www.sophos.com Open in urlscan Pro
23.213.161.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u35263899.ct.sendgrid.net/ls/click?upn=tEHIuZAm84I13yPOwRSmXSkaXM6bfdJMwrr90zZnBD9Mo2oIVVsejuuab165W87kJ5YOZokEgd6n5mpH7d0...
Effective URL:
https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm...
Submission: On September 27 via api (September 27th 2023, 1:12:16 pm UTC) from ES — Scanned from ES

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 68 HTTP transactions. The main IP is 23.213.161.219, located in United States and belongs to AKAMAI-ASN1, NL. The main domain is www.sophos.com. The Cisco Umbrella rank of the primary domain is 282260.
TLS certificate: Issued by R3 on September 5th 2023. Valid for: 3 months.

This is the only time www.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
28	23.213.161.219 23.213.161.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.50.58 18.239.50.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.25.216.9 184.25.216.9	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	13.227.219.83 13.227.219.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6	13.227.219.60 13.227.219.60	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.27.193 104.18.27.193	() ()
1	2600:1f18:612... 2600:1f18:612b:4232:e0c8:c742:6db3:244b	() ()
1	69.173.144.165 69.173.144.165	() ()
1 3	192.29.202.14 192.29.202.14	() ()
1	2600:9000:244... 2600:9000:2449:aa00:1d:8d6d:3b40:93a1	() ()
1	2001:4860:480... 2001:4860:4802:32::36	() ()
1	151.101.130.137 151.101.130.137	() ()
68	20

1 167.89.118.28 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u35263899.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.213.161.219 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-219.deploy.static.akamaitechnologies.com

www.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-58.ams58.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.216.9 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-216-9.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-83.ams54.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.219.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-60.ams54.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:e0c8:c742:6db3:244b (None, )

ASN- ()

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.29.202.14 (None, ) 1 redirects

ASN- ()

s1777052651.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:aa00:1d:8d6d:3b40:93a1 (None, )

ASN- ()

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (None, )

ASN- ()

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	sophos.com www.sophos.com — Cisco Umbrella Rank: 282260	320 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	170 KB
6	driftt.com js.driftt.com — Cisco Umbrella Rank: 13932	82 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5551	86 KB
3	eloqua.com 1 redirects s1777052651.t.eloqua.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	186 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 2779 api.company-target.com — Cisco Umbrella Rank: 9978	2 KB
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 27367 tag-logger.demandbase.com	22 KB
1	newrelic.com js-agent.newrelic.com
1	google-analytics.com region1.google-analytics.com	253 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	tremorhub.com partners.tremorhub.com	391 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1301	98 B
1	en25.com img03.en25.com — Cisco Umbrella Rank: 49087	3 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	303 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	925 B
1	sendgrid.net 1 redirects u35263899.ct.sendgrid.net	358 B
68	18

	Domain	Requested by
28	www.sophos.com	www.sophos.com
10	cdn.cookielaw.org	www.sophos.com cdn.cookielaw.org
6	js.driftt.com	www.sophos.com js.driftt.com
4	dev.visualwebsiteoptimizer.com	www.sophos.com dev.visualwebsiteoptimizer.com
3	s1777052651.t.eloqua.com	1 redirects img03.en25.com www.sophos.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	www.googletagmanager.com	www.sophos.com www.googletagmanager.com
1	js-agent.newrelic.com	www.sophos.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	api.company-target.com	scripts.demandbase.com
1	id.rlcdn.com	www.sophos.com
1	s.company-target.com	scripts.demandbase.com
1	img03.en25.com	www.sophos.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	www.sophos.com
1	scripts.demandbase.com	www.sophos.com
1	u35263899.ct.sendgrid.net	1 redirects
68	20

This site contains no links.

Subject Issuer	Validity	Valid
www.sophos.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.company-target.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-10`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
Frame ID: 066369353AFF98561B7355662E728099
Requests: 56 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 9DAFF51EAC33D43D7C0B75821741A1B8
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=b295cb1b-24f4-4807-be8b-70c685fa38a0&sessionStarted=1695820304.175&campaignRefreshToken=4aaaad06-75b1-4f94-be2b-45d56ab2852f&hideController=false&pageLoadStartTime=1695820295520&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation
Frame ID: 21354EFAE2B8CF5CCD87F1B032D11149
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520
Frame ID: C2A2D5319BE21B241EFEC4768641F439
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u35263899.ct.sendgrid.net/ls/click?upn=tEHIuZAm84I13yPOwRSmXSkaXM6bfdJMwrr90zZnBD9Mo2oIVVsejuuab165W87... HTTP 302
https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agost... Page URL

