www.tripwire.com Open in urlscan Pro
2606:4700::6812:eb0 Public Scan

URL: https://customers.tripwire.com/customers
Title: Customer Portal

URL: https://partners.tripwire.com/partners/
Title: Partner Portal

URL: https://www.fortra.com/about/careers
Title: Careers

URL: https://www.fortra.com/about/our-leadership-team
Title: Leadership

URL: https://labs.withsecure.com/publications/darkgate-malware-campaign
Title: described

URL: https://en-gb.facebook.com/business/help/442345745885606
Title: enable

URL: https://labs.withsecure.com/publications/ducktail
Title: "Ducktail"

URL: https://info.tripwire.com/state-of-security-subscription-center

URL: https://www.fortra.com/privacy-policy
Title: Privacy Policy

URL: https://www.fortra.com/cookie-policy
Title: Cookie Policy

URL: https://www.fortra.com/impressum
Title: Impressum

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request phony-job-vacancy-targets-linkedin-users-darkgate-malware Show response
www.tripwire.com/state-of-security/ 51 KB
11 KB 185ms
65ms Document
text/html 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a636b8fbdf86322d7ba6611b5fad516cc1fa7006750c41393bde65c5198d6b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1147
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 81cbc8a1f9c73730-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 14:56:05 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 27 Oct 2023 14:36:57 GMT
server: cloudflare
vary: Accept-Encoding, Cookie, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-rdthk
x-served-by: cache-chi-kigq8000092-CHI, cache-fra-eddf8230033-FRA
x-styx-req-id: 481d395a-74d6-11ee-b87d-daea815b4acc
x-timer: S1698418565.460326,VS0,VE2
x-ua-compatible: IE=edge

GET
H2 200 notice Show response
consent.trustarc.com/ 14 KB
6 KB 229ms
64ms Script
text/javascript 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

68bb3dc1a63ff34b46574db610f81e6aefc8db9bc75f966a92f0dfc7e42587b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5350
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: BE
timing-allow-origin: *
x-amz-cf-id: j2iLIABEtppMBqYA-kbXl9c1ZSO6kLFWjU2n8J7-D2JGErBjV9nx2A==
expires: Fri, 27 Oct 2023 15:56:05 GMT

GET
H2 200 css_4IiiTqtlTFKeGhmvsfySMawp2rDRncxxOlXoTnhiO4M.css
www.tripwire.com/sites/default/files/css/ 10 KB
3 KB 55ms
54ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_4IiiTqtlTFKeGhmvsfySMawp2rDRncxxOlXoTnhiO4M.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e088a24eab654c529e1a19afb1fc9231ac29dab0d19dcc713a55e84e78623b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 22:32:02 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-84955cf4f5-xxx5v
content-length: 3090
x-served-by: cache-chi-klot8100145-CHI, cache-fra-eddf8230083-FRA
last-modified: Mon, 09 Oct 2023 20:44:48 GMT
server: cloudflare
x-timer: S1698418566.521847,VS0,VE2
etag: W/"65246640-26ca"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: aa9d15f8-66f3-11ee-b59c-fad5d868c988
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a27a533730-FRA
x-cache-hits: 2, 1

GET
H2 200 css_uwmONkHjy44a25_aOLRmdHVCokq6k2BEoWbzr0CUQU0.css
www.tripwire.com/sites/default/files/css/ 23 KB
7 KB 57ms
55ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_uwmONkHjy44a25_aOLRmdHVCokq6k2BEoWbzr0CUQU0.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb098e3641e3cb8e1adb9fda38b466747542a24aba936044a166f3af4094414d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 22:45:01 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-84955cf4f5-s85d9
content-length: 6763
x-served-by: cache-chi-klot8100022-CHI, cache-fra-eddf8230135-FRA
last-modified: Mon, 09 Oct 2023 20:44:48 GMT
server: cloudflare
x-timer: S1698418566.524416,VS0,VE1
etag: W/"65246640-5c5a"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 7b24b38a-66f5-11ee-99e8-062f6fe0a2e2
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a27a573730-FRA
x-cache-hits: 3, 5064

GET
H2 200 css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
www.tripwire.com/sites/default/files/css/ 812 KB
128 KB 57ms
44ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0407df423dd82ebef2eeeac6349a4fef10e3cbb4ae4c585326ddc9a8897a6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 130970
x-served-by: cache-chi-klot8100069-CHI, cache-fra-eddf8230076-FRA
last-modified: Mon, 09 Oct 2023 20:44:39 GMT
server: cloudflare
x-timer: S1698418566.524200,VS0,VE2
etag: W/"65246637-caf4c"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ea7ea7ba-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a27a593730-FRA
x-cache-hits: 3, 1

