjj5sxE9yt1dZ3u+TfPF5h+gzKBI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-242-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 26 May 2023 08:29:58 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
2183
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 06 Apr 2023 15:05:41 GMT
ETag
"12a0ef409968d91:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Fri, 26 May 2023 08:29:58 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=166161023&post=30419&tz=-4&srv=news.sophos.com&hp=vip&j=1%3A12.0&host=news.sophos.com&ref=&fcp=1419&rand=0.9747777188312388
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 May 2023 08:29:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ga-audiences
www.google.it/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=152947582&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=2...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582
  • https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582&slf_rd=1&random=3728494558
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582&slf_rd=1&random=3728494558
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 08:29:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 08:29:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1366658718.1685089799&jid=723036631&_v=5.7.2dc&z=152947582&slf_rd=1&random=3728494558
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=2002599766&utmhn=news.sophos.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20current%20state%20of%20ransomware%3A%20TorrentLocker%20%E2%80%93%20Sophos%20News&utmhid=490043555&utmr=-&utmp=%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F&utmht=1685089798587&utmac=UA-737537-53&utmcc=__utma%3D204943247.840841480.1685089799.1685089799.1685089799.1%3B%2B__utmz%3D204943247.1685089799.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1631104682&utmredir=3&utmmt=1&utmu=q1CgAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/2015/12/23/the-current-state-of-ransomware-torrentlocker/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 May 2023 08:29:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%...
9570324.fls.doubleclick.net/ Frame A5D3
Redirect Chain
  • https://9570324.fls.doubleclick.net/activityi;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F2...
  • https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews....
710 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
cadc9c825aa5f344041ed1c0d4ae470dd501691a4a8e9a2558f66da36d11a1bf
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.sophos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
341
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 08:29:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 08:29:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		200 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
089fa54518f43d2cb80f3f94e5cd2f0e7f3869ea3446ec3cbc0686a54ae56a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:29:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73562
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 May 2023 08:29:58 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V88TEQ7EYL&gtm=45je35o0&_p=490043555&cid=341783406.1685089799&ul=en-us&_geo=1&_rdi=1&ngs=1&_s=1&sid=1685089798&sct=1&seg=0&dl=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F&dt=The%20current%20state%20of%20ransomware%3A%20TorrentLocker%20%E2%80%93%20Sophos%20News&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://news.sophos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 08:29:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.sophos.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-curr...
adservice.google.com/ddm/fls/i/ Frame FB07 		709 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Requested by
Host: 9570324.fls.doubleclick.net
URL: https://9570324.fls.doubleclick.net/activityi;dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b73ab62a7e733ae1de2e5f52e9b3ffd932e7704f1083214d46b3a11c8fdbdab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9570324.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
341
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 08:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-curr...
adservice.google.it/ddm/fls/i/ Frame AF0D 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/ddm/fls/i/dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMmb-9bIkv8CFQJ2GQodxmED6w;src=9570324;type=sopapj;cat=sopho00;ord=8684869560637;gtm=45He35o0;auiddc=261278284.1685089799;u1=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fnews.sophos.com%2Fen-us%2F2015%2F12%2F23%2Fthe-current-state-of-ransomware-torrentlocker%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 May 2023 08:29:59 GMT
expires
Fri, 26 May 2023 08:29:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| PG8Data object| PG8 object| Sophos function| Cookies object| Stickyfill function| Spinner function| Tether function| Drop object| _gaq object| Alpine object| addComment object| _stq object| twemoji object| wp function| st_go function| linktracker_init object| wpcom object| _gat object| gaGlobal object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _elqQ object| _elq

15 Cookies

Domain/Path Name / Value
.sophos.com/ Name: CampaignID
Value: 70130000001xKqzAAE
.sophos.com/ Name: __utma
Value: 1.1366658718.1685089799.1685089799.1685089799.1
.sophos.com/ Name: __utmc
Value: 1
.sophos.com/ Name: __utmz
Value: 1.1685089799.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.sophos.com/ Name: __utmt
Value: 1
.sophos.com/ Name: __utmb
Value: 1.1.10.1685089799
.news.sophos.com/ Name: __utma
Value: 204943247.840841480.1685089799.1685089799.1685089799.1
.news.sophos.com/ Name: __utmc
Value: 204943247
.news.sophos.com/ Name: __utmz
Value: 204943247.1685089799.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.news.sophos.com/ Name: __utmt_news
Value: 1
.news.sophos.com/ Name: __utmb
Value: 204943247.1.10.1685089799
.sophos.com/ Name: _gcl_au
Value: 1.1.261278284.1685089799
.sophos.com/ Name: _ga_V88TEQ7EYL
Value: GS1.1.1685089798.1.0.1685089798.0.0.0
.sophos.com/ Name: _ga
Value: GA1.1.341783406.1685089799
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9570324.fls.doubleclick.net
adservice.google.com
adservice.google.it
blogs.sophos.com
cdn.jsdelivr.net
img03.en25.com
news.sophos.com
pixel.wp.com
region1.google-analytics.com
secure.gravatar.com
stats.g.doubleclick.net
stats.wp.com
www.google.com
www.google.it
www.googletagmanager.com
142.250.185.230
192.0.76.3
2001:4860:4802:34::36
23.201.242.231
2a00:1450:4001:801::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0a::9c
2a04:4e42::485
2a04:fa87:fffd::c000:42e3
2a04:fa87:fffe::c000:4902
03163fb7b374fe2300420baafc172c762df151ebe6299d6b23c4d9d683c67c4e
04ad4c921bf8da03b20e88656f4e840ed22d6010290705a45a81072fc42af91e
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
089fa54518f43d2cb80f3f94e5cd2f0e7f3869ea3446ec3cbc0686a54ae56a5e
092d3e0daf1e4670efcbd6afa13196ec9525d9a045bea4dbeca8c4d7859a247e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
4c2cf7fa431fbdc22a30eaa3b547c5453f9598ac3ea8735d1afc744af19399e3
4dd7dda58f61c074a25ea401c8e6d1f198222659b5b89810c3b582182703b780
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5b73ab62a7e733ae1de2e5f52e9b3ffd932e7704f1083214d46b3a11c8fdbdab
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6a71b6aa693b3084d28e6dfd65755fe543c24278fac68b175b3b5fcdda059577
770cb166a1a9484d5ad24ddcd453d8b5ce5698d1f00c2b43ac759c188fb73ddc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9c9e5ce4a745398c82c6afcbb22d8d8c9c42e42869a2831d0e66830943ca80a8
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b1dabfd8c891f8dc85b58fa6ae8a535222693d59dc76b5fe160752510f01601f
b85ed9ff65cb89798ff1ac4b0d9a9b2c2d14f27a949ac3c19bae5c228ecc8f38
cadc9c825aa5f344041ed1c0d4ae470dd501691a4a8e9a2558f66da36d11a1bf
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
d93cea00230540bc488dbe3afab54b37f88bd1b65aeb9bb576edaa7b8d0b4035
dabfe5e004cb6e7cbaf2aa26f9ab0d80104a898c7523904b0f6d3b658d38a4fe
de35cf1643aec2d5e935a162565bac412cdd96ce8f980a46feadcd71ad10b4ee
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530