Page Statistics

68
Requests

93 %
HTTPS

35 %
IPv6

18
Domains

20
Subdomains

20
IPs

3
Countries

873 kB
Transfer

2791 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u35263899.ct.sendgrid.net/ls/click?upn=tEHIuZAm84I13yPOwRSmXSkaXM6bfdJMwrr90zZnBD9Mo2oIVVsejuuab165W87kJ5YOZokEgd6n5mpH7d0Y4DNWVfw70EJAGyPqLgJ2N0KcaAbqBFlBfT-2BNMGnwtmWueukJ51Ok2Q7HxVzkwihIuZGHGHPtC0J-2FlBMbTEFP9aXkCsi8RgyaY9sdzSADMMi-2FZUiwi5GiNFb6MbEUkGuDQ9DeXGyc-2FAXo6l2-2FFw-2FK288-3Dgzl-_uKdOUquBP7QrAQi-2FjxTRMTOTI512NWkxvAJuwJ-2BG8omEFqpJmJNnZByl0-2FW8QM3twsy3eGsK5N-2BcbrQi4PWVT5-2BYiR1VkLfmgLge-2F0GXHxy-2BxYGChBJDXR6xp0ShymaNjAQMynbk91Ki8-2BqkUy86miBuMjyx6hKZYPRM9FD9zXfs6J3ACUClTI9yQ2S3sReoYsidFXOzBIXzczcTO3r5VxPYc8J5Bm0TcfDSYFWhojm9HNxlbgx1cM4j-2BJJ1KbywPkMFVcvfYvMYbml5H9oOz7EzeRrkwNEdsQuTEKU33N-2FbVskMMfbUpicVYWsXNsm6eAZAJcMjR4oJiFuacQ4RmhNUuMK0-2FgwPUrfDZzSPnDi7pAdBqACDSWbNhoBJbvo08wI5jkxfJqfyYypFZfTiFacgYwQA0LUyvNoTv3X1P1vKnozd-2BSD79LWKV86s6WgDneQDhA0E5F3rgQ7dspzCJ5iHuG8CQZ0ckLiu5hkVIE5EjdOeb64llILNL7-2FDQWkNG0Xy7Fhn8C-2FOweRAWlFkN5XCVwcAFFKGpWyRlg8-2Fg2Rctrp-2Fym-2BeOoh6WeLf-2F59EyYEb-2BLc-2BQw1DLbjNZ-2BCsBls-2FlfdCwOhuQcM4k5kcvgY6HWpZqLsEUaiDJNBq-2Fk97D6FBnkpgPjxTEPkzLEOmETr0VAI-2FGSKp5XH7-2Bybt550F8rgkkpw6i3VEMalMZP2gzFPmAE6-2BSdXfqueGrwwbWg-3D-3D HTTP 302
https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452&C=1

Request Chain 48

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled HTTP 302
https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled&elqCookie=1

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request state-of-ransomware Show response
www.sophos.com/en-us/content/
Redirect Chain

https://u35263899.ct.sendgrid.net/ls/click?upn=tEHIuZAm84I13yPOwRSmXSkaXM6bfdJMwrr90zZnBD9Mo2oIVVsejuuab165W87kJ5YOZokEgd6n5mpH7d0Y4DNWVfw70EJAGyPqLgJ2N0KcaAbqBFlBfT-2BNMGnwtmWueukJ51Ok2Q7HxVzkwihI...
https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

120 KB
25 KB

901ms
117ms

Document
text/html

23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

7236272b759352d3f4c20c91aaab1f1a42de0331c02beee09ab89b16bd9f0491

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-language: en
content-length: 24538
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 13:11:35 GMT
etag: "1695722398"
expires: Wed, 27 Sep 2023 13:11:35 GMT
last-modified: Tue, 26 Sep 2023 09:59:58 GMT
pragma: no-cache
vary: Accept-Encoding
x-age: 97896
x-ah-environment: prod
x-akamai-transformed: 9 24443 0 pmb=mTOE,2
x-cache-hits: 3
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-edgeconnect-midmile-rtt: 6 6
x-edgeconnect-origin-mex-latency: 115 115
x-generator: Drupal 9 (https://www.drupal.org)
x-geo-country: ES
x-request-id: v-736ba518-5c53-11ee-9148-dfdcedd0abe0
x-sophos-o: d
x-ua-compatible: IE=edge

Redirect headers

Connection: keep-alive
Content-Length: 185
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Sep 2023 13:11:34 GMT
Location: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 765ms
0ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 52050
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Tue, 26 Sep 2023 03:37:34 GMT
server: cloudflare
etag: 0x8DBBE41EC19B0CE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65c9899b-f01e-002b-0bb2-f0b94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe55ac492192-MAD

GET
H2 200 css_eh4m6A6v0pZB64BEqdZfTXjTwBCiw9HfenwkKkNg1L4.css
www.sophos.com/sites/default/files/css/ 3 KB
1 KB 238ms
20ms Stylesheet
text/css 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_eh4m6A6v0pZB64BEqdZfTXjTwBCiw9HfenwkKkNg1L4.css

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

7a1e26e80eafd29641eb8044a9d65f4d78d3c010a2c3d1df7a7c242a4360d4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 170
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 19:27:17 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=4751570
x-age: 18020
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 1134
x-request-id: v-9bc1285e-320e-11ee-ba32-136e8abce65b
expires: Tue, 21 Nov 2023 13:04:26 GMT