GET
H2 200 fortra-logo.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 1 KB
914 B 106ms
93ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/fortra-logo.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecf849595fcabd944cd51bed213d014bb5d70d619df4023f0089fa233de072c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:05 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66162
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 668
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230081-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698418566.527232,VS0,VE2
etag: W/"653acbdc-5cc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4efb5423-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a27a5a3730-FRA
x-cache-hits: 7, 1

GET
H2 200 tripwire-dark-bg.svg
www.tripwire.com/themes/custom/tripwire/images/ 7 KB
3 KB 107ms
94ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/tripwire/images/tripwire-dark-bg.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5bcab0c22a0cb3bbc8dab11bd05d301c127a9f1c4f4e24abcae4232a209a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66162
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 2629
x-served-by: cache-chi-kigq8000046-CHI, cache-fra-eddf8230106-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698418566.527121,VS0,VE2
etag: W/"653acbcd-1d19"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f03ef4-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a27a5e3730-FRA
x-cache-hits: 4, 1

GET
H2 200 fta-delta-white.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 297 B
486 B 103ms
90ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/fta-delta-white.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66162
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 253
x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230023-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698418566.543084,VS0,VE3
etag: W/"653acbc9-129"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f06007-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a28a773730-FRA
x-cache-hits: 4, 1

GET
H2 200 linkedin.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-08/ 2 KB
2 KB 102ms
90ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-08/linkedin.jpg?itok=JigBC1Bu
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57eb69e9c8d33c3584a794a714a80cd0d10169bb197e4fa78ab1a06108789448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:11:39 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 65769
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 1670
x-served-by: cache-chi-kigq8000089-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 17 Aug 2023 15:34:27 GMT
server: cloudflare
x-timer: S1698418566.541753,VS0,VE2
etag: "64de3e03-686"
content-type: image/jpeg
x-styx-req-id: 94d96289-7409-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a28a783730-FRA
x-cache-hits: 5, 1

GET
H2 200 Job-scams-How-they-persuade-and-how-to-protect-yourself.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-01/ 2 KB
2 KB 100ms
90ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-01/Job-scams-How-they-persuade-and-how-to-protect-yourself.jpg?itok=cLVUCroT
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe265af7eda5df10de96bf5174b42524180c3b3bfce9dc4693298781d783be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 06 Sep 2024 14:43:01 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 65769
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-cf6bccf8c-4hcf9
content-length: 1770
x-served-by: cache-chi-kigq8000164-CHI, cache-fra-eddf8230071-FRA
last-modified: Wed, 10 May 2023 08:21:19 GMT
server: cloudflare
x-timer: S1698418566.542045,VS0,VE2
etag: "645b53ff-6ea"
content-type: image/jpeg
x-styx-req-id: ae28a77a-4cc3-11ee-bb52-525979f45ebf
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a28a793730-FRA
x-cache-hits: 2, 1

GET
H2 200 Common-Social-Media-Scams-and-How-to-Avoid-Them.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-04/ 2 KB
2 KB 137ms
131ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-04/Common-Social-Media-Scams-and-How-to-Avoid-Them.jpg?itok=GjqaNX95
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c411eee99e8687621ea9747a708c67d9eab7e242118b1156d1c59c1c39a2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 14:17:13 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 65268
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-6bd7fc469b-qmwbr
content-length: 1757
x-served-by: cache-chi-klot8100077-CHI, cache-fra-eddf8230023-FRA
last-modified: Wed, 17 May 2023 15:49:24 GMT
server: cloudflare
x-timer: S1698418566.576236,VS0,VE2
etag: "6464f784-6dd"
content-type: image/jpeg
x-styx-req-id: 10354f43-562e-11ee-b9a9-ca53a2c7b3f0
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bacf3730-FRA
x-cache-hits: 2, 1

GET
H2 200 state-of-security-sidebar-cta-2.png
www.tripwire.com/themes/custom/tripwire/images/ 27 KB
27 KB 136ms
131ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/tripwire/images/state-of-security-sidebar-cta-2.png
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f184ce8fdc31bfda8bba63b8b76f07bc77c6c993c2e8ab2eab57f51d4c8c1419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 27614
x-served-by: cache-chi-klot8100137-CHI, cache-fra-eddf8230081-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698418566.575569,VS0,VE2
etag: "653acbdc-6bde"
content-type: image/png
x-styx-req-id: ea8732b8-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bad03730-FRA
x-cache-hits: 23, 1

