urlscan.io logo urlscan.io
SecurityTrails logo

news.sophos.com Open in urlscan Pro
2a04:fa87:fffd::c000:42e3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.sophos.com/en-us////cx-dll-sideloading-attack
Effective URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Submission: On December 25 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:42e3, located in Ireland and belongs to AUTOMATTIC, US. The main domain is news.sophos.com. The Cisco Umbrella rank of the primary domain is 365112.
TLS certificate: Issued by E6 on December 11th 2024. Valid for: 3 months.
This is the only time news.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 18.172.112.77 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.37.51.81 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
25 9
14    2a04:fa87:fffd::c000:42e3 (Ireland)

ASN2635 (AUTOMATTIC, US)
news.sophos.com
1    18.172.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-77.fra60.r.cloudfront.net
cdn-images.mailchimp.com
2    2606:4700::6811:f9cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.37.51.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-51-81.deploy.static.akamaitechnologies.com
img03.en25.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 sophos.com
news.sophos.com — Cisco Umbrella Rank: 365112
248 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
273 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3804
pixel.wp.com — Cisco Umbrella Rank: 3757
3 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
26 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 en25.com
img03.en25.com — Cisco Umbrella Rank: 27496
3 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 6874
2 KB
25 8
Domain Requested by
14 news.sophos.com 1 redirects news.sophos.com
3 stats.g.doubleclick.net news.sophos.com
2 www.googletagmanager.com news.sophos.com
www.googletagmanager.com
2 unpkg.com 1 redirects news.sophos.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com news.sophos.com
1 img03.en25.com news.sophos.com
1 stats.wp.com news.sophos.com
1 cdn-images.mailchimp.com news.sophos.com
25 9

This site contains links to these domains. Also see Links.

Domain
www.sophos.com
secure.ethicspoint.eu
Subject Issuer Validity Valid
news.sophos.com
E6		 2024-12-11 -
2025-03-11		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2024-06-24 -
2025-07-22		 a year crt.sh
wp.com
E6		 2024-12-09 -
2025-03-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-07-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Frame ID: C2BFD7F2B8B58D2338E4CE7BC7ED8088
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – Sophos News

Page URL History Show full URLs

  1. https://news.sophos.com/en-us////cx-dll-sideloading-attack HTTP 301
    https://news.sophos.com/en-us/cx-dll-sideloading-attack Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn-images\.mailchimp\.com/[^>]*\.css

Page Statistics

25
Requests

92 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

572 kB
Transfer

1748 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.sophos.com/en-us////cx-dll-sideloading-attack HTTP 301
    https://news.sophos.com/en-us/cx-dll-sideloading-attack Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js?ver=2.0.3 HTTP 302
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cx-dll-sideloading-attack
news.sophos.com/en-us/
Redirect Chain
  • https://news.sophos.com/en-us////cx-dll-sideloading-attack
  • https://news.sophos.com/en-us/cx-dll-sideloading-attack
45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9fbca2df047bf5bb25a70cd46e0647f2cc84a434cd47b27075847c4444f00d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 08:11:56 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://news.sophos.com/wp-json/>; rel="https://api.w.org/"
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
MISS
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn2 111 253 443