GET
H2 200 css_E6t00QpHq4OTt4T7UrlmTsENK5QNBD9Ulsp1kIiOYW8.css
www.sophos.com/sites/default/files/css/ 8 KB
2 KB 240ms
23ms Stylesheet
text/css 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_E6t00QpHq4OTt4T7UrlmTsENK5QNBD9Ulsp1kIiOYW8.css

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

13ab74d10a47ab8393b784fb52b9664ec10d2b940d043f5496ca7590888e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 62
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 21:14:51 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=5183447
x-age: 280087
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 2146
x-request-id: v-0b32cbac-5aaa-11ee-b13d-7bd6ab54d00b
expires: Sun, 26 Nov 2023 13:02:23 GMT

GET
H2 200 css_Rpita1gK9We3FJxZK5pykd7yJuoTq3QnnjoOJHDXSK0.css
www.sophos.com/sites/default/files/css/ 8 KB
3 KB 321ms
109ms Stylesheet
text/css 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_Rpita1gK9We3FJxZK5pykd7yJuoTq3QnnjoOJHDXSK0.css

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

4698ad6b580af567b7149c592b9a7291def226ea13ab74279e3a0e2470d748ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 134
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jul 2023 19:27:17 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=4751575
x-age: 18020
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 2319
x-request-id: v-9bd4ce7c-320e-11ee-8cae-0313ef73a475
expires: Tue, 21 Nov 2023 13:04:31 GMT

GET
H2 200 css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
www.sophos.com/sites/default/files/css/ 152 KB
22 KB 612ms
401ms Stylesheet
text/css 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

677044c4404644eece3acaed372a038ac8676db90866b34f5feae5dac8a5add5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 2
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 23:19:18 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=5011558
x-age: 35505
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 22605
x-request-id: v-559c3daa-5b53-11ee-8dad-572037734331
expires: Fri, 24 Nov 2023 13:17:34 GMT

GET
H2 200 css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css
www.sophos.com/sites/default/files/css/ 81 KB
7 KB 321ms
110ms Stylesheet
text/css 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

72be18dea7916b3ecc112b96098fcd2c3258f384c3805539da3c38c29fefd812

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 2
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 19:11:41 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=5011699
x-age: 53358
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 6807
x-request-id: v-c471cf6c-5b29-11ee-82e7-378d268817ca
expires: Fri, 24 Nov 2023 13:19:55 GMT

GET
H2 404 25056987
www.sophos.com/akam/13/ 0
0 881ms
496ms Script
application/api-problem+json 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/akam/13/25056987
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 13:11:37 GMT
pragma: no-cache
date: Wed, 27 Sep 2023 13:11:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 171
content-type: application/api-problem+json

GET
H2 200 js_lDTNyy3AQCfQcBiI2554f6SRVb70ELrb_b5MtYaxOnE.js Show response
www.sophos.com/sites/default/files/js/ 136 KB
46 KB 260ms
50ms Script
text/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_lDTNyy3AQCfQcBiI2554f6SRVb70ELrb_b5MtYaxOnE.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

9434cdcb2dc04027d0701888db9e787fa49155bef410badbfdbe4cb586b13a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 116
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 21:07:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3992445
x-age: 75119
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 47132
x-request-id: v-4ecedcee-51b2-11ee-b245-67517e429d0f
expires: Sun, 12 Nov 2023 18:12:21 GMT

GET
H2 200 js_oq_QuAHG69cuHGuA_11lgRPwSZL7BLC_708k7-1Iy5k.js Show response
www.sophos.com/sites/default/files/js/ 30 KB
7 KB 322ms
111ms Script
text/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_oq_QuAHG69cuHGuA_11lgRPwSZL7BLC_708k7-1Iy5k.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2afd0b801c6ebd72e1c6b80ff5d658113f04992fb04b0bfef4f24efed48cb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 98
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 22:40:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3345289
x-age: 27907
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 7372
x-request-id: v-7a5d9546-4c3d-11ee-aa19-5bf67f056609
expires: Sun, 05 Nov 2023 06:26:25 GMT

GET
H2 200 WuEFNglz.min.js Show response
scripts.demandbase.com/ 79 KB
22 KB 908ms
40ms Script
application/javascript 18.239.50.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/WuEFNglz.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-58.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

775ec7323840494cbdcb1c85c5cdc87690b9ff2fe11aba9909986cd37aaa83da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: chefmuhgGzXVIO8yypDAyoxvoP4YAkaf
content-encoding: gzip
via: 1.1 852513de831fa3235a0fcf6b4f0116c4.cloudfront.net (CloudFront)
date: Wed, 27 Sep 2023 13:07:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P3
age: 276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 22:22:50 GMT
server: AmazonS3
etag: W/"69e4c858360878ad84445cc192fbe386"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: ArVJbJsBAsbpGe0QBSEvVF44Xs024DkQzV3Es9BXjiMZErzqcWlBQQ==