GET
H2 200 logo.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 1 KB
955 B 134ms
129ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/logo.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d701cd8539ccd07580c2dbd5904966347bb2769484b12dfc3fd1372d5e9668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66161
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 685
x-served-by: cache-chi-klot8100101-CHI, cache-fra-eddf8230083-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698418566.569657,VS0,VE2
etag: W/"653acbe0-5e2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f0fb3b-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bad23730-FRA
x-cache-hits: 22, 1

GET
H2 200 email-decode.min.js Show response
www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 99ms
89ms Script
application/javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 17:54:11 GMT
server: cloudflare
etag: W/"653804c3-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 81cbc8a28a7a3730-FRA
expires: Sun, 29 Oct 2023 14:56:05 GMT

GET
H2 200 jquery.min.js Show response
www.tripwire.com/core/assets/vendor/jquery/ 88 KB
36 KB 103ms
93ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/jquery/jquery.min.js?v=3.6.3
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 36217
x-served-by: cache-chi-kigq8000160-CHI, cache-fra-eddf8230076-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.563894,VS0,VE2
etag: W/"653acbd6-15f5b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea865efa-743e-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baa03730-FRA
x-cache-hits: 3, 1

GET
H2 200 element.matches.js Show response
www.tripwire.com/core/misc/polyfills/ 284 B
479 B 100ms
91ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/polyfills/element.matches.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1559a8d7ea18f16e60f0e1c547bdeeb72d9e45834bab35060c17add9750593aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66158
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 208
x-served-by: cache-chi-klot8100024-CHI, cache-fra-eddf8230090-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.563925,VS0,VE2
etag: W/"653acbd6-11c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea85f7b6-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baa33730-FRA
x-cache-hits: 3, 1

GET
H2 200 object.assign.js Show response
www.tripwire.com/core/misc/polyfills/ 917 B
707 B 101ms
92ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/polyfills/object.assign.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cb1071734d4e8505251de42e4246d3a216f8430002f313f217bd0a03f37d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 495
x-served-by: cache-chi-klot8100106-CHI, cache-fra-eddf8230070-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.563325,VS0,VE2
etag: W/"653acbd6-395"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86bb2f-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baa43730-FRA
x-cache-hits: 3, 1

GET
H2 200 once.min.js Show response
www.tripwire.com/core/assets/vendor/once/ 1 KB
942 B 100ms
91ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/once/once.min.js?v=1.0.1
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 718
x-served-by: cache-chi-kigq8000041-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.564318,VS0,VE2
etag: W/"653acbd6-54d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87573a-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baa53730-FRA
x-cache-hits: 3, 1

GET
H2 200 jquery.once.min.js Show response
www.tripwire.com/core/assets/vendor/jquery-once/ 908 B
695 B 108ms
99ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 452
x-served-by: cache-chi-kigq8000027-CHI, cache-fra-eddf8230108-FRA
last-modified: Thu, 26 Oct 2023 20:28:11 GMT
server: cloudflare
x-timer: S1698418566.568548,VS0,VE0
etag: W/"653acbdb-38c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1bb079-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baa93730-FRA
x-cache-hits: 3, 3

GET
H2 200 drupalSettingsLoader.js Show response
www.tripwire.com/core/misc/ 516 B
528 B 107ms
98ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupalSettingsLoader.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2952f321b6eed0df6098ad6d125468b0d02f3a48db5c5002317aad5e4eb0fdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-rdthk
content-length: 311
x-served-by: cache-chi-klot8100026-CHI, cache-fra-eddf8230108-FRA
last-modified: Thu, 26 Oct 2023 20:27:48 GMT
server: cloudflare
x-timer: S1698418566.565017,VS0,VE2
etag: W/"653acbc4-204"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1ce963-743e-11ee-8796-daea815b4acc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baab3730-FRA
x-cache-hits: 4, 1