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 08:11:55 GMT
host-header
a9130478a60e5f9135f765b23f26593b
location
https://news.sophos.com/en-us/cx-dll-sideloading-attack
server
nginx
strict-transport-security
max-age=31536000
x-cache
MISS
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-redirect-by
WordPress
x-rq
hhn2 111 254 443
style.min.css
news.sophos.com/wp-includes/css/dist/block-library/ 		112 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/css/dist/block-library/style.min.css?m=1732206022g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 253 443
etag
W/"673f5dc6-1c012"
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/css
last-modified
Thu, 21 Nov 2024 16:20:22 GMT
server
nginx
vary
Accept-Encoding
/
news.sophos.com/_static/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobGxkZmBkYGQMARIMu1Q==
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 254 443
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 21 Nov 2024 16:20:23 GMT
related-posts-block-styles.min.css
news.sophos.com/wp-content/mu-plugins/search/elasticpress/dist/css/ 		222 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?m=1730999764g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
hhn2 111 253 443
etag
"672cf5d4-de"
accept-ranges
bytes
x-cache
HIT
content-length
222
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/css
last-modified
Thu, 07 Nov 2024 17:16:04 GMT
server
nginx
style-2021.css
news.sophos.com/wp-content/themes/sophosnews-2017/ 		63 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11ef9c10a9a5cb3b67c600a654b6e32b2a022673a0c7045870e9597c9f712605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 254 443
etag
W/"66b201c6-fb91"
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/css
last-modified
Tue, 06 Aug 2024 10:58:14 GMT
server
nginx
vary
Accept-Encoding
/
news.sophos.com/_static/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5sZGRgZmBkXEWAK8tIhI=
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 253 443
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 21 Nov 2024 16:20:23 GMT
classic-061523.css
cdn-images.mailchimp.com/embedcode/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-061523.css
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"0d26555d70e62981c5039c0b5d571de9"
x-amz-version-id
TLAqQVoBq2Hb5kr9KSEXmPqr6DohswZo
age
23696
via
1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
46eRFWjJbY7uf1rXb1XHc_yQJy4zh044UYNZ21uVPBZyttdKza5dAg==
date
Wed, 25 Dec 2024 01:37:01 GMT
content-type
text/css
last-modified
Tue, 21 Nov 2023 20:06:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
/
news.sophos.com/_static/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/_static/??-eJyVjFEOwiAQBS8ku0Ka1H4Yz0LIpgVlIexqPb6YXqAk72sy83CvJhRWYkXdKJOglLoVYdrFuKudMUlfl8ozkvk4cGA7gANAkgue+gilDdj01eblvH8geGt8jVfB5+rjysNh9U2Z2nC3+uHkz3r0yHc7O7dM9rZM6Qegq6BH
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 254 443
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Tue, 06 Aug 2024 10:58:14 GMT
alpine.js
unpkg.com/alpinejs@2.8.1/dist/
Redirect Chain
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js?ver=2.0.3
  • https://unpkg.com/alpinejs@2.8.1/dist/alpine.js
75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@2.8.1/dist/alpine.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ef5d88325642180635eefe64e093b230dab8b0af4240f6ac4d0020138713b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"12cbb-bpXmlqHGZCDMOrq5PlgCDbjJFNQ"
age
2333574
x-content-type-options
nosniff
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JDRWFM0XWAMNPF2MB1RTM3KG-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f775cfc8e21d222-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
location
/alpinejs@2.8.1/dist/alpine.js
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8f775cfc5dfbd222-FRA
access-control-allow-origin
*
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFYDYPE1BVEH7HDAHGFWXZZ4-fra
server
cloudflare
sophos-mc-validate.js
news.sophos.com/wp-content/themes/sophosnews-2017/js/ 		140 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/js/sophos-mc-validate.js?m=1730121999g
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c354463db409e3272dfa7f1180746f1c685ad67955c67bf79c4463b726f77a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 253 443
etag
W/"671f910f-230c2"
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 13:26:39 GMT
server
nginx
vary
Accept-Encoding
e-202452.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202452.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT hhn
etag
W/14421-1717166113530.9253
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Sat, 20 Dec 2025 10:18:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
19e4a407-dcd6-4621-8c98-8239b462549d
https://news.sophos.com/ 		0
0
gtm.js
www.googletagmanager.com/ 		518 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ecdbbe5a8ff53d2eaaec35f938c364667c6fd330560672e375b3258b6553323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 25 Dec 2024 08:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
147867
x-xss-protection
0
server
Google Tag Manager
SophosSans-Light.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Light.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
hhn2 111 254 443
etag
"66b201c6-62e4"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
25316
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/font-woff2
last-modified
Tue, 06 Aug 2024 10:58:14 GMT
server
nginx
SophosSans-Medium.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Medium.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
hhn2 111 253 443
etag
"66b201c6-67a4"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
26532
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/font-woff2
last-modified
Tue, 06 Aug 2024 10:58:14 GMT
server
nginx
SophosSans-Semibold.woff2
news.sophos.com/wp-content/themes/sophosnews-2017/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/themes/sophosnews-2017/fonts/SophosSans-Semibold.woff2
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://news.sophos.com
Referer
https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=300, must-revalidate
x-rq
hhn2 111 253 443
etag
"66b201c6-6828"
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
26664
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/font-woff2
last-modified
Tue, 06 Aug 2024 10:58:14 GMT
server
nginx
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjFEOwiAQBS8ku0Ka1H4Yz0LIpgVlIexqPb6YXqAk72sy83CvJhRWYkXdKJOglLoVYdrFuKudMUlfl8ozkvk4cGA7gANAkgue+gilDdj01eblvH8geGt8jVfB5+rjysNh9U2Z2nC3+uHkz3r0yHc7O7dM9rZM6Qegq6BH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
gzip
age
2427
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:123:0"}],}
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 09:31:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 07:31:29 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:123:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
17093
server
Golfe2
elqCfg.min.js
img03.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/elqCfg.min.js
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/_static/??-eJyVjFEOwiAQBS8ku0Ka1H4Yz0LIpgVlIexqPb6YXqAk72sy83CvJhRWYkXdKJOglLoVYdrFuKudMUlfl8ozkvk4cGA7gANAkgue+gilDdj01eblvH8geGt8jVfB5+rjysNh9U2Z2nC3+uHkz3r0yHc7O7dM9rZM6Qegq6BH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.51.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-51-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
ETag
"cae7da887413db1:0"
X-Content-Type-Options
nosniff
Expires
Wed, 25 Dec 2024 08:11:56 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Date
Wed, 25 Dec 2024 08:11:56 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 30 Sep 2024 20:08:37 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-store
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2183
X-XSS-Protection
1; mode=block
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=166161023&post=0&tz=-5&srv=news.sophos.com&hp=vip&j=1%3A14.0&host=news.sophos.com&ref=&fcp=632&rand=0.5921489097872243
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
image/gif
server
nginx
wp-emoji-release.min.js
news.sophos.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
content-encoding
br
x-rq
hhn2 111 254 443
etag
W/"673f5dc7-4926"
accept-ranges
bytes
x-cache
HIT
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 16:20:23 GMT
server
nginx
vary
Accept-Encoding
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1348933559&utmhn=news.sophos.com&utme=8(4!CampaignID)9(4!70130000001xKqzAAE)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Page%20not%20found%20%E2%80%93%20Sophos%20News&utmhid=1957878328&utmr=-&utmp=%2Fcorpblog%2Fen-us%2Fcx-dll-sideloading-attack&utmht=1735114316310&utmac=UA-737537-1&utmcc=__utma%3D1.1573464133.1735114316.1735114316.1735114316.1%3B%2B__utmz%3D1.1735114316.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2132605877&utmredir=3&utmu=q1CAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:143:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 08:11:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:143:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=2022146891&utmhn=news.sophos.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Page%20not%20found%20%E2%80%93%20Sophos%20News&utmhid=1957878328&utmr=-&utmp=%2Fen-us%2Fcx-dll-sideloading-attack&utmht=1735114316311&utmac=UA-737537-53&utmcc=__utma%3D204943247.1126930022.1735114316.1735114316.1735114316.1%3B%2B__utmz%3D204943247.1735114316.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=322820378&utmredir=3&utmmt=1&utmu=q1CgAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: news.sophos.com
URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:143:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 08:11:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:143:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
js
www.googletagmanager.com/gtag/ 		387 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c&gtm=45He4cc1v9102479716za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
599865aba9413df41ae14cd1245ec170be9dfa9a74011e298acfb2ec33b9fbcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 25 Dec 2024 08:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
130362
x-xss-protection
0
server
Google Tag Manager
cropped-sophos.png
news.sophos.com/wp-content/uploads/2020/01/ 		262 B
508 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:42e3 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d4a08e8e72a67872279469a89ca78eef19b19d15da89506562629ef8f2c541a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/en-us/cx-dll-sideloading-attack

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
hhn2 109 38 443
etag
"54b6711cbb8ea622"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
262
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
image/webp
last-modified
Sun, 27 Oct 2024 00:35:40 GMT
server
nginx
vary
Accept
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V88TEQ7EYL&gtm=45je4cc1v9105765022z89102479716za200zb9102479716&_p=1735114316190&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=944074196.1735114317&ul=de-de&are=1&frm=0&pscdl=denied&_geo=1&_rdi=1&_s=1&sid=1735114316&sct=1&seg=0&dl=https%3A%2F%2Fnews.sophos.com%2Fen-us%2Fcx-dll-sideloading-attack&dt=Page%20not%20found%20%E2%80%93%20Sophos%20News&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1306
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c&gtm=45He4cc1v9102479716za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://news.sophos.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://news.sophos.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 08:11:56 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
news.sophos.com
URL
blob:https://news.sophos.com/19e4a407-dcd6-4621-8c98-8239b462549d

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| _wpemojiSettings function| jQuery object| PG8Data object| PG8 object| Sophos function| Cookies object| Stickyfill function| Spinner function| Tether function| Drop object| _gaq object| Alpine function| $mcj object| mc object| fnames object| ftypes function| st_go function| linktracker_init object| wpcom object| _stq object| twemoji object| wp object| _gat object| gaGlobal object| _elqQ object| _elq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady

11 Cookies

Domain/Path Name / Value
.sophos.com/ Name: CampaignID
Value: 70130000001xKqzAAE
.sophos.com/ Name: __utma
Value: 1.1573464133.1735114316.1735114316.1735114316.1
.sophos.com/ Name: __utmc
Value: 1
.sophos.com/ Name: __utmz
Value: 1.1735114316.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.sophos.com/ Name: __utmt
Value: 1
.sophos.com/ Name: __utmb
Value: 1.1.10.1735114316
.news.sophos.com/ Name: __utma
Value: 204943247.1126930022.1735114316.1735114316.1735114316.1
.news.sophos.com/ Name: __utmc
Value: 204943247
.news.sophos.com/ Name: __utmz
Value: 204943247.1735114316.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.news.sophos.com/ Name: __utmt_news
Value: 1
.news.sophos.com/ Name: __utmb
Value: 204943247.1.10.1735114316

1 Console Messages

Source Level URL
Text
network error URL: https://news.sophos.com/en-us/cx-dll-sideloading-attack
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
img03.en25.com
news.sophos.com
pixel.wp.com
region1.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
unpkg.com
www.googletagmanager.com
news.sophos.com
18.172.112.77
192.0.76.3
2001:4860:4802:32::36
23.37.51.81
2606:4700::6811:f9cb
2a00:1450:4001:81c::2008
2a00:1450:400c:c06::9c
2a04:fa87:fffd::c000:42e3
11ef9c10a9a5cb3b67c600a654b6e32b2a022673a0c7045870e9597c9f712605
1ecdbbe5a8ff53d2eaaec35f938c364667c6fd330560672e375b3258b6553323
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041
599865aba9413df41ae14cd1245ec170be9dfa9a74011e298acfb2ec33b9fbcf
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9fbca2df047bf5bb25a70cd46e0647f2cc84a434cd47b27075847c4444f00d41
a36c1b591e0a043aef36da97ac4da5a313386c35ad3c92eb558e13d0291f8eff
c0ef5d88325642180635eefe64e093b230dab8b0af4240f6ac4d0020138713b2
c354463db409e3272dfa7f1180746f1c685ad67955c67bf79c4463b726f77a39
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
d4a08e8e72a67872279469a89ca78eef19b19d15da89506562629ef8f2c541a5
ecf7723a32533007ede558c546fc8ba30f508283223b6e7f49c297b7c63c8b50
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f927844e8c953560f5a67112c5dfaab926df93df57f3d8cd062028f1ca80b530