GET
H2 200 js_OxbsZw9P8HsE4BFd3lA2ZdMElX19eSDuxgiIAiC8KzI.js Show response
www.sophos.com/sites/default/files/js/ 5 KB
2 KB 228ms
18ms Script
text/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_OxbsZw9P8HsE4BFd3lA2ZdMElX19eSDuxgiIAiC8KzI.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b16ec670f4ff07b04e0115dde503665d304957d7d7920eec608880220bc2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 06:26:50 GMT
x-edgeconnect-origin-mex-latency: 16
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 6
x-age: 28006
x-ah-environment: prod
x-sophos-o: d
content-length: 1753
x-request-id: v-3f5f0a9c-4c3d-11ee-a74b-8f6ac1d781a3
last-modified: Tue, 05 Sep 2023 22:40:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3345314
accept-ranges: bytes
x-cache-hits: 130

GET
H2 200 gtm.js Show response
www.sophos.com/modules/contrib/google_tag/js/ 895 B
723 B 308ms
0ms Script
application/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/modules/contrib/google_tag/js/gtm.js?s1k7sh

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 112
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Aug 2023 18:20:05 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=5067121
x-age: 27633
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 443
x-request-id: v-ed3895c6-5be6-11ee-b120-1b8e1c80782f
expires: Sat, 25 Nov 2023 04:43:37 GMT

GET
H2 200 gtag.js Show response
www.sophos.com/modules/contrib/google_tag/js/ 944 B
735 B 269ms
0ms Script
application/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/modules/contrib/google_tag/js/gtag.js?s1k7sh

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 104
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Aug 2023 18:19:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=5067082
x-age: 27633
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 455
x-request-id: v-ed33339c-5be6-11ee-a78b-03be45e5f61c
expires: Sat, 25 Nov 2023 04:42:58 GMT

GET
H2 200 js_DyFpqkssktH5hjljUSOyizW9L3kcwyMo2oiRja9ihFI.js Show response
www.sophos.com/sites/default/files/js/ 27 KB
9 KB 273ms
0ms Script
text/javascript 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_DyFpqkssktH5hjljUSOyizW9L3kcwyMo2oiRja9ihFI.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

0f2169aa4b2c92d1f98639635123b28b35bd2f791cc32328da88918daf628452

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 354
date: Wed, 27 Sep 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Aug 2023 18:37:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=4804147
x-age: 70573
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 8560
x-request-id: v-a6ebb654-320e-11ee-a775-b768f8bb8c5b
expires: Wed, 22 Nov 2023 03:40:43 GMT

GET
H2 200 2e456f46-6b86-42c8-be0a-01efd4471533.json Show response
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/ 4 KB
2 KB 571ms
0ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a2dfe82e2bb5f26b84a4e71b3a0c7a2ed263cc6149bdf71f662b77985e7ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 80498
content-md5: pChdVqwRW5uadTqawp+U5g==
content-length: 1633
x-ms-lease-status: unlocked
last-modified: Thu, 20 Apr 2023 14:12:25 GMT
server: cloudflare
etag: 0x8DB41A9447E44E4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eba27751-101e-0042-3592-73f3f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe5a5adc2f93-MAD
expires: Thu, 28 Sep 2023 13:11:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
925 B 1826ms
0ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata&display=swap

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d28098d03bb6705fc432ac0ac4130b4106674553fbfcacc1c06ebe21ff7974de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 13:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 11:15:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 13:11:38 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
303 B 1189ms
0ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.sophos.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80d3fe623db71bb1-MAD
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 345ms
0ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 69667
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe653fc42192-MAD

GET
H/1.1 200
OK elqCfg.min.js
img03.en25.com/i/ 6 KB
3 KB 1453ms
70ms Script
application/x-javascript 184.25.216.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/elqCfg.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.25.216.9 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-216-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 27 Sep 2023 13:11:40 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 17 Jul 2023 19:34:32 GMT
ETag: "2d8b19b6e5b8d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 27 Sep 2023 13:11:40 GMT

GET
H2 200 j.php
dev.visualwebsiteoptimizer.com/ 9 KB
4 KB 1586ms
109ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation&f=1&r=0.8346674878778677
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
via: 1.1 google
server: gbel1
etag: W/"1695736476"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 arrow-down--white.svg
www.sophos.com/themes/custom/sophosdotcom/images/styles/ 1 KB
1 KB 539ms
211ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/styles/arrow-down--white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 524
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 22:53:16 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4791857
x-age: 58333
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 563
x-request-id: v-9daba54a-320e-11ee-bd7a-d3bfee021a38
expires: Wed, 22 Nov 2023 00:15:56 GMT

GET
H2 200 mdr-solid-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ 1 KB
1 KB 538ms
213ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/markup-block/mdr-solid-white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 308
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4791378
x-age: 57874
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 707
x-request-id: v-9d301330-320e-11ee-b061-2b6dbebadfb6
expires: Wed, 22 Nov 2023 00:07:57 GMT