GET
H2 200 drupal.js Show response
www.tripwire.com/core/misc/ 6 KB
2 KB 138ms
129ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupal.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867ee5a948613ac97de43e7a202275dc70c5fe91b4cb8f9e2533e03f16b0e9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 2088
x-served-by: cache-chi-kigq8000073-CHI, cache-fra-eddf8230108-FRA
last-modified: Thu, 26 Oct 2023 20:27:52 GMT
server: cloudflare
x-timer: S1698418566.564555,VS0,VE1
etag: W/"653acbc8-18c5"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86a243-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baad3730-FRA
x-cache-hits: 2, 1

GET
H2 200 drupal.init.js Show response
www.tripwire.com/core/misc/ 728 B
603 B 101ms
92ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupal.init.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6908b5b19c1f4e108f8a4544274e29369e04565fda82ae39e902d2f373bd841a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 401
x-served-by: cache-chi-klot8100086-CHI, cache-fra-eddf8230033-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.565447,VS0,VE2
etag: W/"653acbd6-2d8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86de28-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bab23730-FRA
x-cache-hits: 2, 1

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 204ms
50ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:05 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 102347
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:33 GMT
server: cloudflare
etag: W/"c09-60618514a9dca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 81cbc8a36c941e56-FRA

GET
H2 200 popper.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 21 KB
8 KB 99ms
91ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/popper.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 8365
x-served-by: cache-chi-klot8100045-CHI, cache-fra-eddf8230083-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698418566.565451,VS0,VE1
etag: W/"653acbdc-52f1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87bd9c-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bab33730-FRA
x-cache-hits: 2, 1

GET
H2 200 bootstrap.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 61 KB
19 KB 103ms
95ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/bootstrap.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 19264
x-served-by: cache-chi-kigq8000048-CHI, cache-fra-eddf8230070-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698418566.567623,VS0,VE2
etag: W/"653acbe0-f3e8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea894e97-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bab53730-FRA
x-cache-hits: 3, 1

GET
H2 200 stacktable.js Show response
www.tripwire.com/libraries/stacktable/ 8 KB
3 KB 107ms
99ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/libraries/stacktable/stacktable.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 2372
x-served-by: cache-chi-kigq8000130-CHI, cache-fra-eddf8230076-FRA
last-modified: Thu, 26 Oct 2023 20:28:08 GMT
server: cloudflare
x-timer: S1698418566.568621,VS0,VE2
etag: W/"653acbd8-201b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87110f-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bab63730-FRA
x-cache-hits: 3, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 6 KB
3 KB 142ms
134ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881410ee52aa6c774807d189bb8010708d7c17a871d337c32bfadfaf06dc9721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 2374
x-served-by: cache-chi-kigq8000035-CHI, cache-fra-eddf8230106-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698418566.566596,VS0,VE16
etag: W/"653acbcd-1950"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea869d5e-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bab93730-FRA
x-cache-hits: 3, 1

GET
H2 200 iframeResizer.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 13 KB
6 KB 105ms
97ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 5880
x-served-by: cache-chi-klot8100099-CHI, cache-fra-eddf8230118-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698418566.565434,VS0,VE2
etag: W/"653acbcd-34f8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea870d67-743e-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2babc3730-FRA
x-cache-hits: 2, 1

GET
H2 200 pardot-iframe.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 26 B
305 B 99ms
92ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/pardot-iframe.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 46
x-served-by: cache-chi-kigq8000176-CHI, cache-fra-eddf8230081-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698418566.566196,VS0,VE2
etag: W/"653acbe0-1a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87bdf4-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2babd3730-FRA
x-cache-hits: 3, 1

GET
H2 200 widget.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 8 KB
3 KB 104ms
97ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 3113
x-served-by: cache-chi-kigq8000029-CHI, cache-fra-eddf8230090-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698418566.567594,VS0,VE2
etag: W/"653acbdc-2162"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea878604-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2babf3730-FRA
x-cache-hits: 3, 1

GET
H2 200 widget-code.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 1 KB
867 B 99ms
93ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget-code.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 659
x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698418566.566504,VS0,VE2
etag: W/"653acbcd-5c3"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8ab619-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac13730-FRA
x-cache-hits: 3, 1