GET
H2 200 header-arrow-light-blue-right.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 739 B
1 KB 500ms
175ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/header-arrow-light-blue-right.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 40
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 119506
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 432
x-request-id: v-0afc5f20-efa4-11ed-a38d-5f8ba0388695
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 ir-solid-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ 718 B
1 KB 540ms
216ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ir-solid-white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 724
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Mar 2023 20:05:53 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4985156
x-age: 4109162
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 453
x-request-id: v-f116b848-fa94-11ed-b496-73b250f4d34d
expires: Fri, 24 Nov 2023 05:57:35 GMT

GET
H2 200 search-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 1 KB
1 KB 493ms
177ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/search-white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 673
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 19:14:38 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4791890
x-age: 4109162
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 688
x-request-id: v-f118dac4-fa94-11ed-bbd5-9b6222aa1cc6
expires: Wed, 22 Nov 2023 00:16:29 GMT

GET
H2 200 globe.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 666 B
1 KB 411ms
95ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/globe.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 1429
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 19:14:51 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 1240990
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 295
x-request-id: v-1f7c92e8-d3b7-11ed-8556-c78a36ac8f39
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 checkmark.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 988 B
1 KB 528ms
214ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/checkmark.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 755
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Mar 2023 19:14:51 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 4189297
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 564
x-request-id: v-785ae8de-faa8-11ed-a7e7-e7ac0359f756
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 SophosSans-Regular.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 37 KB
37 KB 312ms
0ms Font
text/plain 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Regular.woff2

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
Origin: https://www.sophos.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 461
date: Wed, 27 Sep 2023 13:11:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
cache-control: max-age=4477409
x-age: 387285
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 37420
x-request-id: v-ba6b7a2a-d3b3-11ed-bcbb-4f28669eb94d
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 SophosSans-Medium.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 38 KB
39 KB 312ms
0ms Font
text/plain 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Medium.woff2

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
Origin: https://www.sophos.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 620
date: Wed, 27 Sep 2023 13:11:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
cache-control: max-age=4477409
x-age: 434382
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 39004
x-request-id: v-02dc0542-d3b7-11ed-b05b-17c0efc3a1de
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 SophosSans-Semibold.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 37 KB
38 KB 409ms
97ms Font
text/plain 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Semibold.woff2

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
Origin: https://www.sophos.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 2810
date: Wed, 27 Sep 2023 13:11:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:49:08 GMT
cache-control: max-age=4477409
x-age: 1545179
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 37940
x-request-id: v-ba6b8df8-d3b3-11ed-a1f7-8b047eee5a8c
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 arrow-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/styles/ 714 B
1 KB 388ms
66ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/styles/arrow-white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_cr4Y3qeRaz7MESuWCY_NLDJY84TDgFU52jw4wp_v2BI.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 718
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 4087393
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 415
x-request-id: v-7eed7180-faa8-11ed-a55e-8f9e407d029d
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 image-know-your-enemy.png.webp
www.sophos.com/sites/default/files/styles/convert_webp/public/2022-01/ 66 KB
67 KB 379ms
69ms Image
image/png 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/sites/default/files/styles/convert_webp/public/2022-01/image-know-your-enemy.png.webp?itok=oX9eMvYn

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Mar 2023 18:48:25 GMT
x-geo-country: ES
content-type: image/png
cache-control: max-age=5011534
x-age: 0
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 67486
x-request-id: v-010968f0-5ba6-11ee-a90b-57bb8830cbca
expires: Fri, 24 Nov 2023 13:17:13 GMT

GET
H2 200 arrow-right-small--gray.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 1 KB
1 KB 374ms
65ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/arrow-right-small--gray.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 1081
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 01:48:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 501698
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 654
x-request-id: v-aaee7458-d3b8-11ed-8db8-47b400671d49
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 arrow-down-small--gray-light.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 612 B
1 KB 376ms
68ms Image
image/svg+xml 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/arrow-down-small--gray-light.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_Z3BExEBGRO7OOsrtNyoDishnbbkIZrNPX-rl2silrdU.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 79
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 22:53:16 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=4477409
x-age: 361518
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 341
x-request-id: v-982977b4-efa6-11ed-879d-f7208998b043
expires: Sat, 18 Nov 2023 08:55:08 GMT

GET
H2 200 sync
s.company-target.com/s/ Frame 9DAF 634 B
976 B 824ms
0ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 13:11:40 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 1198ms
0ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json
api.company-target.com/api/v2/ 438 B
937 B 1230ms
0ms XHR
application/json 13.227.219.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation&page_title=2023%20Ransomware%20Report%3A%20Sophos%20State%20of%20Ransomware
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-83.ams54.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.sophos.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Sep 2023 13:11:40 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 58a361324cd2b1576fcc05c5471b9b12.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
request-id: 3f7c128d-152d-44e8-a403-9e5662d4998d
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sophos.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BCW6jUIzxJCVLjaYaoPPtvzET6xwrVdcPZeHz290ec-9o_4dLRRKsA==
expires: Tue, 26 Sep 2023 13:11:40 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 363 KB
108 KB 1243ms
0ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/modules/contrib/google_tag/js/gtm.js?s1k7sh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109984
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Sep 2023 13:11:40 GMT