GET
H2 200 jquery.once.bc.js Show response
www.tripwire.com/core/misc/ 1 KB
743 B 137ms
130ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/jquery.once.bc.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677e31ab08602b0823fbeed9b5a72c62b3d1e630b28ae1f155ef2ad3c940ee0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 523
x-served-by: cache-chi-kigq8000049-CHI, cache-fra-eddf8230033-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.572204,VS0,VE2
etag: W/"653acbd6-4f3"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d7e8b-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac23730-FRA
x-cache-hits: 3, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 762 B
547 B 100ms
94ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/composer/bootstrap_barrio/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d352a062e20f25442a337c59b45e0c53752ecae4343240979bb937badd964f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 328
x-served-by: cache-chi-kigq8000068-CHI, cache-fra-eddf8230135-FRA
last-modified: Thu, 26 Oct 2023 20:27:50 GMT
server: cloudflare
x-timer: S1698418566.565845,VS0,VE2
etag: W/"653acbc6-2fa"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8abc3c-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac33730-FRA
x-cache-hits: 3, 1

GET
H2 200 affix.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 1009 B
712 B 106ms
100ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/composer/bootstrap_barrio/js/affix.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 919d85e8e1ed4523535898cf35e18f976df480923585221ad7c6142bf251a262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-vqjjl
content-length: 480
x-served-by: cache-chi-klot8100057-CHI, cache-fra-eddf8230076-FRA
last-modified: Thu, 26 Oct 2023 20:28:14 GMT
server: cloudflare
x-timer: S1698418566.567074,VS0,VE5
etag: W/"653acbde-3f1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a200717-743e-11ee-bf30-a2ccb631cd5a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac53730-FRA
x-cache-hits: 4, 1

GET
H2 200 bootstrap.min.js Show response
www.tripwire.com/themes/custom/tripwire/js/ 61 KB
19 KB 137ms
130ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/tripwire/js/bootstrap.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 19264
x-served-by: cache-chi-kigq8000075-CHI, cache-fra-eddf8230118-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698418566.570238,VS0,VE2
etag: W/"653acbcd-f3e8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea874f9f-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac73730-FRA
x-cache-hits: 2, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/tripwire/js/ 2 KB
1 KB 99ms
93ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/tripwire/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811de965a04f402872dcbad603d6fa5c7822096cb36bfb11e5d626d3d5d58f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 828
x-served-by: cache-chi-klot8100081-CHI, cache-fra-eddf8230023-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698418566.567583,VS0,VE0
etag: W/"653acbe0-82e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d4b2f-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bac83730-FRA
x-cache-hits: 3, 2

GET
H2 200 better_exposed_filters.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 1 KB
765 B 104ms
98ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/modules/composer/better_exposed_filters/js/better_exposed_filters.js?v=4.x
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa0c7e45a2a21230703828b4be828d5d81ed7c85e6cf881da1a42d7c6f1c9cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 488
x-served-by: cache-chi-kigq8000068-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698418566.568685,VS0,VE2
etag: W/"653acbc9-40b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d5ec8-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2baca3730-FRA
x-cache-hits: 4, 1

GET
H2 200 debounce.js Show response
www.tripwire.com/core/misc/ 745 B
650 B 100ms
94ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/debounce.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d591bcdfc0e449a3d93b3574e883942e867f9edfadd21d2a0c5447d1d5726c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 407
x-served-by: cache-chi-klot8100040-CHI, cache-fra-eddf8230108-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698418566.568990,VS0,VE0
etag: W/"653acbd6-2e9"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea891f29-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bacc3730-FRA
x-cache-hits: 2, 2

GET
H2 200 auto_submit.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 4 KB
2 KB 100ms
94ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/modules/composer/better_exposed_filters/js/auto_submit.js?v=4.x
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e17c0a99049cfb34ccbe70106ed428a72c57a492686368253288ba2948b489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-c6lqj
content-length: 1836
x-served-by: cache-chi-klot8100138-CHI, cache-fra-eddf8230071-FRA
last-modified: Thu, 26 Oct 2023 20:28:08 GMT
server: cloudflare
x-timer: S1698418566.566887,VS0,VE2
etag: W/"653acbd8-117d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8b7e77-743e-11ee-804f-72da6b7578c1
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2bacd3730-FRA
x-cache-hits: 3, 1

GET
H2 200 css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css
www.tripwire.com/sites/default/files/css/ 497 B
547 B 89ms
88ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6381ffe01aa68320ad1bb13b61db1e4ecdaabf2f42df8739d6405a9837606ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 21:09:54 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66158
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-75fb65bc5f-gbfhb
content-length: 271
x-served-by: cache-chi-kigq8000045-CHI, cache-fra-eddf8230040-FRA
last-modified: Mon, 09 Oct 2023 20:44:38 GMT
server: cloudflare
x-timer: S1698418566.591461,VS0,VE9
etag: W/"65246636-1f1"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 316810f6-66e8-11ee-bcbc-925837b5a23a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a2db063730-FRA
x-cache-hits: 3, 1