GET
H2 200 w7p4sauc2iyi.js
js.driftt.com/include/1695820500000/ 215 KB
61 KB 1317ms
79ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1695820500000/w7p4sauc2iyi.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/js/js_lDTNyy3AQCfQcBiI2554f6SRVb70ELrb_b5MtYaxOnE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: l.B85eaiR5sX7u8JchWT4_t6lV2e1Zf2
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 27 Sep 2023 13:11:40 GMT
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Tue, 19 Sep 2023 20:16:03 GMT
server: istio-envoy
etag: W/"cfd0f6983bb181a781dd1c9ca318f995"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6yWpcya5y5NKw5o1I9upvV6xk2Wf8fE1_3WAL7HrAyi-OMFgfaji-A==

GET
H2 200 get-country
www.sophos.com/ 16 B
546 B 255ms
112ms XHR
text/html 23.213.161.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/get-country
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/js/js_lDTNyy3AQCfQcBiI2554f6SRVb70ELrb_b5MtYaxOnE.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.219 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Referer: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station
X-Requested-With: XMLHttpRequest
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-geo-country: ES
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-age: 0
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 42
x-request-id: v-2fdb321c-5d36-11ee-9f9d-3772ffb86852

GET
H2 200 en.json
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/54b5cd0a-405c-4d89-9122-4325cfaccd51/ 182 KB
33 KB 218ms
58ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/54b5cd0a-405c-4d89-9122-4325cfaccd51/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 60954
content-md5: l5bhozVo1BvrHexKbj0djw==
content-length: 33301
x-ms-lease-status: unlocked
last-modified: Thu, 20 Apr 2023 14:13:31 GMT
server: cloudflare
etag: 0x8DB41A96BD8F940
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b54ac928-401e-00b4-1392-73d4e4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe692d9f2f93-MAD
expires: Thu, 28 Sep 2023 13:11:39 GMT

GET
H2 200 otFlat.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 13 KB
3 KB 636ms
0ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pRHDWyQMLvXwKY458EnqRw==
age: 66297
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:45 GMT
server: cloudflare
etag: 0x8DB55BF315FAED9
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 35fa68ff-101e-00e8-27fb-87251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe725e0e2f93-MAD

GET
H2 200 otPcTab.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 62 KB
13 KB 638ms
0ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UgqWqpl5qGBlgacC8J2b6A==
age: 12852
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32DD687C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2b4d8505-101e-00c1-7cfb-87535f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe725e102f93-MAD

GET
H2 200 otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 635ms
0ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 16273
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6b4375ed-a01e-00be-6efb-87cd6d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80d3fe725e132f93-MAD

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9DAF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452&C=1

43 B
556 B

797ms
0ms

Image
image/gif

104.18.27.193

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 104.18.27.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 13:11:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGONTiGdRB2Hr8Q6l7iYr8YpKPmVUslNUmSpDJi%2BLJKtXO4qjNiQ1q3cnDJ4Q5DELtEphHHsonW62a7lhRtGZist9iCOb7n0y9YUO4wgdsCVDJ31TTXLlLFiB9j%2BdZYEd7tz3210mxsyVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d3fe7da9843847-MAD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 13:11:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8hVMG00%2Bzal8EeWYtscRZg6nvzdMRKkF0qmCdZg5V492FQVgNc37NiQJ0qlh2LzquKkb3IMfq4mbuGwsGRflcThsucNCmgPfqcs01idBvkpdkcHuIWWbcdRx7Moqz2uRpbbJWIpdrVjQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1711545100&external_user_id=c288f694-13c8-4f61-b2e0-e725252ed452&C=1
cache-control: no-cache
cf-ray: 80d3fe75cc113847-MAD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9DAF 43 B
391 B 1637ms
0ms Image
image/gif 2600:1f18:612b:4232:e0c8:c742:6db3:244b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=c288f694-13c8-4f61-b2e0-e725252ed452
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:e0c8:c742:6db3:244b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 27 Sep 2023 13:11:42 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9DAF 0
239 B 1143ms
64ms Image
image/gif 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=c288f694-13c8-4f61-b2e0-e725252ed452&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK svrGP
s1777052651.t.eloqua.com/visitor/v200/ 0
411 B 1506ms
105ms Script
application/javascript 192.29.202.14

General

Check archive.org

Show headers Download Go to

Full URL

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1777052651&ms=613

Requested by

Host: img03.en25.com
URL: https://img03.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.202.14 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 27 Sep 2023 13:11:41 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

svrGP.aspx
s1777052651.t.eloqua.com/visitor/v200/
Redirect Chain

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled
https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled&elqCookie=1

49 B
448 B

709ms
188ms

Image
image/gif

192.29.202.14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled&elqCookie=1

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

HTTP/1.1

Server

192.29.202.14 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 27 Sep 2023 13:11:42 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 27 Sep 2023 13:11:41 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=613&optin=disabled&elqCookie=1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 274
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H3 200 va-5320cc8d864891052c5b3ca5d37dd1a7.js
dev.visualwebsiteoptimizer.com/7.0/ 234 KB
66 KB 628ms
183ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-5320cc8d864891052c5b3ca5d37dd1a7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation&f=1&r=0.8346674878778677
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash

Request headers

Referer: https://www.sophos.com/
Origin: https://www.sophos.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 26 Sep 2023 13:54:24 GMT
server: gbel1
etag: "6512e290-10769"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67433

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
151 B 662ms
29ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=25349&d=sophos.com&u=D08D589B5A78260B56BDBA3E43D6F92D6&h=006231d49dc9a48df785a54a00c4adad&t=false

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:41 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 bg9s
tag-logger.demandbase.com/ 0
417 B 1475ms
0ms XHR
text/html 2600:9000:2449:aa00:1d:8d6d:3b40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=BCW6jUIzxJCVLjaYaoPPtvzET6xwrVdcPZeHz290ec-9o_4dLRRKsA==&api-version=v2
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:aa00:1d:8d6d:3b40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Wed, 27 Sep 2023 06:36:09 GMT
via: 1.1 e3175a7d38795328ac3444e1d56a9f4e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P6
age: 35289
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: kANS-FiSB2Ph21KH-3WnKpw-WeaCYAk_rna1rXv00xieLip3crF_AA==

GET
H2 200 ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 497 B
517 B 796ms
0ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 16274
x-ms-lease-status: unlocked
last-modified: Tue, 26 Sep 2023 03:37:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: de2e9834-b01e-002a-1783-f0e693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80d3fe792b462f93-MAD

GET
H2 200 sophos-logo-blue-rgb_(1).png
cdn.cookielaw.org/logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/ 8 KB
8 KB 722ms
0ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: d2UywqgE8Ul52QHCEM5u5w==
age: 2595
content-length: 7963
x-ms-lease-status: unlocked
last-modified: Fri, 05 Mar 2021 15:08:15 GMT
server: cloudflare
etag: 0x8D8DFE8804B6B6D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 605a2bbe-101e-0120-50e1-5af27f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80d3fe792b3a2192-MAD

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 753ms
0ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Sep 2023 13:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 51452
x-ms-lease-status: unlocked
last-modified: Tue, 26 Sep 2023 03:37:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 750c8541-601e-004b-25a4-f0c5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80d3fe794b792192-MAD

GET
H2 200 js
www.googletagmanager.com/gtag/ 217 KB
78 KB 904ms
0ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Sep 2023 13:11:42 GMT

GET
H3 200 settings.js
dev.visualwebsiteoptimizer.com/ 96 KB
16 KB 741ms
403ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=25349&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-5320cc8d864891052c5b3ca5d37dd1a7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:11:43 GMT
content-encoding: gzip
via: 1.1 google
server: gbel1
etag: W/"1695736476"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 1311ms
0ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V88TEQ7EYL&gtm=45je39p0&_p=1553785742&cid=1003508641.1695820304&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1695820304&sct=1&seg=0&dl=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation&dt=2023%20Ransomware%20Report%3A%20Sophos%20State%20of%20Ransomware&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 13:11:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sophos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core
js.driftt.com/ Frame 2135 2 KB
1 KB 994ms
0ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=b295cb1b-24f4-4807-be8b-70c685fa38a0&sessionStarted=1695820304.175&campaignRefreshToken=4aaaad06-75b1-4f94-be2b-45d56ab2852f&hideController=false&pageLoadStartTime=1695820295520&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fcontent%2Fstate-of-ransomware%3Futm_campaign%3Dtivit_newsletter_cyber__agosto_2023__edicao_3%26utm_medium%3Demail%26utm_source%3DRD%2BStation

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1695820500000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 13:11:45 GMT
etag: W/"00133a3cf34b34b4e4ff44f62b5986b1"
last-modified: Tue, 19 Sep 2023 20:15:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-id: JennJ3kvnA049hWD5tkFteRUOnYZ2yml3ZMZ4VzOw1Ai0haGLED79g==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 15

GET
H2 200 chat
js.driftt.com/core/ Frame C2A2 2 KB
1 KB 981ms
0ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1695820500000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 13:11:45 GMT
etag: W/"00133a3cf34b34b4e4ff44f62b5986b1"
last-modified: Tue, 19 Sep 2023 20:15:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-id: kxpv6UGM4wTGH81UYvhwefDu28hk-Q3zqZmpOmGGzZ0JTSka7QzeFg==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 nr-rum-1.241.0.min.js
js-agent.newrelic.com/ 44 KB
0 1460ms
0ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.241.0.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/content/state-of-ransomware?utm_campaign=tivit_newsletter_cyber__agosto_2023__edicao_3&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: F17sxhTmRNweJyZpjESmBytTZGz_S0Xi
content-encoding: br
via: 1.1 varnish
date: Wed, 27 Sep 2023 13:11:45 GMT
strict-transport-security: max-age=300
x-amz-request-id: 1V9T6BMTFNTZ9VQY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15723
x-amz-id-2: HZA0GS8oJoBpXe7pSrt12V9gnRchzZ751NTapxnWdsKXcDA6M2u7QSi4E2Yn5g2QC0VK1cZ/wO0=
x-served-by: cache-mad22080-MAD
last-modified: Tue, 19 Sep 2023 15:49:20 GMT
server: AmazonS3
x-timer: S1695820306.665325,VS0,VE0
etag: "b7786897586ffb59d4496d491cdbb690"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 110

GET
H2 200 runtime~main.250b8c3b.js
js.driftt.com/core/assets/js/ Frame C2A2 6 KB
3 KB 472ms
21ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520
Origin: https://js.driftt.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: INmBWBUTI7s8HQHrQELARWPZPG_qc8WA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 665778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 15 Sep 2023 20:51:10 GMT
server: istio-envoy
etag: W/"187268a131d0fc1896127a07856617bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ltgCeLkscpncR1wbDxptCIyWH_b2tBb4JsstRGTk2MEnBVWmFV282w==

GET
H2 200 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame C2A2 35 KB
13 KB 476ms
25ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520
Origin: https://js.driftt.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:18:07 GMT
x-amz-version-id: q5pTVpOtKy3mkc3tgJvo47OHqvdilate
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5918017
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 20 Jul 2023 18:22:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cvCiTcGa1S9VEEYVmHQ4HgFUHAviqQsb7Xga1dGHabU3HUI-iQt3Lw==

GET
H2 200 main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame C2A2 7 KB
3 KB 487ms
37ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695820295520
Origin: https://js.driftt.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 04:09:06 GMT
x-amz-version-id: 2zyEGUMzvveqkJzL6nFDTJ0WIZ_8_gTF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4438959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k09X7-hYzfZL7Kz-yE9iuJbVGM-mbPzDIITpF0z9c7niaYAMms3tog==

GET runtime~main.250b8c3b.js
js.driftt.com/core/assets/js/ Frame 2135 0
0

GET 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 2135 0
0

GET main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame 2135 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sophos.com/akam/13/25056987 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
cdn.cookielaw.org
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
fonts.googleapis.com
geolocation.onetrust.com
id.rlcdn.com
img03.en25.com
js-agent.newrelic.com
js.driftt.com
partners.tremorhub.com
pixel.rubiconproject.com
region1.google-analytics.com
s.company-target.com
s1777052651.t.eloqua.com
scripts.demandbase.com
tag-logger.demandbase.com
u35263899.ct.sendgrid.net
www.googletagmanager.com
www.sophos.com
js.driftt.com
104.18.27.193
13.227.219.60
13.227.219.83
151.101.130.137
167.89.118.28
18.239.50.58
184.25.216.9
192.29.202.14
2001:4860:4802:32::36
23.213.161.219
2600:1f18:612b:4232:e0c8:c742:6db3:244b
2600:9000:2449:aa00:1d:8d6d:3b40:93a1
2606:4700:4400::6812:2089
2606:4700::6812:82ec
2a00:1450:4001:809::200a
2a00:1450:4001:827::2008
34.96.102.137
34.96.71.22
35.244.174.68
69.173.144.165
0f2169aa4b2c92d1f98639635123b28b35bd2f791cc32328da88918daf628452
13ab74d10a47ab8393b784fb52b9664ec10d2b940d043f5496ca7590888e616f
315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed
3b16ec670f4ff07b04e0115dde503665d304957d7d7920eec608880220bc2b32
3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
4698ad6b580af567b7149c592b9a7291def226ea13ab74279e3a0e2470d748ad
5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737
677044c4404644eece3acaed372a038ac8676db90866b34f5feae5dac8a5add5
7236272b759352d3f4c20c91aaab1f1a42de0331c02beee09ab89b16bd9f0491
72be18dea7916b3ecc112b96098fcd2c3258f384c3805539da3c38c29fefd812
775ec7323840494cbdcb1c85c5cdc87690b9ff2fe11aba9909986cd37aaa83da
7a1e26e80eafd29641eb8044a9d65f4d78d3c010a2c3d1df7a7c242a4360d4be
9434cdcb2dc04027d0701888db9e787fa49155bef410badbfdbe4cb586b13a71
95a2dfe82e2bb5f26b84a4e71b3a0c7a2ed263cc6149bdf71f662b77985e7ac4
a2afd0b801c6ebd72e1c6b80ff5d658113f04992fb04b0bfef4f24efed48cb99
d28098d03bb6705fc432ac0ac4130b4106674553fbfcacc1c06ebe21ff7974de

www.sophos.com Open in urlscan Pro 23.213.161.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

68 Requests

93 %HTTPS

35 %IPv6

18 Domains

20 Subdomains

20 IPs

3 Countries

873 kBTransfer

2791 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sophos.com Open in urlscan Pro
23.213.161.219 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

93 %
HTTPS

35 %
IPv6

18
Domains

20
Subdomains

20
IPs

3
Countries

873 kB
Transfer

2791 kB
Size

68 HTTP transactions
0 data transactions