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 147ms
58ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3602b010a88d9792ba0a6f20eb912700ebead8993eb12141f20ed1cbf9223d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 14:56:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 14:56:05 GMT

GET
H2 200 v1.7-1064 Show response
consent.trustarc.com/asset/notice.js/v/ 88 KB
26 KB 54ms
54ms Script
text/javascript 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-1064

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f45a4b7d84fcba68fee4db26859810d7021314e50fca1a716449a2a7beeb97e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:15:51 GMT
content-encoding: gzip
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR62-C4
age: 2414
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 23 Oct 2023 05:12:34 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Y4KrsEAezGgtoVwFMxGofV3Fwut2XD2xnwxaGZ1c7poPnqJt1au9JQ==
expires: Sun, 26 Nov 2023 14:15:51 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame B79F 2 KB
1 KB 137ms
46ms Document
text/html 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3208
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 27 Oct 2023 14:02:37 GMT
expires: Sun, 26 Nov 2023 14:02:37 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
x-amz-cf-id: Sr_XVv52TrZuG_AfRWrBFv4VIjCCyNVQg-a8yNvwqu0uH8DvNMyvmw==
x-amz-cf-pop: LHR62-C4
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 164ms
72ms Image
image/gif 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW&c=5085&referer=https://www.tripwire.com

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR62-C4
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: BdfZrxT_TNEp2fNkCtJFex3idaLCh8IeuVlaFb7vezW2hJ5VY5Vg3g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
88 KB 156ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMS49C8

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed378091eb82d92fcf68d04f3fb9b06f273fe7248d038c6dcc842359c1f2cdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89566
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 14:56:05 GMT

GET
H2 200 fa-light-300.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 186 KB
186 KB 58ms
56ms Font
font/woff2 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-light-300.woff2
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586

Request headers

Referer: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:27 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-f2blj
content-length: 190440
x-served-by: cache-chi-kigq8000110-CHI, cache-fra-eddf8230135-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698418566.893037,VS0,VE3
etag: "653acbdc-2e7e8"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: ead0d65d-743e-11ee-8eb8-668f5772df65
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a4cd9d3730-FRA
x-cache-hits: 1, 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 155ms
57ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 38953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 226ms
128ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:52:03 GMT
x-content-type-options: nosniff
age: 507842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 17:52:03 GMT

GET
H2 200 fa-solid-900.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 138 KB
139 KB 67ms
66ms Font
font/woff2 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-solid-900.woff2
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

Referer: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:18 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66159
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 141600
x-served-by: cache-chi-klot8100120-CHI, cache-fra-eddf8230071-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698418566.894110,VS0,VE2
etag: "653acbc9-22920"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 565a7778-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a4cda13730-FRA
x-cache-hits: 1, 1

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 227ms
129ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 16:18:35 GMT
x-content-type-options: nosniff
age: 513450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 16:18:35 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 196ms
98ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 09:21:37 GMT
x-content-type-options: nosniff
age: 538468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 09:21:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 161ms
63ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 523126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 13:37:19 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 209ms
112ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 588168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 19:33:17 GMT

GET
H2 200 linkedin-job.jpg
www.tripwire.com/sites/default/files/2023-10/ 105 KB
105 KB 75ms
54ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/linkedin-job.jpg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9343838c3ed1a1667db9e74c7984f245c234554e7a09a037f987d524d048a6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:12:39 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66150
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 107051
x-served-by: cache-chi-klot8100107-CHI, cache-fra-eddf8230108-FRA
last-modified: Thu, 26 Oct 2023 14:12:11 GMT
server: cloudflare
x-timer: S1698418566.975517,VS0,VE2
etag: "653a73bb-1a22b"
content-type: image/jpeg
x-styx-req-id: b8899b82-7409-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a54e773730-FRA
x-cache-hits: 8, 1

GET
H2 200 linkedin-malware-message.jpeg
www.tripwire.com/sites/default/files/2023-10/ 33 KB
33 KB 101ms
80ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/linkedin-malware-message.jpeg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54759ca38945050fdfc8469be8e8204763ea31dbb1e09aedb71bdf0ed1dba259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:05:26 GMT
date: Fri, 27 Oct 2023 14:56:06 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 65768
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 33549
x-served-by: cache-chi-kigq8000117-CHI, cache-fra-eddf8230090-FRA
last-modified: Thu, 26 Oct 2023 14:05:21 GMT
server: cloudflare
x-timer: S1698418566.977132,VS0,VE24
etag: "653a7221-830d"
content-type: image/jpeg
x-styx-req-id: b6a65767-7408-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a54e7a3730-FRA
x-cache-hits: 5, 1

GET
H2 200 corsair-job.jpeg
www.tripwire.com/sites/default/files/2023-10/ 43 KB
44 KB 92ms
72ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/corsair-job.jpeg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c926030f3f91f720ddc902ee6a836ee7d9b962b9c7d5545370e58461a153b37d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:06:45 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 65768
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-8wjkj
content-length: 44230
x-served-by: cache-chi-kigq8000102-CHI, cache-fra-eddf8230070-FRA
last-modified: Thu, 26 Oct 2023 14:06:36 GMT
server: cloudflare
x-timer: S1698418566.980808,VS0,VE2
etag: "653a726c-acc6"
content-type: image/jpeg
x-styx-req-id: e544a57a-7408-11ee-ad1b-0a834989ccb7
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a54e7b3730-FRA
x-cache-hits: 5, 1

GET
H2 200 graham-cluley_profile_pic.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/ 2 KB
2 KB 97ms
77ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/graham-cluley_profile_pic.jpg?itok=ffTH8VnN
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb67fac14a3ff2580053f5a7e7b1b81d143e3de1e602748e0334c392a5396ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 20 Sep 2024 18:49:01 GMT
date: Fri, 27 Oct 2023 14:56:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 66085
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-7d68986d5d-5cbjh
content-length: 2237
x-served-by: cache-chi-klot8100051-CHI, cache-fra-eddf8230108-FRA
last-modified: Wed, 10 May 2023 07:27:50 GMT
server: cloudflare
x-timer: S1698418566.978891,VS0,VE2
etag: "645b4776-8bd"
content-type: image/jpeg
x-styx-req-id: 5d90bd2a-57e6-11ee-82dc-866ed7ad4f37
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cbc8a54e7c3730-FRA
x-cache-hits: 2, 1

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame FB07 677 B
541 B 79ms
69ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1291596
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 81cbc8a54f8e1e56-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 14:56:05 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.f4498a6a.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 128ms
72ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.f4498a6a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2845744
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:31 GMT
server: cloudflare
etag: W/"11650-606185138cb5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 81cbc8a59fda362b-FRA

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 9216 5 KB
3 KB 223ms
91ms Document
text/html 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 14:56:06 GMT
etag: W/"5111-1696834446000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-amz-cf-id: 408QUrio87RnEHJVQLkpdaOuSS6BE299On7LMns9q5bp4x1bXu9xMA==
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
427 B 67ms
60ms Image
image/gif 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.6927951110579054&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW&referer=https://www.tripwire.com

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 14:56:06 GMT
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR62-C4
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: WhmgFlMOyWfZyfItDs8X-olIhSN-18FO82efhVhRft5JBe8SBp8mcg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9216 5 KB
3 KB 157ms
157ms Script
application/javascript 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-144-109.mrs52.r.cloudfront.net

Software

nginx /

Resource Hash

5a1239e59fef1fc369bb2339c810999caa4d063949f1ae78acb073c8acbd250a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"4867-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Eo0a7VI6QE9PcW8jdWnGkwkReKb-bocOQ1Dtt4ZYB9j-GoWW1ICsDQ==
expires: Fri, 27 Oct 2023 14:56:05 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 9216 20 KB
5 KB 197ms
55ms Script
text/javascript 52.222.144.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.144.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: public
date: Sat, 14 Oct 2023 05:27:13 GMT
content-encoding: gzip
via: 1.1 b8924c6b1eac8fe7d9c9873915e5d06a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MRS52-C2
age: 1157333
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: xhfhXVMo2OSz_fy6Oz38Nwe2qIVs_19D28x1g3Xx3FoaC5bLL2KtMA==
expires: Mon, 13 Nov 2023 05:27:13 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 9216 3 KB
3 KB 53ms
53ms Image
image/gif 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:35:32 GMT
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 1235
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"2608-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: yOgZYk0zHLGIq-nbBu0DV8Og8S7aFbuu2cRB6o2LT245YZhGBbRC0g==

GET
H2 200 A9C0FF58CA469E40741F487C4C79DD16.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 22CE 141 KB
46 KB 58ms
57ms Document
text/html 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ebbe09ce80b9c406ffb23539c11f2061b6b3a413b72a35c3f8ccfda49858bf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 381984
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 04:49:42 GMT
etag: W/"144103-1696834466000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-amz-cf-id: k5HlouoHZPuFCNqF5WysOoFljRs1Or7JpkBiqIHALLEoOEwhc7mk6w==
x-amz-cf-pop: MXP53-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9216 1 KB
1 KB 89ms
89ms XHR
application/json 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 481
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: H0Py_W413T04jfZg23HFjE1ZQbBtNWUtxA7sLNacJ8i-aTBlK8XT8A==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9216 48 B
622 B 83ms
83ms XHR
application/json 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44f342f4ccda5e000a31c2e51957138b59bc33d96528910716ef98f344168516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: L1qeaDOz8aZotoaV30Yij4jkZJ9ZekYNz4DtiylJA1ZOYRE7J5wFug==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 9216 30 KB
7 KB 49ms
49ms Stylesheet
text/css 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:29:18 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 1610
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"30603-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: NFsXXqzYCMmiBWWNi9R3MxvJS8ytRPtgttyFeRiMNPhRls6SK-sfqA==
expires: Fri, 27 Oct 2023 14:29:15 GMT

GET
H2 200 11.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 9216 266 KB
91 KB 55ms
55ms XHR
application/javascript 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/11.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

53a209d677bcf8346ee7650210fc3cb7fd7cd448832297e3c9186f05a2301659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:23 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 381943
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"272572-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: TS3y9kcHCi5_5Ecf4AfTW5RY8L9buEp8qwxXf-Swdw5EAv3vQ_VtkA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 9216 20 KB
9 KB 49ms
49ms XHR
application/javascript 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-93-86-95.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4946599a26d4b4702c629c4faeeb37fe6ac01b11c82ea11aa973692170e9f665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:23 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 381943
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"20966-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Z0PcyzL_pEtyRlZA0gvYkACKPYRvdrZ9KDWhIofhBbXJYLkiid7nPQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 9DE4 5 KB
2 KB 426ms
138ms Document
text/html 3.93.86.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.86.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:56:07 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9216 856 B
945 B 86ms
85ms XHR
application/json 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 353
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: YauU461FDiv6J8ZLE29w9B_R0UTJvVCAUAYabr_uYbjNH--zz3tEWw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9216 24 KB
7 KB 85ms
85ms XHR
application/json 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:56:06 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6347
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: _VlBTTAvGO6np3cUU5xha_rQK7ynVmH2snh5FA0j6LnRJO47O0hiEQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9216 4 KB
5 KB 48ms
47ms Image
image/png 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:35:37 GMT
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 1231
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"4197-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: PjJeWpwdEI9rzr3NrmQevpVPDQhFNn0XtjW15-_el7raWWeX781w9Q==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 9216 7 KB
4 KB 48ms
48ms XHR
application/javascript 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84564ffaf2ad066235fbf5e6ffca74b4347faf5c61be31c00b7138d4b70a5117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:25 GMT
content-encoding: gzip
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MXP53-P3
age: 381942
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"7462-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: xLA63Vg47-2YIK6SCgR2PoPSRZdo7PBbOv6XNrueu3NOtsOdmpc5VQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 9216 3 KB
1 KB 46ms
45ms Image
image/svg+xml 52.84.90.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.90.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: public
date: Fri, 27 Oct 2023 14:39:43 GMT
content-encoding: gzip
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: LHR62-C4
age: 984
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 2c6Bp2ZksYr7a7Kv5Iyls98O3Ei42Q9Qmh7Sus5Er7AmCCuTWd-BHw==
expires: Sun, 26 Nov 2023 14:39:43 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 3050 2 KB
1 KB 48ms
47ms Document
text/html 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8946e6df-bd45-4f06-bc8e-14853e92beff&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1362
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 14:33:26 GMT
etag: W/"2008-1696834446000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 af0f2c428d303d6b7ae845c9bf651b68.cloudfront.net (CloudFront)
x-amz-cf-id: oKP0mWtdnQJUwqVxJ4weSamX_xdlSlNJFhusvBghA7unxeYskEahDg==
x-amz-cf-pop: MXP53-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9216 4 KB
5 KB 51ms
51ms Image
image/png 3.160.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.212.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS