checkmarx.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Submission: On August 31 via api (August 31st 2023, 2:12:09 am UTC) from TR — Scanned from DE

Summary HTTP 300 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 28 domains to perform 300 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is checkmarx.com. The Cisco Umbrella rank of the primary domain is 527118.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2023. Valid for: a year.

This is the only time checkmarx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 130	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
14	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:d133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.17.100.210 2.17.100.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:9000:20e... 2600:9000:20eb:bc00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.214.244.79 54.214.244.79	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:710... 2a02:26f0:7100::210:172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.222.236.102 52.222.236.102	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
300	36

130 141.193.213.20 (United States) 3 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

checkmarx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d133 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.17.100.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-210.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:bc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.214.244.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-244-79.us-west-2.compute.amazonaws.com

gw.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:172 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-102.fra56.r.cloudfront.net

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
130	checkmarx.com 3 redirects checkmarx.com — Cisco Umbrella Rank: 527118	7 MB
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 5776	780 KB
19	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 11748 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6214 track.hubspot.com — Cisco Umbrella Rank: 2299 forms.hubspot.com — Cisco Umbrella Rank: 4655	23 KB
14	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6601 customer.api.drift.com — Cisco Umbrella Rank: 7075 metrics.api.drift.com — Cisco Umbrella Rank: 6449 event.api.drift.com — Cisco Umbrella Rank: 7134 targeting.api.drift.com — Cisco Umbrella Rank: 6720 flow.api.drift.com — Cisco Umbrella Rank: 11515	10 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 5691 c.6sc.co — Cisco Umbrella Rank: 8562 ipv6.6sc.co — Cisco Umbrella Rank: 5947 b.6sc.co — Cisco Umbrella Rank: 3992	28 KB
8	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6371	5 KB
8	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4292 forms-na1.hsforms.com — Cisco Umbrella Rank: 6837 perf.hsforms.com — Cisco Umbrella Rank: 12448	14 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 900 r.clarity.ms — Cisco Umbrella Rank: 7807 c.clarity.ms — Cisco Umbrella Rank: 1455	28 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4243 ws-assets.zoominfo.com — Cisco Umbrella Rank: 14955	20 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
4	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881 gw.linkedin.oribi.io — Cisco Umbrella Rank: 13956	25 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	12 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 9640	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6457	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 87	403 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3238 www.google.com — Cisco Umbrella Rank: 2	660 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	181 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6616	329 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 14318	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	762 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 450	573 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3439	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3144	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4489	86 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2155	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 20507	7 KB
300	28

	Domain	Requested by
130	checkmarx.com	3 redirects checkmarx.com
69	js.driftt.com	checkmarx.com js.driftt.com
11	track.hubspot.com
6	b.6sc.co
6	px.ads.linkedin.com	3 redirects cdn.linkedin.oribi.io checkmarx.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com checkmarx.com
4	targeting.api.drift.com	js.driftt.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	cta-service-cms2.hubspot.com	js.hscta.net
4	snap.licdn.com	checkmarx.com snap.licdn.com js.hsadspixel.net
4	forms.hsforms.com	js.hsforms.net checkmarx.com
3	js.zi-scripts.com	checkmarx.com js.zi-scripts.com
3	perf.hsforms.com	checkmarx.com
3	cdn.linkedin.oribi.io	snap.licdn.com
3	r.clarity.ms	www.clarity.ms
3	www.clarity.ms	checkmarx.com www.googletagmanager.com www.clarity.ms
3	no-cache.hubspot.com	checkmarx.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	customer.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	c.6sc.co	j.6sc.co
2	www.google.de	checkmarx.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	j.6sc.co	checkmarx.com www.googletagmanager.com
2	www.googletagmanager.com	checkmarx.com www.googletagmanager.com
2	js.hsforms.net	checkmarx.com
1	driftt.imgix.net
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	forms.hubspot.com	js.hsleadflows.net
1	c.bing.com	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	gw.linkedin.oribi.io	cdn.linkedin.oribi.io
1	api.hubapi.com	js.hsadspixel.net
1	forms-na1.hsforms.com	checkmarx.com
1	px4.ads.linkedin.com	checkmarx.com
1	www.linkedin.com	1 redirects
1	www.google.com	checkmarx.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	checkmarx.com
1	js.hscta.net	checkmarx.com
300	48

This site contains links to these domains. Also see Links.

Domain
www.codebashing.com
devhub.checkmarx.com
info.checkmarx.com
checkmarx.force.com
www.linkedin.com
checkmarxpartner.learnamp.com
source.checkmarx.com
support.checkmarx.com
blog.phylum.io
medium.com
cryptorocket.com
binarium.com
github.com
gist.github.com
www.facebook.com
twitter.com
www.youtube.com
www.checkmarx.com

Subject Issuer	Validity	Valid
checkmarx.com Cloudflare Inc ECC CA-3	`2023-06-20` - `2024-06-18`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Frame ID: 369ADBCC702A82ACB5CFA19C40BDDC46
Requests: 216 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
Frame ID: 91418C63A20B872891A2716925607895
Requests: 41 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
Frame ID: D497D61F2A321AB33EBD574E31251433
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

An Ongoing Open Source Attack Reveals Roots Dating Back To 2021AccessibilityIncrease TextDecrease TextGrayscaleHigh ContrastNegative ContrastLight BackgroundLinks UnderlineReadable FontReset

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

300
Requests

98 %
HTTPS

72 %
IPv6

28
Domains

48
Subdomains

36
IPs

4
Countries

8478 kB
Transfer

15463 kB
Size

46
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.codebashing.com/?__hstc=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&__hssc=206289484.1.1693447924303&__hsfp=1966805734
Title: Checkmarx CodebashingSecure Code Training

Search URL Search Domain Scan URL

URL: https://devhub.checkmarx.com/
Title: Developer Hub

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=2fb079a6-81fc-4c5f-ae75-feb00aa4f920&signature=AAH58kE38EEf1mbDheJbT-fSyr7jHEnSFg&placement_guid=4c2e6bdf-ae82-4526-9232-d9e4d62b04df&click=60e5a377-082b-44cb-af8a-f88964551c11&hsutk=c3255bfcfd846120cc3cbe0e0dcd59d9&canon=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&portal_id=146169&redirect_url=APefjpFOQVXXPS5M4WUT1MoXd1vsmayw6dq1yO8drSArdlodn9dYJk04aoo36anbOZ5mco7jtSDoff0wsnhYhrv3-UuoVg84kkySwKz3dgRMN9iE3-7-jq7ZNncutVOa-twaHwpbHrNZ&__hstc=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&__hssc=206289484.1.1693447924303&__hsfp=1966805734&contentType=blog-post
Title: Developers

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=48354eb6-382a-4fb6-b9df-84a4241352a2&signature=AAH58kHFMSzP2PQ3Eu9ahqCplIcA2FBPLA&placement_guid=19a8ada6-0b37-4567-825c-aefe1cff3e04&click=cc60f854-0d13-4c78-8ab8-4695cc6145f1&hsutk=c3255bfcfd846120cc3cbe0e0dcd59d9&canon=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&portal_id=146169&redirect_url=APefjpHOQL2OxJEuhdvOqTXRWDavugjmUMealE_M8aCqtXuTC0BRQDBYDmIcuprI5_ZcdvBA3U1NVjnElad-xCf0_3T-bL7E4yPz9BkmOwJMMj53ovv6qcJf0fMihkv5U5mnRbXMYpNw&__hstc=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&__hssc=206289484.1.1693447924303&__hsfp=1966805734&contentType=blog-post
Title: AppSec

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=b14996c2-373d-4971-a05c-0bb363e40a16&signature=AAH58kG6qQ_YxGB7HlgleWzYI6GMLpSA2Q&placement_guid=1385e65d-54b6-4a5d-8a28-f622009167ac&click=5f466a09-1f7c-4f89-a324-8acfa27b6580&hsutk=c3255bfcfd846120cc3cbe0e0dcd59d9&canon=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&portal_id=146169&redirect_url=APefjpGfiOz0B8MMXVOeGW8s7dB3Ig5htvrSavjC6PQA2-A_iwzohAAsm18p6Bk6I2aibAAuKlGj1k3U5Q1Ebo4StH-VhH-yofh0OQYZ9LmhFw2mX57husF86Ku3H22FcDC1kB8WXD_n&__hstc=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&__hssc=206289484.1.1693447924303&__hsfp=1966805734&contentType=blog-post
Title: Leadership

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/gartner-mq-2023?utm_source=hs_email&utm_medium=blog&utm_campaign=gartner_mq&utm_search_query=gartner_mq_2023&
Title: Get the Report

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/tech-partner/brinqa
Title: Brinqa

Search URL Search Domain Scan URL

URL: https://checkmarx.force.com/CheckmarxPartnerCommunity/s/login/?ec=302&startURL=%2FCheckmarxPartnerCommunity%2Fs%2F
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/checkmarx-partner-hub
Title: Partner Hub - Learn from other Partners

Search URL Search Domain Scan URL

URL: https://checkmarxpartner.learnamp.com/
Title: Partner Academy

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/c/videos
Title: Videos

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/c/news/articles/
Title: Articles

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/c/comics/10
Title: Comics

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/tag/lightboard
Title: Lessons

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/c/news/blogs/6
Title: Tech Blog

Search URL Search Domain Scan URL

URL: https://source.checkmarx.com/c/events/
Title: Community Events

Search URL Search Domain Scan URL

URL: https://support.checkmarx.com/CheckmarxCustomerServiceCommunity/s/login/
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=2fb079a6-81fc-4c5f-ae75-feb00aa4f920&signature=AAH58kFVlIjtN0TKpp4HYnyIrtUoBW5GsQ&placement_guid=4c2e6bdf-ae82-4526-9232-d9e4d62b04df&click=d5597bcf-cea5-4530-8cae-773f5e3adc68&hsutk=cd431433a0c9909302545a1502e8a73d&canon=https%3A%2F%2Fcheckmarx.com%2Fresource%2Fvideos%2F&utm_referrer=https%3A%2F%2Fcheckmarx.com%2F&portal_id=146169&redirect_url=APefjpE8zFTZbENbccDblwvGoMihpDh1h9pJ-ed9Cb_gv1vRiG7KpPXXuRMSPMP-0q64c3xgwya5D59C8McNvnEdHX3tIMRA7rX_hm6gCOC9McdBLkhGzhe6s3OPN2mABjuoZzVHWCsNJBq1dj7bwgiQYF8z_eebfXGaAyS2WmEPMNfD405ZdqWazbJl8v5zzOm-ksTKGxdFqFaGGhVWlhdjENI6VoGo_TzwWJKW-VgfjGTjo21EbuS9Xv6ElRfUaYrC5v15i14tSxlWne2-hFLi6mDpkek8YU1YClJgBlUA0MGpzQ5vZNs&__hstc=51647990.cd431433a0c9909302545a1502e8a73d.1626091166125.1627325829490.1627330112881.58&__hssc=51647990.16.1627330112881&__hsfp=978758889&contentType=standard-page&
Title: Developers

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=48354eb6-382a-4fb6-b9df-84a4241352a2&signature=AAH58kGAWifSeVHz9PlzliNLqySJ1E7SMQ&placement_guid=19a8ada6-0b37-4567-825c-aefe1cff3e04&click=c7b35923-ba4c-45f9-8c1a-4446f18d4267&hsutk=cd431433a0c9909302545a1502e8a73d&canon=https%3A%2F%2Fcheckmarx.com%2Fresource%2Fvideos%2F&utm_referrer=https%3A%2F%2Fcheckmarx.com%2F&portal_id=146169&redirect_url=APefjpFtLgjM9xuqn43L2-HzYs8h-IVa2-r--sNd4ME7rf-ANfqml-xZNjKvhd8wzrB8LAKo5RbUUtWlEPRJbxAByjhYJwCWKMpcPeYdm0WpjoEJxJhnl2KjpZiTF3zv6lc3C0zNwn2gE9OYxffSJZis0-Y8rWeM2Cok7tMtPk43Coe_YYaKeGIGmerrFJrb_SxhmBEJsE0Zcy0WtDFtfMnRPKIxwxrPk30TxETSQjaIAOjKWTUROKalNxDcIbwi51GXF61vW3g890eI26Qbx80-eN3ZhpAPpQ&__hstc=51647990.cd431433a0c9909302545a1502e8a73d.1626091166125.1627325829490.1627330112881.58&__hssc=51647990.16.1627330112881&__hsfp=978758889&contentType=standard-page&
Title: AppSec

Search URL Search Domain Scan URL

URL: https://info.checkmarx.com/cs/c/?cta_guid=b14996c2-373d-4971-a05c-0bb363e40a16&signature=AAH58kH62VEqrOCsVfUBT-S6hhnI2NCKjA&placement_guid=1385e65d-54b6-4a5d-8a28-f622009167ac&click=b705cf53-ea11-4761-8527-368416f0384a&hsutk=cd431433a0c9909302545a1502e8a73d&canon=https%3A%2F%2Fcheckmarx.com%2Fresource%2Fvideos%2F&utm_referrer=https%3A%2F%2Fcheckmarx.com%2F&portal_id=146169&redirect_url=APefjpEeMywQSjEPdL7KelzM3pvkvhBcnFXcFqhzaMxWvbS-jjLdfKr-ebKrzAijGUH4QpOHC5YXSeKwqETt3vLFMmv9A9x37yMZ06NMpUTW42JAJoZy5pZVuJEy-1TTJqK6ktHo8ol6x061HLST4mLEzsQduiVwP4LX4ZArqTcuRKDhEV4r-4EJ-nwoASetylINFAukKGOhwj6hFtCSY1o88KutwbDVAgpvBGl7YP10hIu9gyct8PMoD4NRLckxH9nAyLQ4fBQBII00c4_4vj0GcjBnrwYvPz24C3RFxELP4-STSVI3GZU&__hstc=51647990.cd431433a0c9909302545a1502e8a73d.1626091166125.1627325829490.1627330112881.58&__hssc=51647990.16.1627330112881&__hsfp=978758889&contentType=standard-page&
Title: Leadership

Search URL Search Domain Scan URL

URL: https://blog.phylum.io/targeted-npm-malware-attempts-to-steal-developers-source-code-and-secrets/
Title: published by Phylum

Search URL Search Domain Scan URL

URL: https://medium.com/checkmarx-security/pyramid-of-pain-evolving-our-defenses-to-combat-supply-chain-attackers-ad09275178e8
Title: Only by learning attacker tactics, techniques, and procedures (TTPs)

Search URL Search Domain Scan URL

URL: https://cryptorocket.com/?ref=blog.phylum.io#signup1
Title: CryptoRocket

Search URL Search Domain Scan URL

URL: https://binarium.com/?ref=blog.phylum.io
Title: Binarium

Search URL Search Domain Scan URL

URL: https://github.com/os-scar/yara-signatures/tree/main
Title: os-scar/yara-signatures

Search URL Search Domain Scan URL

URL: https://gist.github.com/masteryoda101/01eee19e50054733dcde5b7364949550
Title: https://gist.github.com/masteryoda101/01eee19e50054733dcde5b7364949550

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Checkmarx.Source.Code.Analysis
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/checkmarx
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/checkmarx
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CheckmarxResearchLab
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.checkmarx.com/privacy-policy/
Title: Checkmarx Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.checkmarx.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806 HTTP 301
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

Request Chain 143

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806 HTTP 301
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

Request Chain 156

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806 HTTP 301
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

Request Chain 161

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3808748%26time%3D1693447922374%26url%3Dhttps%253A%252F%252Fcheckmarx.com%252Fblog%252Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest=true&liSync=true&e_ipv6=AQI2iIby6rmbPQAAAYpJXKcds__w0FGrGXvagFQAmVLKLqT1-batp5OKK2yfgmrHkIXwqeE

Request Chain 189

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&RedC=c.clarity.ms&MXFR=1ADA8C7D2FF06B2A07E59F032BF0659A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&MUID=2C2E3AE07CB062D731C6299E7D626394

300 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/ 307 KB
51 KB 185ms
99ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

2ecf160ce3d74f9d2940ff54b53ae5142481b843a9720429a37a33234153b581

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ff1bf0209195b68-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 02:12:01 GMT
link: <https://checkmarx.com/wp-json/>; rel="https://api.w.org/" <https://checkmarx.com/wp-json/wp/v2/posts/86706>; rel="alternate"; type="application/json" <https://checkmarx.com/?p=86706>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 7
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
x-wpe-request-id: b7a5201b6b53191f6c405cb64b39e226

GET
H2 200 formidableforms1.css
checkmarx.com/wp-content/plugins/formidable/css/ 51 KB
9 KB 68ms
58ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/formidable/css/formidableforms1.css?ver=825537

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e4568c51ded6d9d5d2f620b7ad2bf6efbf6c70c0a29c87635c03ef28063066

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 1e9f4d1d02dfbb0c7bdbfcd1a4549280
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 05:37:12 GMT
server: cloudflare
etag: W/"64e83e08-cc04"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c94a5b68-FRA

GET
H2 200 icons.css
checkmarx.com/wp-content/plugins/th-widget-pack/assets/icons/ 52 KB
7 KB 94ms
79ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.2.5

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48d01207db36011a52ba50f8fdbef2c589fc97692a7f5c93d182f846dc77164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 5cb160f4b70808b38e2e0a1bdede51e8
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-d147"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c94e5b68-FRA

GET
H2 200 global.css
checkmarx.com/wp-content/plugins/th-widget-pack/css/ 3 KB
649 B 94ms
78ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/css/global.css?ver=1678689738

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f3cc852c9c3849b93ab403bff853542df94d4421891b4f50aeacb24f9aeeef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 307554b9a20890048755d375558a94da
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-a3f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9515b68-FRA

GET
H2 200 premium-addons.min.css
checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/ 323 KB
38 KB 65ms
49ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a11ae77fcb4867270516f6f425b8bb454a5794cba4e4fb862d421636c08be66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 3c3afb2edf227662d2864c0a0e2f3551
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:44 GMT
server: cloudflare
etag: W/"64ed78ac-50bbf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9525b68-FRA

GET
H2 200 style.min.css
checkmarx.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 95ms
79ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 487d56c4caae75f42926b0cfa0992f3b
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:01:43 GMT
server: cloudflare
etag: W/"64d46f37-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9535b68-FRA

GET
H2 200 cookie-law-info-public.css
checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1006 B 93ms
77ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: fa4d60b1b43e56d5af8c9ea734546e53
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 04:53:55 GMT
server: cloudflare
etag: W/"64def963-c22"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9545b68-FRA

GET
H2 200 cookie-law-info-gdpr.css
checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 27 KB
5 KB 62ms
47ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 5c5c00833bf26c7896b51d1b4a8d1ce7
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 04:53:55 GMT
server: cloudflare
etag: W/"64def963-6a71"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9555b68-FRA

GET
H2 200 frontend.css
checkmarx.com/wp-content/plugins/groovy-menu/assets/style/ 76 KB
12 KB 68ms
53ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/style/frontend.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

225a9da24e4ab81b00141036b3da481f082398091509d5baea4aa3e8b588857c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: fffce43d5ea2d559b09d8c0936065fa6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-130b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9565b68-FRA

GET
H2 200 groovy-28328.css
checkmarx.com/wp-content/uploads/groovy/fonts/ 6 KB
1 KB 61ms
46ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/groovy/fonts/groovy-28328.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

366247af307ea140e017b24e2d0814493228bdbd3c53c6dbf2c1fc834b077292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 4ff0fcb026f9e5ce7246cb1f0d29572f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:07:47 GMT
server: cloudflare
etag: W/"631fd7e3-1703"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9575b68-FRA

GET
H2 200 groovy-69018.css
checkmarx.com/wp-content/uploads/groovy/fonts/ 9 KB
2 KB 63ms
48ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/groovy/fonts/groovy-69018.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f281054f51e964bf6421e043f3b3b61d077719e028f818e32cf11c51fc7a58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: b4fef1936d8c2dd5e2cb3d7f03547d3b
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:07:47 GMT
server: cloudflare
etag: W/"631fd7e3-22fc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02c9585b68-FRA

GET
H2 200 groovy-socicon.css
checkmarx.com/wp-content/uploads/groovy/fonts/ 16 KB
3 KB 96ms
81ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/groovy/fonts/groovy-socicon.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9333a0af497e8fb916a4aec7d447c960ce1d228320b611d1b0b4e7899de03f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: b00e6511f1d96aae2afac46e76bf09a1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:07:47 GMT
server: cloudflare
etag: W/"631fd7e3-40ad"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9675b68-FRA

GET
H2 200 groovy-96967.css
checkmarx.com/wp-content/uploads/groovy/fonts/ 984 B
518 B 96ms
81ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/groovy/fonts/groovy-96967.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c21fe1321be6ade60c1aaa5a35dfdee5a74a170b54cfc2a8780be9a3857527

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: c2ec8532d52eb43ff0577c13748c5e02
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:07:47 GMT
server: cloudflare
etag: W/"631fd7e3-3d8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9685b68-FRA

GET
H2 200 fontawesome.css
checkmarx.com/wp-content/plugins/groovy-menu/assets/style/ 35 KB
7 KB 95ms
80ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/style/fontawesome.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dc4d2ff233255c8a11048eb95600d21e390d204b460953f487b031350192283

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 6363e711a4b19889b724a39b1c036512
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-8db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96a5b68-FRA

GET
H2 200 fontawesome-webfont.woff2
checkmarx.com/wp-content/plugins/groovy-menu/assets/fonts/ 75 KB
76 KB 109ms
94ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 60653520449a22e40a586ed5375840e5
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: "631fd7f9-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf02f98f5b68-FRA

GET
H2 200 font-internal.css
checkmarx.com/wp-content/plugins/groovy-menu/assets/style/ 644 B
429 B 96ms
82ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/style/font-internal.css?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8a49dcdd74ef560a8ba00e1bfef071a53bc361c4b6bbaecb69930893c5589c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 3b6f6ba8358efdba903935dbbec597e9
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-284"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96b5b68-FRA

GET
H2 200 crane-font.woff
checkmarx.com/wp-content/plugins/groovy-menu/assets/fonts/ 1 KB
2 KB 136ms
122ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/fonts/crane-font.woff?hhxb42

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6153d00b79b60a4562a0dfdbbc6a46b042fe79e27978983d436ee575b05f3eb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 0ea7fdacb2a57f0843de5aa5a6a42c26
alt-svc: h3=":443"; ma=86400
content-length: 1516
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: "631fd7f9-5ec"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf02f9905b68-FRA

GET
H2 200 quform.1.css
checkmarx.com/wp-content/plugins/quform/cache/ 136 KB
22 KB 95ms
81ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/quform/cache/quform.1.css?ver=1693198872

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a1831fcfb64a7420796c5cb36662657aebc76981efd3c181c795e7ff828445

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: ae576e925c456741cf3b562366d2becf
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 05:01:12 GMT
server: cloudflare
etag: W/"64ec2a18-21f51"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96c5b68-FRA

GET
H2 200 pagenavi-css.css
checkmarx.com/wp-content/plugins/wp-pagenavi/ 374 B
339 B 105ms
91ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: a8a6d9413bd2beea21b508bc650c1518
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 May 2023 05:18:46 GMT
server: cloudflare
etag: W/"64588636-176"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96d5b68-FRA

GET
H2 200 header-footer-elementor.css
checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/ 1 KB
503 B 110ms
96ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.2.5

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37ebd2524191bf943476446276026a92083fe5bc43571eec11855c3872bd1af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 265057807a7b1c8f1b8655fb8677436e
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-4c6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96e5b68-FRA

GET
H2 200 elementor-icons.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 136ms
122ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 66404f22bd5fe3b2888c9251620346bd
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:40 GMT
server: cloudflare
etag: W/"64c8b3ec-4bf3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f96f5b68-FRA

GET
H2 200 frontend-legacy.min.css
checkmarx.com/wp-content/plugins/elementor/assets/css/ 10 KB
856 B 135ms
121ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fca5eb2f7f0e369ce02c777e7c947f792a56d9cd843b274e5a535da2dc7211c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 118c86b5ee11891d3e91843b0e05be3d
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:41 GMT
server: cloudflare
etag: W/"64c8b3ed-26c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9705b68-FRA

GET
H2 200 frontend.min.css
checkmarx.com/wp-content/plugins/elementor/assets/css/ 153 KB
19 KB 94ms
81ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a39504ff0e8230cff9511b4027a386c4b2a54601d27524c751e7dc6f0a6e6f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 8fd4bdb2995eb1291c37850e2d6a9dab
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:41 GMT
server: cloudflare
etag: W/"64c8b3ed-2656f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9715b68-FRA

GET
H2 200 swiper.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
2 KB 133ms
119ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 7782c27fe1440071ac7dd6fa5307ebb6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-324c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9725b68-FRA

GET
H2 200 post-1765.css
checkmarx.com/wp-content/uploads/elementor/css/ 7 KB
1 KB 134ms
121ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f133e6f9ccc8483c12bd4b07b20794cf70d9499f1f9efc47e4503fe8c9433c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: f76b78c7597a17b675996525b49a350d
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 10:44:20 GMT
server: cloudflare
etag: W/"64cb8504-1a5f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9735b68-FRA

GET
H2 200 frontend.min.css
checkmarx.com/wp-content/plugins/elementor-pro/assets/css/ 437 KB
42 KB 132ms
119ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3963b8591050c4af2f0edf8a96662113f01900444868e6936c5d192bc44dfe6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 1792a5b51f011b4e6fe78ddc0d8e96a1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-6d562"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9745b68-FRA

GET
H2 200 all.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 133ms
120ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 4334a8a8d53c56fe753c16376b58efab
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-e7d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9765b68-FRA

GET
H2 200 v4-shims.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 132ms
119ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 1d6d51486fbff4300b405f1c3707fe0f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-684e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9775b68-FRA

GET
H2 200 post-83384.css
checkmarx.com/wp-content/uploads/elementor/css/ 35 KB
4 KB 94ms
82ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

55cfa0bac38750e4b58678e0c4a534c6aa030599aaf32420ecdfabf5b483b89b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 6135f84bd575f272859d0e9ca1529231
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 06:00:00 GMT
server: cloudflare
etag: W/"64dc65e0-8bff"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9785b68-FRA

GET
H2 200 frontend.css
checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/ 79 KB
9 KB 102ms
89ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.2.5

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b47c6f613bff41662a4af43e11dd7a291ad7a1fbb2346cbcf6260fc2895c911

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 90dc019aaa787ff988ad09c47bda44f6
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-13c18"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9795b68-FRA

GET
H2 200 post-81333.css
checkmarx.com/wp-content/uploads/elementor/css/ 34 KB
4 KB 103ms
91ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-81333.css?ver=1691059479

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5043d86133eaa80a87cd126cffc2cd8966852387f243e02e3c4177ff298cbc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: cbdb9b52d548788cc45fcca16d147f4f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 08:06:38 GMT
server: cloudflare
etag: W/"64d1f78e-88d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f97a5b68-FRA

GET
H2 200 post-63295.css
checkmarx.com/wp-content/uploads/elementor/css/ 465 B
340 B 96ms
84ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-63295.css?ver=1691059461

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7519c42804b627af1d8c19e82e3e6e6c2712f04229c09ff064ea842b52099f8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 63140272fb34db3380d6f11f06f45266
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 10:44:21 GMT
server: cloudflare
etag: W/"64cb8505-1d1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f97b5b68-FRA

GET
H2 200 style.min.css
checkmarx.com/wp-content/plugins/pojo-accessibility/assets/css/ 51 KB
5 KB 105ms
93ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 6128bb62d60966cfae77f2be041b53f8
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 05:49:17 GMT
server: cloudflare
etag: W/"63a14cdd-cc6d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f97c5b68-FRA

GET
H2 200 font-awesome.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 129ms
117ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 40e742cdbad4a83da48c0975d8ae37c5
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-7917"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f97d5b68-FRA

GET
H2 200 preset_7722.css
checkmarx.com/wp-content/uploads/groovy/ 31 KB
4 KB 96ms
84ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/groovy/preset_7722.css?ver=6efdaa5161d73c91b94de34bde41ff89

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e61a5119fdb9f56d1bdfeb0a8900c49d8faabdb4482769df2168b94abea89f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: d071d50b9e00a0039833c492f4a25b8b
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:07:47 GMT
server: cloudflare
etag: W/"631fd7e3-7a93"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f97e5b68-FRA

GET
H2 200 post-10524.css
checkmarx.com/wp-content/uploads/elementor/css/ 5 KB
959 B 104ms
92ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-10524.css?ver=1691063344

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

973f60869c6e37e5fadd3ba505c9471adcc1a6afeeb625d9352c036313da8f81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: d9453299f7a9531623a9195e88b87c71
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 11:49:04 GMT
server: cloudflare
etag: W/"64cb9430-1282"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9805b68-FRA

GET
H2 200 post-10583.css
checkmarx.com/wp-content/uploads/elementor/css/ 3 KB
622 B 128ms
116ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-10583.css?ver=1691059463

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7589d30adf674bd2f262122a9ae553bcd759c2eb324f34846cf24f411691d9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: e1cab688e6bf2c5699d56787eb54bc49
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 10:44:23 GMT
server: cloudflare
etag: W/"64cb8507-c2f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9815b68-FRA

GET
H2 200 post-10581.css
checkmarx.com/wp-content/uploads/elementor/css/ 3 KB
583 B 131ms
119ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/elementor/css/post-10581.css?ver=1691059463

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e698d5630f0bf25ff857de921616467f4362aea493963653969950522859b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: cf977e6ea464a6c4592afce3e6de9669
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 10:44:23 GMT
server: cloudflare
etag: W/"64cb8507-c2f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9825b68-FRA

GET
H2 200 general.min.css
checkmarx.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ 3 KB
922 B 132ms
121ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.8.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e584003b5c6df9bc2854b2775e527ef7240f3d1cae4047e9aa504cdfbc109f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: c166f05f7dcd586ab1a06bfdb1c9d754
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 05:36:47 GMT
server: cloudflare
etag: W/"64e83def-d73"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9835b68-FRA

GET
H2 200 app.css
checkmarx.com/wp-content/themes/stratusx/assets/css/ 248 KB
41 KB 109ms
98ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx/assets/css/app.css?ver=1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

29dc7b9cfc046e68df68accc1f583adebd867889ca203399bff93fcf23d7c3b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 15dfbed63c6567d25e38b307b099c1c2
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:07 GMT
server: cloudflare
etag: W/"631fd7f7-3dec9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9845b68-FRA

GET
H2 200 style.css
checkmarx.com/wp-content/themes/stratusx-child/ 59 KB
12 KB 95ms
84ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/style.css?ver=6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6037280596f1a3f5c6aa461bcb243656630dea5fae942c746bc418dba01f7d03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 610faef986a698b63e8c5dfaf4240385
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Feb 2023 15:15:03 GMT
server: cloudflare
etag: W/"63e26af7-ea95"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9855b68-FRA

GET
H2 200 partners.css
checkmarx.com/wp-content/themes/stratusx-child/assets/css/ 45 KB
7 KB 129ms
118ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/css/partners.css?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d52045a2174dd171da331dcfa3b406dc3c51df0fa73dec618157c439b7fd2630

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: ef757be4ead81cb961c1846d3687f85f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-b3f0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9865b68-FRA

GET
H2 200 ms-main-2020.css
checkmarx.com/wp-content/themes/stratusx-child/assets/css/ 4 KB
2 KB 94ms
83ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/css/ms-main-2020.css?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97547bd06173228035d6a9debd6c84618174108c6b4d5eb668d9137d7492b83

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 9b3cc9275daeebde64e87d5c571d8e4c
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-10d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9875b68-FRA

GET
H2 200 careers-main-2020.css
checkmarx.com/wp-content/themes/stratusx-child/assets/css/ 7 KB
2 KB 131ms
120ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/css/careers-main-2020.css?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f13207f4d34132c589e7c152a91a7dd0b166a1ae433ccd90e573e57f20b3c92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 296006410f75138fba6c6eaa8e623c17
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-1c9b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9885b68-FRA

GET
H2 200 tobii.min.css
checkmarx.com/wp-content/themes/stratusx-child/assets/css/ 4 KB
1 KB 133ms
122ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/css/tobii.min.css?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9eed2cfa93b8d3aa3bb82e59667500daf5077564a6a874ac89062a11634744

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: cd735f30e52ecb6eb358324702f8ae62
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-105e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9895b68-FRA

GET
H2 200 ecs-style.css
checkmarx.com/wp-content/plugins/ele-custom-skin/assets/css/ 9 KB
2 KB 99ms
89ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=3.1.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ebc7550313f51029cd86227709777fbe6cc2c8928c595583c579cd95580146b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 70c968d43347afa57259355a799a39cc
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-235c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f98a5b68-FRA

GET
H2 200 fontawesome.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 128ms
118ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 6698f8758a3a7de7b6073fa3fba78397
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-e238"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f98c5b68-FRA

GET
H2 200 solid.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
412 B 130ms
120ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 2a0c54c5cba04f8831ba7e176d638b96
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-29d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f98d5b68-FRA

GET
H2 200 brands.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
445 B 130ms
120ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 33ce615cb1bfb81210f718b7bd36bfb3
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-2a3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f98e5b68-FRA

GET
H2 200 jquery-3.7.1.min.js Show response
checkmarx.com/wp-content/plugins/jquery-updater/js/ 85 KB
31 KB 131ms
122ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/jquery-updater/js/jquery-3.7.1.min.js?ver=3.7.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 7418d864a8c7797a6763c340c3711911
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:56 GMT
server: cloudflare
etag: W/"64ed78b8-155ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9915b68-FRA

GET
H2 200 jquery-migrate-3.4.0.min.js Show response
checkmarx.com/wp-content/plugins/jquery-updater/js/ 13 KB
5 KB 106ms
96ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: cd44130683b79ff3dc26ce8b429d192e
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:56 GMT
server: cloudflare
etag: W/"64ed78b8-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9925b68-FRA

GET
H2 200 cookie-law-info-public.js Show response
checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
8 KB 131ms
121ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 3abfc158d9d1bd8ccb15d65449071528
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 04:53:55 GMT
server: cloudflare
etag: W/"64def963-8583"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9935b68-FRA

GET
H2 200 analytics-talk-content-tracking.js Show response
checkmarx.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 4 KB
1 KB 106ms
97ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.18.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29506b4cfbfcae55dd6d932ff8c48da7ba9c48413ccdbfc7392a80243795b99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 22768e995431178ee912515a0b479f4e
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 05:05:41 GMT
server: cloudflare
etag: W/"64e6e525-e8d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9955b68-FRA

GET
H2 200 v4-shims.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 129ms
120ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 23101cf04bb94fc68ea6f4d109b6c117
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-3acf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9975b68-FRA

GET
H2 200 ecs_ajax_pagination.js Show response
checkmarx.com/wp-content/plugins/ele-custom-skin/assets/js/ 4 KB
1 KB 97ms
88ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=3.1.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 58546526c4601de340d9c4e599125fe3
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-ecb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9985b68-FRA

GET
H2 200 ecs.js Show response
checkmarx.com/wp-content/plugins/ele-custom-skin/assets/js/ 284 B
290 B 102ms
94ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=3.1.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 69056
x-wpe-request-id: 1c71659272a8153f327d6d7cb6f512eb
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-11c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf02f9995b68-FRA

GET
H3 200 CHeckmarx-Logo-2.png
checkmarx.com/wp-content/uploads/2021/04/ 3 KB
3 KB 167ms
155ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2021/04/CHeckmarx-Logo-2.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b7eecbd09f42538b7a7bdd867355e0a265746556d39830e90af4b3fdd746bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 67663
cf-polished: origFmt=png, origSize=9414
x-wpe-request-id: f2f90ff75bb6212ade0158f0afd6d9e5
content-disposition: inline; filename="CHeckmarx-Logo-2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3078
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 May 2023 07:17:37 GMT
server: cloudflare
etag: "646dba11-24c6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf044ad035eb-FRA

GET
H3 200 checkmarx-logo-mobile.png
checkmarx.com/wp-content/uploads/2021/04/ 2 KB
2 KB 167ms
155ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2021/04/checkmarx-logo-mobile.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c3e329ea170bf0b7111f19c8a65894894e8a31991f5ee2672e59159e99165c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 67662
cf-polished: origFmt=png, origSize=4141
x-wpe-request-id: 7e8975fccc36b4be2060ea13c88aec16
content-disposition: inline; filename="checkmarx-logo-mobile.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2176
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Sep 2022 01:07:55 GMT
server: cloudflare
etag: "631fd7eb-102d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf044ad135eb-FRA

GET
H2 200 4c2e6bdf-ae82-4526-9232-d9e4d62b04df.png
no-cache.hubspot.com/cta/default/146169/ 1 KB
2 KB 301ms
203ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/146169/4c2e6bdf-ae82-4526-9232-d9e4d62b04df.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d247fd0ff06523bc6642757237f495db4d2ec1c364689535eae40ebe75c878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: DF2RNE0VF8B08H0W
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1316
x-amz-id-2: F6XcSK8Z7j5HQsTPdu/e8/uVj1S26gaftqDJ9eHOo+DJqFjP2JD4eAlyOuU6yBzus3tlKLiifWpOdjKPCFlW8g==
last-modified: Wed, 28 Jul 2021 15:57:17 GMT
server: cloudflare
etag: "ed338c95a38fe9b2907b003c0b8b3c25"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1r3db%2F4L56NGi7UbqWSMDEvE1tjATUhbv8o8afBNVz73mK%2BBm8Sn4LSoF4v0NJvstd5HnF5XiJkEv9Fuj5cdHngVmj23X806COzpszGQU8hc2J8iHLWHKXdMUrY2r3lA1ihEQDYGiwiCmXVptHrT%2B%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7ff1bf04d8ea3a80-FRA

GET
H2 200 current.js Show response
js.hscta.net/cta/ 16 KB
7 KB 151ms
40ms Script
application/javascript 2606:4700::6812:d133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b212b5d5a1ff05906a7bbe45ec1192cb7f8cb096da65573b94eb19e3d853bccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-encoding: br
age: 337
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.202/bundles/current.js&cfRay=7ff1b6ca8dba39d3-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"926f957a3fac01f2a0f14b2b115f7f9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.202/bundles/current.js
date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: 9ig2rWbDeIcnXyn9E_XWedP2hWENxPRc
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 65c39696-db42-41d5-a1c5-ffbe262fb678
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 65c39696-db42-41d5-a1c5-ffbe262fb678
last-modified: Thu, 24 Aug 2023 03:17:03 UTC
server: cloudflare
x-hs-cache-status: EXPIRED
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-p2dkf
cf-ray: 7ff1bf049d6137ec-FRA
x-amz-cf-id: 36kCV-adQLlcaZWm0St_z-IXwQ2W9NsNGdae5aRiscShDhVjy95i_Q==

GET
H2 200 19a8ada6-0b37-4567-825c-aefe1cff3e04.png
no-cache.hubspot.com/cta/default/146169/ 1 KB
2 KB 306ms
207ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/146169/19a8ada6-0b37-4567-825c-aefe1cff3e04.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36baa3e24c74b8f6621f51a2543f0435beaded0cd069eb77836a08d789e6c28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: DF2X69NNCTJ46J0B
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1172
x-amz-id-2: avqblTkR/dq02pRo6+gC+jMC06a5bXbz7G6JToPu5qd45BrdnSoj26galvNqSI/Z1UL2mjggGKo90+PcaygV1Q==
last-modified: Wed, 28 Jul 2021 15:57:56 GMT
server: cloudflare
etag: "84939f6e94b62dfffb259ebb1f9fcdfb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ImgOcA5S8bmkc%2FTvBDUt1jhlpl2MvvoBxeQIxvghazqFQa1zYeMKlzT%2B5a8fLeQTr0C9HI7rIiWWhfltNZIMJA0tUuxu5SOSNjM9SDoapgwS%2FwE6J%2FacW4vpF3MjHm8kLp1Fki7nUVqVPztw6e2P8ns"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7ff1bf04d8eb3a80-FRA

GET
H2 200 1385e65d-54b6-4a5d-8a28-f622009167ac.png
no-cache.hubspot.com/cta/default/146169/ 1 KB
2 KB 275ms
176ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/146169/1385e65d-54b6-4a5d-8a28-f622009167ac.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d2b32cf356d2c383335eacb7687e03b6dfddd3acb2e753dd09a97fa4f0b70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: DF2KM1MHDBTEJCT1
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1288
x-amz-id-2: AglYnOhFzvr3TsFpRo+pOmGnzueTBfc7kziLo28CkRdiGyJ4GvK5aiodku8NTedKJB4ZAiJbfZqzqViqDOun0w==
last-modified: Wed, 28 Jul 2021 15:58:37 GMT
server: cloudflare
etag: "33f6e301071dced52264fc7f80615d5d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtXMwh3%2B6qGD%2FrQfZmi9yyg6q3j%2B57RWF6lI1kEULFn1IYqpcExy96PuupTsOVXuFxVI3drp1A2N6KibBP81gRTxcBZifg8yelJQc3TqlPQpclzT4zQ9bxVHfyZnQXwchU0pNcshZtfdM%2BmujZypJfd2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7ff1bf04d8ec3a80-FRA

GET
H3 200 image-3.png
checkmarx.com/wp-content/uploads/2023/08/ 597 KB
597 KB 67ms
66ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2023/08/image-3.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40523779b3280cbc2a9889f72c36d50467115444181036c034eff72b952391e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53343
cf-polished: origFmt=png, origSize=1091223
x-wpe-request-id: f816609e4d39bff692aac829269ca217
content-disposition: inline; filename="image-3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 611040
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Aug 2023 18:53:55 GMT
server: cloudflare
etag: "64ee3ec3-10a697"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf02f94d35eb-FRA

GET
H3 200 Picture1.gif
checkmarx.com/wp-content/uploads/2023/08/ 23 KB
24 KB 167ms
155ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2023/08/Picture1.gif

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3dd1b0483dc7ee2f784c79f0aae5ef0e99cb64f217165c5507cbdc1146c72b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53343
cf-polished: origFmt=gif, origSize=33542
x-wpe-request-id: 03d7074b961f819e02352ff883c03524
content-disposition: inline; filename="Picture1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23830
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Aug 2023 19:01:44 GMT
server: cloudflare
etag: "64ee4098-8306"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf044ad235eb-FRA

GET
H3 200 image-5.png
checkmarx.com/wp-content/uploads/2023/08/ 84 KB
85 KB 168ms
156ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2023/08/image-5.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4094cf2491f97f2b9ddca2b7698160cfb37ef4972c348d69464531d97cfd8ebf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53343
cf-polished: origFmt=png, origSize=154840
x-wpe-request-id: 67f62ce669f4ae547b430cfe8f6cb4ea
content-disposition: inline; filename="image-5.webp"
alt-svc: h3=":443"; ma=86400
content-length: 86412
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Aug 2023 18:56:03 GMT
server: cloudflare
etag: "64ee3f43-25cd8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf044ad435eb-FRA

GET
H3 200 email-decode.min.js Show response
checkmarx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 134ms
133ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7ff1bf043a8335eb-FRA
expires: Sat, 02 Sep 2023 02:12:01 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 526 KB
165 KB 252ms
145ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ff013760515696c54749156ae5dba9f130fa01e2e355fec69a26e6d87f1892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3611/bundles/project-v2.js&cfRay=7ff1bf04d83a1e10-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c4734e241af5f9cffb4ae77e895d98aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3611/bundles/project-v2.js
date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: t9RM7Hi5NxkmmXBn8QlzNFQ1kBe.nFZ5
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: bdd78065-0b19-435c-8456-31378c1ba199
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: bdd78065-0b19-435c-8456-31378c1ba199
last-modified: Thu, 24 Aug 2023 09:52:45 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeKi%2BJ5zwI2f5nM5TKeUqDY%2BWt9YG0pA8dkB%2F8bB4oiEsdYBLrgsspPbXr8hpeHduZxbn2Fxba%2Bi8TT61M862Ov82RLSpD934WR2D4GHXhK1sotalsC2dWMaupHySQdCk2hLmc4D1nboRfkf"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-89hzd
cf-ray: 7ff1bf04d83a1e10-FRA
x-amz-cf-id: lCp0jt3H6moOcpMVS9pLamGs_nApatnrDYWZRdySx4cNVT4FFBEHAg==

GET
H3 200 regular.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
601 B 134ms
121ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: 28d73758b189a27ff811e92d92f7e5cb
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-2a5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9335eb-FRA

GET
H3 200 slick.min.css
checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/ 6 KB
1 KB 135ms
122ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/slick.min.css?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ab33fc354407ebf6a0bc0c49ddf4d38c33106a78d9f855269543ba55a095f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: 1768497ee7e3013404fc48949c2b207e
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:44 GMT
server: cloudflare
etag: W/"64ed78ac-1613"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9535eb-FRA

GET
H3 200 cookie-law-info-table.css
checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 6 KB
2 KB 136ms
123ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: eb49acd479453bf6c16c2b6d9e0c3701
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 04:53:55 GMT
server: cloudflare
etag: W/"64def963-17e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9735eb-FRA

GET
H3 200 animations.min.css
checkmarx.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 136ms
123ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 97890a8efc8e5dd9ba0ac7bd78cb3303
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-4824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9935eb-FRA

GET
H2 200 146169.js Show response
js.hs-scripts.com/ 2 KB
1 KB 519ms
424ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/146169.js?integration=WordPress&ver=10.2.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2076ab16903cb902534c67d5faf95a50090816c2071b021234c463f3da7c2a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c8f5a670-c0a0-42e6-8db7-77ef5d5b32ca
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c8f5a670-c0a0-42e6-8db7-77ef5d5b32ca
last-modified: Thu, 31 Aug 2023 01:35:13 GMT
server: cloudflare
x-trace: 2B75811DC855A4866EBEE8BB6AFA53DA4E3FCD61A6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://checkmarx.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-6pzmp
cf-ray: 7ff1bf04deed1e58-FRA
expires: Thu, 31 Aug 2023 02:13:01 GMT

GET
H3 200 frontend.js Show response
checkmarx.com/wp-content/plugins/groovy-menu/assets/js/ 176 KB
56 KB 137ms
124ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/groovy-menu/assets/js/frontend.js?ver=2.6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce9e34a0fd0ad30ff61ec6b87e26c59f321a02845777a30f116183e109186e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: e43c0bdf02cffca615a0b01bbf257793
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:09 GMT
server: cloudflare
etag: W/"631fd7f9-2bf1f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9a35eb-FRA

GET
H3 200 quform.1.js Show response
checkmarx.com/wp-content/plugins/quform/cache/ 98 KB
33 KB 141ms
129ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/quform/cache/quform.1.js?ver=1693198872

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9111e4bb992804c34001b0b095c1a25cfadf2bbd126cc9444f5d35dcd008567d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67665
x-wpe-request-id: 0e73322687870e799d26107ce1050f34
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 05:01:12 GMT
server: cloudflare
etag: W/"64ec2a18-18931"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9c35eb-FRA

GET
H3 200 partners-filters.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 11 KB
2 KB 144ms
131ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/partners-filters.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f5e70acd27202eb19096160862e3df7f2ba0b02c554fb6e369b09f10da9432

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: c617f12d38c6b48f46f76538ec7c1789
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-2ba9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044a9e35eb-FRA

GET
H3

500

/
checkmarx.com/wp-content/themes/stratusx/
Redirect Chain

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

0
0

131ms
124ms

Script
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H3
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-cache-group: normal
cf-cache-status: DYNAMIC
x-cacheable: YES:briefly:500
server: cloudflare
x-powered-by: WP Engine
x-cache: MISS
x-wpe-request-id: b36c2e699b19e92a3160ef178673ca11
content-type: text/html; charset=UTF-8
cache-control: max-age=10, must-revalidate
cf-ray: 7ff1bf05ec4a35eb-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-cache-group: normal
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cacheable: non200
server: cloudflare
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
x-cache: HIT: 18
x-wpe-request-id: 14949b1cdff254a40586035bbf8d90b5
location: http://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
content-type: text/html; charset=iso-8859-1
cache-control: max-age=600, must-revalidate
cf-ray: 7ff1bf044aa035eb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 waypoints.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 144ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 082cef32089eb16b04f78fb87b1394f9
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aa435eb-FRA

GET
H3 200 frontend.js Show response
checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/ 25 KB
4 KB 145ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.2.5

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92fb6dc00e3c04e1f9af5a1554a33e2b3f2b1d7f9a9266066863a932437f0b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 6c9fa4473cf4c27ae3ef405b7a51b323
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-6384"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aa635eb-FRA

GET
H3 200 app.min.js Show response
checkmarx.com/wp-content/plugins/pojo-accessibility/assets/js/ 5 KB
2 KB 146ms
133ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 66c50e6b216b4e5e4994fe27a68d796f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 05:49:17 GMT
server: cloudflare
etag: W/"63a14cdd-14c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aa735eb-FRA

GET
H3 200 themo-foot.js Show response
checkmarx.com/wp-content/plugins/th-widget-pack/js/ 11 KB
3 KB 146ms
133ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.2.5

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be557052880037a1c160050458fc687e95a193799d58686f0e2eefc8b39f4f42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 68bbaa86a84f7f6d6e510a6ab49b399e
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Mar 2023 06:42:18 GMT
server: cloudflare
etag: W/"640ec5ca-2b02"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aa835eb-FRA

GET
H3 200 general.min.js Show response
checkmarx.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 9 KB
4 KB 146ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.8.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

948240da929defbe2f377b6a2173cf7c0988edc05972424cb3872abc739aa024

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 2bf80ba0246d0a2a9c61015321181f2a
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 05:36:47 GMT
server: cloudflare
etag: W/"64e83def-2407"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aa935eb-FRA

GET
H3 200 vendor_footer.js Show response
checkmarx.com/wp-content/themes/stratusx/assets/js/vendor/ 117 KB
32 KB 147ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaff775ad40803675c3df967fd79d70cfe3cca7b691c0c7a5e03bfdc0b2850ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: b1e246588834ceda65e31b94cacf6a83
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-1d211"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aaa35eb-FRA

GET
H3 200 main.js Show response
checkmarx.com/wp-content/themes/stratusx/assets/js/ 11 KB
4 KB 150ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf90ba11fd9e74bb920bfd24facf0c72f4caee666547dce2a760063b65d19c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 09de91ed0187ea14445825b1e2223fb6
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-2a52"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aab35eb-FRA

GET
H3 200 multiple-select.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 44 KB
11 KB 150ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/multiple-select.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7584930c1e7dc0018002b45bbe4b5c9b8571c9960796767f540e206df913b408

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: 42c4ad96a66190554ff4f6fc0cf16b2f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-b19d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aac35eb-FRA

GET
H3 200 careers-main-2020.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 12 KB
2 KB 152ms
140ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/careers-main-2020.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2707d8aaae8edb869b844986008b9c4823694951fa4a188daa854509475075

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: b09ac33144bc7773173ecc726836cc3d
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-31c8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aaf35eb-FRA

GET
H3 200 tobii.min.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 15 KB
5 KB 152ms
140ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/tobii.min.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea84ab2383d29d6dd80acbbf3cc1a828ff978247d5fb5cc0e745af5fc8271d62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67664
x-wpe-request-id: bdc785e61016b96674496f65fd823753
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-3cfe"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab035eb-FRA

GET
H3 200 select2.full.min.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 77 KB
22 KB 153ms
141ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/select2.full.min.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 335ae8682283ea062f71051800ac5069
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-1356c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab135eb-FRA

GET
H3 200 js.cookie.min.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 2 KB
1 KB 189ms
177ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/js.cookie.min.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 54b92126030c7f6a13a54697c8879142
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-6ad"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab235eb-FRA

GET
H3 200 app.js Show response
checkmarx.com/wp-content/themes/stratusx-child/assets/js/ 2 KB
1 KB 190ms
177ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/themes/stratusx-child/assets/js/app.js?ver=4.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ceb0da3fc29fbb50b1dfd4a13ceb0abb742567f96b4810eb8bd45d3d30d08fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: dec01d12f40f9d475a40cc491ae998cb
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:08:06 GMT
server: cloudflare
etag: W/"631fd7f6-97a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab335eb-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 526 KB
164 KB 245ms
147ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js?ver=10.2.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ff013760515696c54749156ae5dba9f130fa01e2e355fec69a26e6d87f1892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3611/bundles/project-v2.js&cfRay=7ff1bf04d83b1e10-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c4734e241af5f9cffb4ae77e895d98aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3611/bundles/project-v2.js
date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: t9RM7Hi5NxkmmXBn8QlzNFQ1kBe.nFZ5
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 828cad05-bea4-4b14-9e36-9f0cf1ef230b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 828cad05-bea4-4b14-9e36-9f0cf1ef230b
last-modified: Thu, 24 Aug 2023 09:52:45 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZSlkSv0nanMgX%2BrCpql%2BIQr3jIIoy9kB2%2FGf2qwd4uCRLkewoEU5sOJs8T19A5SowvK9QgAaZIJkskFtDI4F6ThYx1GvaD403ShxzV5fK7K46SDsUDigNACNqnTUc6JdsIOVi%2BL6TJsIX3%2F"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-lhvpx
cf-ray: 7ff1bf04d83b1e10-FRA
x-amz-cf-id: JEb-gFVQA9TadqZdQdrRVO7NhiuDNiyKf2R7TZ251-5KtZsNpAKHLA==

GET
H3 200 imagesloaded.min.js Show response
checkmarx.com/wp-includes/js/ 5 KB
2 KB 190ms
178ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: 83997a47e30f95ec3677d01e45fc390d
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Sep 2022 01:06:44 GMT
server: cloudflare
etag: W/"631fd7a4-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab435eb-FRA

GET
H3 200 isotope.min.js Show response
checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/ 59 KB
22 KB 190ms
178ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/isotope.min.js?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9a831a6d59eb9df0e935e9c05d24a730ee62bb5bddb5735abc1ce901c8c8d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: 0cecf31761be93fe3009f42a73eb2760
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:44 GMT
server: cloudflare
etag: W/"64ed78ac-ebd6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab535eb-FRA

GET
H3 200 slick.min.js Show response
checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/ 43 KB
11 KB 198ms
186ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/slick.min.js?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bfe05478454245e962771172010666bc231cf7d0fa1e295627777d226e7724

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: 92af8dce757132ad61e2f7b4d6888f5e
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:44 GMT
server: cloudflare
etag: W/"64ed78ac-acbe"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab635eb-FRA

GET
H3 200 premium-addons.min.js Show response
checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/ 63 KB
18 KB 199ms
187ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-addons.min.js?ver=4.10.7

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a76b0a61d06ad8a36b31fd019535ec9ff8faaeac4b919939efe2398d5c36dbbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: bd2ab7c1498b6f8ee6c96c44854b1b1f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Aug 2023 04:48:44 GMT
server: cloudflare
etag: W/"64ed78ac-fcee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab735eb-FRA

GET
H3 200 jquery.smartmenus.min.js Show response
checkmarx.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
8 KB 199ms
188ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 5e978dceef29677271e7af8b1d35a73e
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-6272"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ab935eb-FRA

GET
H3 200 webpack-pro.runtime.min.js Show response
checkmarx.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 202ms
190ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 4a01122faeb8277a30d3847d0f4530ae
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-15b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044aba35eb-FRA

GET
H3 200 webpack.runtime.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 205ms
194ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 6f0d6435fa0be6aa91399be49e03fcf8
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:41 GMT
server: cloudflare
etag: W/"64c8b3ed-135e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044abb35eb-FRA

GET
H3 200 frontend-modules.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/js/ 52 KB
16 KB 211ms
200ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 5aa4d2090694dfd853a87b547d471762
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:40 GMT
server: cloudflare
etag: W/"64c8b3ec-ce7d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044abc35eb-FRA

GET
H3 200 wp-polyfill-inert.min.js Show response
checkmarx.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 217ms
206ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 687f1dd573648ef29c9f32531fe0fd85
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 05:11:21 GMT
server: cloudflare
etag: W/"64266b79-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044abd35eb-FRA

GET
H3 200 regenerator-runtime.min.js Show response
checkmarx.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 220ms
208ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 9fab25a98266add64360ba6bf6a38597
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 05:11:21 GMT
server: cloudflare
etag: W/"64266b79-19cf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044abf35eb-FRA

GET
H3 200 wp-polyfill.min.js Show response
checkmarx.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 222ms
210ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: a6c34005a5ea9420f314e70263cd94be
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:01:43 GMT
server: cloudflare
etag: W/"64d46f37-3f12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac035eb-FRA

GET
H3 200 hooks.min.js Show response
checkmarx.com/wp-includes/js/dist/ 5 KB
2 KB 250ms
237ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 8e2435bc3b426deb0391f05a3a25958d
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:01:43 GMT
server: cloudflare
etag: W/"64d46f37-1213"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac135eb-FRA

GET
H3 200 i18n.min.js Show response
checkmarx.com/wp-includes/js/dist/ 9 KB
4 KB 250ms
238ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: cc302ed5cd76f01964f2c323de2442b3
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 10 Aug 2023 05:01:43 GMT
server: cloudflare
etag: W/"64d46f37-24e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac235eb-FRA

GET
H3 200 frontend.min.js Show response
checkmarx.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 250ms
238ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 1871836bab275dab78367ccf059e5bfc
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-5f3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac535eb-FRA

GET
H3 200 core.min.js Show response
checkmarx.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 150ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 8b8916b2827ba72616e22130cb1217bb
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 05:11:20 GMT
server: cloudflare
etag: W/"64266b78-53be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac635eb-FRA

GET
H3 200 swiper.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 160ms
148ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 41f6d9af57e627f62be4a01d82ae4964
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-21f91"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac735eb-FRA

GET
H3 200 share-link.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 162ms
149ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 76e6c3acbbaf0bdc57b2bd8154b74035
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac835eb-FRA

GET
H3 200 dialog.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 162ms
150ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67662
x-wpe-request-id: 18e406fb48e2cf125c16f3f6b8e8f807
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: W/"64c89a88-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ac935eb-FRA

GET
H3 200 frontend.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 162ms
150ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 798bba0b3edf6bf224847db88de9b1f5
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:40 GMT
server: cloudflare
etag: W/"64c8b3ec-9f6e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044acb35eb-FRA

GET
H3 200 preloaded-elements-handlers.min.js Show response
checkmarx.com/wp-content/plugins/elementor-pro/assets/js/ 164 KB
40 KB 162ms
150ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fdaf549542c19d303a61dd53d8558a115ff3a1296d974b3392f9e47cb64fd5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: cf35c35290bade281b6fc06f89eb1e8f
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-28e02"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044acd35eb-FRA

GET
H3 200 preloaded-modules.min.js Show response
checkmarx.com/wp-content/plugins/elementor/assets/js/ 41 KB
13 KB 165ms
153ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af0b0dbfec18aecd0518daf2ae4b6d60b0b148de91978fd182e2831ce659b5a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: f6767229c3227c9360512aa8ab8ed388
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 07:27:41 GMT
server: cloudflare
etag: W/"64c8b3ed-a44d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044ace35eb-FRA

GET
H3 200 jquery.sticky.min.js Show response
checkmarx.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 166ms
154ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.14.1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: c6bb9ae7a2eaa920dc316ab4dda69162
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 06:16:02 GMT
server: cloudflare
etag: W/"649a7ea2-e89"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf044acf35eb-FRA

GET
BLOB 200
OK a35396dc-43de-41a6-a543-bd78c48404ef
https://checkmarx.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://checkmarx.com/a35396dc-43de-41a6-a543-bd78c48404ef
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 rp2be4x948ue.js Show response
js.driftt.com/include/1693448100000/ 214 KB
60 KB 606ms
465ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1693448100000/rp2be4x948ue.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4906a6af959d89f594482bb8d02095fbee125bdef731f0b379d5ae5f47fde3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
x-amz-version-id: 2PF1Bcx5t0vgj2u18ljPPo.jTrznS2z4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Mon, 21 Aug 2023 19:32:55 GMT
server: istio-envoy
etag: W/"8d82060011d83f2dc04ccfe0e379c98a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0VUXj2u1L_PiBdqJw4-EUMTQ9nx8b6h8mFY4num7QLQa7wFCUwzM7A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
86 KB 150ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KHF9F29

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a0037fa0fabe13aab89c6aaa50412d14b704ade4437227c5205e1635d18cf44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87583
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 00:47:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Aug 2023 02:12:01 GMT

GET
H2 200 bmewj78kvp Show response
www.clarity.ms/tag/ 1016 B
1 KB 336ms
234ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bmewj78kvp
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7c82ae4146a7c576369bdd46cb33ecc1b6c818a355fa855a8419095425f25285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: -1
date: Thu, 31 Aug 2023 02:12:01 GMT
x-azure-ref: 20230831T021201Z-haxbu7hv053umanmrvefdt1ydg00000000b0000000002ssp
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1016
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 207ms
39ms Script
application/javascript 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 00:01:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623bb4eb-7b41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9853
expires: Thu, 31 Aug 2023 02:12:01 GMT

GET
H3 200 GT-America-Standard-Regular.woff
checkmarx.com/wp-content/uploads/2021/09/ 63 KB
63 KB 126ms
125ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/09/GT-America-Standard-Regular.woff

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5052c87ad0ab4cce937c19bb1247fb95ba0a5e42eac503d46deaa8d307463deb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: 28bdd37898c1154b2ad356485afee966
alt-svc: h3=":443"; ma=86400
content-length: 64052
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-fa34"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf049b2135eb-FRA

GET
H3 200 GT-America-Standard-Bold.woff
checkmarx.com/wp-content/uploads/2021/09/ 68 KB
68 KB 131ms
130ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/09/GT-America-Standard-Bold.woff

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68d680fe22c79281c483a6cff939bfb690bd8154752a75e1c0466e0826ff4dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: 811b863f69700913e3b7d83ab4e7b24e
alt-svc: h3=":443"; ma=86400
content-length: 69324
last-modified: Tue, 13 Sep 2022 01:07:51 GMT
server: cloudflare
etag: "631fd7e7-10ecc"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf049b2335eb-FRA

GET
H3 200 GT-America-Mono-Bold.woff
checkmarx.com/wp-content/uploads/2021/09/ 51 KB
52 KB 217ms
216ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/09/GT-America-Mono-Bold.woff

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5052cac86ab3ecf578f1776698daccfc5c78e58cbb8a5fa7b2be7a753f013f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: b5dc8390136e8868ce8ae3455fb2935c
alt-svc: h3=":443"; ma=86400
content-length: 52572
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-cd5c"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf049b2435eb-FRA

GET
H3 200 GT-America-Mono-Regular.woff
checkmarx.com/wp-content/uploads/2021/09/ 49 KB
49 KB 219ms
218ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/09/GT-America-Mono-Regular.woff

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05065171ac0b691d2ae8801e8f3d24f1744606045afd6d4230c779ff2582dce1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-1765.css?ver=1691059460
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 67a814c85feae5846c1a1b93153c0403
alt-svc: h3=":443"; ma=86400
content-length: 49700
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-c224"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf049b2535eb-FRA

GET
H3 200 fa-solid-900.woff2
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 170ms
164ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: 5c91b408090671055a03bb929d1c725f
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: "64c89a88-13174"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf052b7c35eb-FRA

GET
H3 200 fa-brands-400.woff2
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 129ms
123ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: c663728f4b0b3329082ca57d5c69e731
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: "64c89a88-12bdc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf052b7d35eb-FRA

GET
H3 200 InterTight-Regular.ttf
checkmarx.com/wp-content/uploads/2021/11/ 298 KB
299 KB 126ms
121ms Font
application/octet-stream 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/InterTight-Regular.ttf

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de9f0b358f828f556c7808ee8c4d5cbc51617fbde8bf9dfe05f9f3d76f6fb88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: bbe1ea789e69078f9688ef6ba8a4debd
alt-svc: h3=":443"; ma=86400
content-length: 305376
last-modified: Sat, 15 Apr 2023 06:39:51 GMT
server: cloudflare
etag: "643a46b7-4a8e0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf052b7e35eb-FRA

GET
H3 200 nav-aws.webp
checkmarx.com/wp-content/uploads/2021/11/ 14 KB
14 KB 150ms
93ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/nav-aws.webp

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc063e78a32a733bf4f1b7e6331a1c24374b8b614369a12412cc0bd1f47dc44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: e0a9f18f5d6dc85a05c9ec4372250696
alt-svc: h3=":443"; ma=86400
content-length: 13838
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-360e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc2f35eb-FRA

GET
H3 200 nav-gartner-report.webp
checkmarx.com/wp-content/uploads/2021/11/ 11 KB
11 KB 152ms
94ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/nav-gartner-report.webp

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

787d1a0048a8b1129b00efa3dfd7a097a72b0aed1439957e9534f7e9f4827957

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 450a39e61ec651651d7660ba2337b4b2
alt-svc: h3=":443"; ma=86400
content-length: 11332
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-2c44"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3435eb-FRA

GET
H3 200 nav-careers.webp
checkmarx.com/wp-content/uploads/2021/11/ 13 KB
13 KB 153ms
95ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/nav-careers.webp

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32097ad93a916167c322db80792af9cda488828b93bb6a9ee5df96f9dc0c826

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: 5e527ebef4002982377f6357fb5af2c5
alt-svc: h3=":443"; ma=86400
content-length: 12824
last-modified: Tue, 13 Sep 2022 01:07:50 GMT
server: cloudflare
etag: "631fd7e6-3218"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3635eb-FRA

GET
H3 200 cx-one.png
checkmarx.com/wp-content/uploads/2022/08/ 76 KB
77 KB 153ms
96ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2022/08/cx-one.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df199ae8bcace939dc25c21f42a53af2847d13bc7643f48ee8f9ffe389899e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 66714
cf-polished: origFmt=png, origSize=112962
x-wpe-request-id: 142de5c68bf4dc8e74817fea4ace39f5
content-disposition: inline; filename="cx-one.webp"
alt-svc: h3=":443"; ma=86400
content-length: 78160
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Sep 2022 02:13:18 GMT
server: cloudflare
etag: "631fe73e-1b942"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3935eb-FRA

GET
H3 200 avatar_user_119_1659359734-96x96.jpg
checkmarx.com/wp-content/uploads/2022/08/ 2 KB
3 KB 159ms
102ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2022/08/avatar_user_119_1659359734-96x96.jpg

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a609a93adbee494b64d02c70b406f9d2135fb5b4452f56cae3b5268c40f74fc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53342
cf-polished: origSize=2926
x-wpe-request-id: 665e3a4b3c6acda30e8cd9884b7927a7
alt-svc: h3=":443"; ma=86400
content-length: 2342
cf-bgj: imgq:100,h2pri
last-modified: Tue, 13 Sep 2022 02:10:04 GMT
server: cloudflare
etag: "631fe67c-b6e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3a35eb-FRA

GET
H3 200 Case_study.jpg
checkmarx.com/wp-content/uploads/2023/05/ 11 KB
11 KB 162ms
105ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2023/05/Case_study.jpg

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7392965572317dad5a1a140455b70234c7e0dccb55989d86a68acab462cd0dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53342
cf-polished: origSize=38602
x-wpe-request-id: 7c027390c316d31a700ac4881a6446a1
alt-svc: h3=":443"; ma=86400
content-length: 11012
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Jun 2023 09:49:57 GMT
server: cloudflare
etag: "64956ac5-96ca"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3c35eb-FRA

GET
H3 200 image-8.png
checkmarx.com/wp-content/uploads/2023/08/ 285 KB
285 KB 162ms
105ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkmarx.com/wp-content/uploads/2023/08/image-8.png

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

481614731c7e4ab5af6be3df2f373c4b3175f4ffbabfa7a56d0f561c43514e02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 53334
cf-polished: origFmt=png, origSize=545354
x-wpe-request-id: fa3990e8778088472f2e51b146da4420
content-disposition: inline; filename="image-8.webp"
alt-svc: h3=":443"; ma=86400
content-length: 291344
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Aug 2023 19:13:32 GMT
server: cloudflare
etag: "64ee435c-8524a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf05dc3d35eb-FRA

GET
H3 200 InterTight-Bold.ttf
checkmarx.com/wp-content/uploads/2021/11/ 303 KB
303 KB 47ms
46ms Font
application/octet-stream 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/InterTight-Bold.ttf

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b6560cecf4f3db9c875bafb1a79605fc7951a53c8ff19d3d1e4a824ffdc73e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66714
x-wpe-request-id: 8be148e450377f8de1c54bbcd30d1ee5
alt-svc: h3=":443"; ma=86400
content-length: 309852
last-modified: Sat, 15 Apr 2023 06:34:34 GMT
server: cloudflare
etag: "643a457a-4ba5c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf071d3435eb-FRA

GET
H3 200 InterTight-SemiBold.ttf
checkmarx.com/wp-content/uploads/2021/11/ 302 KB
302 KB 82ms
82ms Font
application/octet-stream 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2021/11/InterTight-SemiBold.ttf

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2992617d916a0bb041ded4eb2eebb609a7800b4670b43d8966bda2425b1b43dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/uploads/elementor/css/post-83384.css?ver=1692165198
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67663
x-wpe-request-id: a1a4898c0493817cda733a579718ef68
alt-svc: h3=":443"; ma=86400
content-length: 309260
last-modified: Sat, 15 Apr 2023 06:36:45 GMT
server: cloudflare
etag: "643a45fd-4b80c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf071d3635eb-FRA

GET
H3 200 fa-regular-400.woff2
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
13 KB 121ms
121ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.10.7
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 65913
x-wpe-request-id: 9077bc9c1e1d9cf8889f0d20b31ba917
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: "64c89a88-33dc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf071d3735eb-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 118ms
33ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHF9F29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 31 Aug 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1338
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 31 Aug 2023 03:49:43 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 51 KB
15 KB 40ms
36ms Script
application/javascript 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHF9F29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 22:29:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64e7d9dd-cc38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14993
expires: Thu, 31 Aug 2023 02:12:01 GMT

GET
H2 200 ibd3l5ehqb Show response
www.clarity.ms/tag/ 929 B
1 KB 216ms
212ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ibd3l5ehqb?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHF9F29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 05ebea9e5d53731430158fa2ce20401619d4d9cae01f13d5ab1d4eecb940f9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: -1
date: Thu, 31 Aug 2023 02:12:02 GMT
x-azure-ref: 20230831T021201Z-haxbu7hv053umanmrvefdt1ydg00000000b0000000002ssx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 929
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
95 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TGCYJYTE53&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHF9F29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2919b477cc499bccfe89612692490f56dc73237f3cb7165ed19a0f564e365fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 02:12:01 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/ 15 KB
3 KB 247ms
161ms XHR
application/json 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/json?hs_static_app=forms-embed&hs_static_app_version=1.3611&X-HubSpot-Static-App-Info=forms-embed-1.3611

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b9b779c48bf74671ef9245a456c5218f459683113da939b72a1684ced93a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 31 Aug 2023 02:12:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: aa7308b8-71d2-49c4-914c-ddc666e59655
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 13
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: aa7308b8-71d2-49c4-914c-ddc666e59655
Server: cloudflare
X-Trace: 2B21BDE287A79771C994CF4EC42C57DB3DF27076D0000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://checkmarx.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7ff1bf089fb835e0-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-kw4z4

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/ 15 KB
3 KB 251ms
168ms XHR
application/json 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/json?hs_static_app=forms-embed&hs_static_app_version=1.3611&X-HubSpot-Static-App-Info=forms-embed-1.3611

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cffee356eb5248eefcee6214fe5373fe8cfd8717dcd0bb63eea21f8fd26c4293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 31 Aug 2023 02:12:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 3dc9bfed-10db-4336-a9e4-62b9e38cfe1c
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 18
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3dc9bfed-10db-4336-a9e4-62b9e38cfe1c
Server: cloudflare
X-Trace: 2B794C29AAEA61E3AF42F1A4D98BE456240F6722AA000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://checkmarx.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7ff1bf0898d0383e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-4bsw8

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/ 15 KB
3 KB 528ms
447ms XHR
application/json 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/146169/2101c475-809f-4105-8eab-7dbdeb6b03d7/json?hs_static_app=forms-embed&hs_static_app_version=1.3611&X-HubSpot-Static-App-Info=forms-embed-1.3611

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391286f634b990866c24e99c0cd4c939445d6b174d3efef4620d05a7b159513a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 31 Aug 2023 02:12:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 34bac5d5-b988-45b4-93c3-7d48d504364a
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 26
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 34bac5d5-b988-45b4-93c3-7d48d504364a
Server: cloudflare
X-Trace: 2B390D310470B1841505B606D5DE557DBA295A754C000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://checkmarx.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7ff1bf0898163a94-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-tkh7m

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
1 KB 149ms
41ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 18:41:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
content-type: application/javascript;charset=utf-8
cache-control: max-age=59369
accept-ranges: bytes
content-length: 1046

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 75ms
75ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bmewj78kvp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:01 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 18:10:09 GMT
etag: W/"0x8DBA8BB2E782FCC"
vary: Accept-Encoding
x-azure-ref: 20230831T021201Z-haxbu7hv053umanmrvefdt1ydg00000000b0000000002st1
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 76b29648-601e-006f-3ae1-da2428000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 fa-regular-400.woff2
checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
13 KB 49ms
49ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 65914
x-wpe-request-id: 9077bc9c1e1d9cf8889f0d20b31ba917
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Tue, 01 Aug 2023 05:39:20 GMT
server: cloudflare
etag: "64c89a88-33dc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ff1bf087ea035eb-FRA

GET
H3

500

/
checkmarx.com/wp-content/themes/stratusx/
Redirect Chain

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

0
0

55ms
55ms

Script
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H3
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-cache-group: normal
cf-cache-status: DYNAMIC
x-cacheable: YES:briefly:500
server: cloudflare
x-powered-by: WP Engine
x-cache: HIT: 1
x-wpe-request-id: 801c919226b784859fb0fbaa39d20016
content-type: text/html; charset=UTF-8
cache-control: max-age=10, must-revalidate
cf-ray: 7ff1bf09bfcd35eb-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-cache-group: normal
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cacheable: non200
server: cloudflare
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
x-cache: HIT: 19
x-wpe-request-id: 5442f62c3b8d1cbb8f015b6aa42c88c8
location: http://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
content-type: text/html; charset=iso-8859-1
cache-control: max-age=600, must-revalidate
cf-ray: 7ff1bf08beea35eb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 146169.js Show response
js.hs-analytics.net/analytics/1693447800000/ 67 KB
21 KB 252ms
164ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1693447800000/146169.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/146169.js?integration=WordPress&ver=10.2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f575780283d440de5559016657ced4cb6aed2d8a4c9cb4ce087957a49cb7cdb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 22SEPEGNDNP6CQGZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6aee30c5-8fc0-4355-b828-33af16feb6a0
x-envoy-upstream-service-time: 27
x-amz-id-2: al/5Pt+w99OPOuH2eOZjgek0r7zJdJM12L4inADL4/YbFBdCDaFEH8wRPaOAvrK+TX9sD7rWLo8=
x-evy-trace-listener: listener_https
x-request-id: 6aee30c5-8fc0-4355-b828-33af16feb6a0
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 14 Aug 2023 15:25:38 GMT
server: cloudflare
etag: W/"0c938a6a90f812279caf183c77df13fc"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7ff1bf094f1f9b8e-FRA
expires: Thu, 31 Aug 2023 02:17:02 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 540 KB
86 KB 135ms
42ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/146169.js?integration=WordPress&ver=10.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkmarx.com/
Origin: https://checkmarx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 36488
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js&cfRay=7fee443899261cb5-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"039461df2d1d43031520c7d3a853f79e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js
date: Thu, 31 Aug 2023 02:12:02 GMT
x-amz-version-id: RIqU3aMZg9szNHjfbC8NSxVkuKgO4.TB
via: 1.1 5084a25d91022b55b5acf281581c6444.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD61-P1
x-hubspot-correlation-id: 89b3eb91-57f6-4162-82c2-b41de0e14dc1
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 30
x-evy-trace-route-configuration: listener_https/all
x-request-id: 89b3eb91-57f6-4162-82c2-b41de0e14dc1
last-modified: Thu, 03 Aug 2023 01:17:49 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-lhvpx
cf-ray: 7ff1bf094c5a92ad-FRA
x-amz-cf-id: Es-EPbfnEiIrgCYKyynLfxVJR8RMZJEGiK8heC8cvkxp-r_rTp05BA==

GET
H2 200 146169.js Show response
js.hs-banner.com/ 60 KB
16 KB 494ms
405ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/146169.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/146169.js?integration=WordPress&ver=10.2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765a1665e4ef9385ae805fb5eb8fc6d92569d88e97631e38885de3325969c121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-amz-version-id: EteolcaXCsNjWghkxe.SK2TOt1YqfySN
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: GFP6V4P85X4EW6VH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5c0381fc-254f-414f-95ee-7c68bffae90f
x-envoy-upstream-service-time: 30
x-amz-id-2: +IM8r/h46tmTaJKnZNmIzUWr1yfdnQ8wfKVUwWYtkrk114Se6lDldTc1XJ1anCpubkpZ2pJljlk=
x-evy-trace-listener: listener_https
x-request-id: 5c0381fc-254f-414f-95ee-7c68bffae90f
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 07 Aug 2023 07:51:28 GMT
server: cloudflare
etag: W/"821bd13ed8af6b8b72f9c87c20fb46ef"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://info.checkmarx.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ff1bf094b41bb83-FRA
expires: Thu, 31 Aug 2023 02:17:02 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 131ms
39ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/146169.js?integration=WordPress&ver=10.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a212c6b892024aae8c2db3d8cf9a5ec7d7f0f86948669384001e375a55edb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-amz-version-id: ejB.A_S_mq2WBFqiJyHsLYTQXyGD1Wjj
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 189
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.406/bundles/pixels-release.js&cfRay=7ff1ba6cbe2b35f1-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: cce65143-4506-4786-80db-f322c5c97181
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cce65143-4506-4786-80db-f322c5c97181
last-modified: Mon, 28 Aug 2023 04:02:35 UTC
server: cloudflare
etag: W/"0d4f9e1a24521caddccf596277344ec4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-p2dkf
cf-ray: 7ff1bf09497d363c-FRA
x-amz-cf-id: zjR5E5jAYYrViD5yD1sGrcMiM4CU5jbtfpxrKOzAnGI9e0CzasYQIw==
x-hs-target-asset: adsscriptloaderstatic/static-1.406/bundles/pixels-release.js

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 52ms
52ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1322611976&t=pageview&_s=1&dl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&ul=en-us&de=UTF-8&dt=An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%C2%A02021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1704877998&gjid=1019356207&cid=1017652453.1693447922&tid=UA-6105155-1&_gid=1982481816.1693447922&_r=1&_slc=1&gtm=45He38u0n81KHF9F29&z=141436465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkmarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 142ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TGCYJYTE53&gtm=45je38u0&_p=1322611976&_gaz=1&cid=1017652453.1693447922&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1693447922&sct=1&seg=0&dl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&dt=An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%C2%A02021&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGCYJYTE53&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkmarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 147ms
48ms Ping
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TGCYJYTE53&cid=1017652453.1693447922&gtm=45je38u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGCYJYTE53&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkmarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 136ms
51ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TGCYJYTE53&cid=1017652453.1693447922&gtm=45je38u0&aip=1&z=285654319

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 138ms
46ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6105155-1&cid=1017652453.1693447922&jid=1704877998&gjid=1019356207&_gid=1982481816.1693447922&_u=YEBAAEAAAAAAACAAI~&z=802482157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkmarx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1322611976&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&ul=en-us&de=UTF-8&dt=An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%C2%A02021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1tqjgd8&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1017652453.1693447922&tid=UA-6105155-1&_gid=1982481816.1693447922&gtm=45He38u0n81KHF9F29&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fbmewj78kvp%2Fq8hku5%2F1tqjgd8&z=157065893

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 07:22:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
31ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1322611976&t=event&ni=1&_s=3&dl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&ul=en-us&de=UTF-8&dt=An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%C2%A02021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1tqjgd8&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1017652453.1693447922&tid=UA-6105155-1&_gid=1982481816.1693447922&gtm=45He38u0n81KHF9F29&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fbmewj78kvp%2Fq8hku5%2F1tqjgd8&z=53652327

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 07:22:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=19136
accept-ranges: bytes
content-length: 4862

GET
H3

500

/
checkmarx.com/wp-content/themes/stratusx/
Redirect Chain

https://checkmarx.com/wp-content/themes/stratusx?ver=220913-10806
https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806

0
0

76ms
76ms

Script
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H3
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-cache-group: normal
cf-cache-status: DYNAMIC
x-cacheable: YES:briefly:500
server: cloudflare
x-powered-by: WP Engine
x-cache: HIT: 2
x-wpe-request-id: d378b56177b3353fbb45fd777634dba5
content-type: text/html; charset=UTF-8
cache-control: max-age=10, must-revalidate
cf-ray: 7ff1bf0b095a35eb-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-cache-group: normal
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cacheable: non200
server: cloudflare
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
x-cache: HIT: 20
x-wpe-request-id: 61dfdf240dfd14ccee30d35e0305cb81
location: http://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806
content-type: text/html; charset=iso-8859-1
cache-control: max-age=600, must-revalidate
cf-ray: 7ff1bf0a98a835eb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 125ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6105155-1&cid=1017652453.1693447922&jid=1704877998&_u=YEBAAEAAAAAAACAAI~&z=1657376227

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6105155-1&cid=1017652453.1693447922&jid=1704877998&_u=YEBAAEAAAAAAACAAI~&z=1657376227

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 966ms
139ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://checkmarx.com
Date: Thu, 31 Aug 2023 02:12:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3808748/domain/checkmarx.com/ 36 B
369 B 281ms
180ms XHR
application/json 2600:9000:20eb:bc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3808748/domain/checkmarx.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: yRJnk-fofmxKtvD6b6JpS1Ua_K6QrSJJOmPaSkpPZIYp1QAGXGEyHA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3808748%26time%3D1693447922374%26url%3Dhttps%253A%252F%252Fcheckmarx.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTes...

0
265 B

307ms
214ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest=true&liSync=true&e_ipv6=AQI2iIby6rmbPQAAAYpJXKcds__w0FGrGXvagFQAmVLKLqT1-batp5OKK2yfgmrHkIXwqeE
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: ADA9D804C0AE4F74B79278FA9F46382C Ref B: FRAEDGE1319 Ref C: 2023-08-31T02:12:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYELpHxXPdMnwr2ry10OA==

Redirect headers

date: Thu, 31 Aug 2023 02:12:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 83794510D2A84F8C8EABCA7DC50C2DAC Ref B: FRAEDGE1310 Ref C: 2023-08-31T02:12:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3808748&time=1693447922374&url=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&cookiesTest=true&liSync=true&e_ipv6=AQI2iIby6rmbPQAAAYpJXKcds__w0FGrGXvagFQAmVLKLqT1-batp5OKK2yfgmrHkIXwqeE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYELpHr9v9gdXmb1I596w==

GET
H3 200 wp-emoji-release.min.js Show response
checkmarx.com/wp-includes/js/ 18 KB
5 KB 44ms
44ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 66715
x-wpe-request-id: a6d1d8de25d2343d4dce1ece2f1d74a8
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 05:11:20 GMT
server: cloudflare
etag: W/"64266b78-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf0cbb0f35eb-FRA

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 526ms
155ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 02:12:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: f181acd8-4e92-41b0-9850-f2ff56127e76
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f181acd8-4e92-41b0-9850-f2ff56127e76
Server: cloudflare
X-Trace: 2B94AA8A2CAB5EBBA5DE6A7E9A6A6446CA0E0F9838000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-t4r9m
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ff1bf0f6fe991fb-FRA

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1017 B 589ms
160ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 02:12:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 1c0e5048-cf1e-41fa-a75f-ceab76de5be9
x-envoy-upstream-service-time: 15
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1c0e5048-cf1e-41fa-a75f-ceab76de5be9
Server: cloudflare
X-Trace: 2BA061F00188409C2F16CA1A81A2CC77D6217A4573000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-tkdzf
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ff1bf100d67362c-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 111 B
1 KB 555ms
152ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=146169

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e3c33de42319b360a25988a9e0230c6398298450d3240d278c1a20479759330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4fc1c574-eb9f-4fa2-9842-877895d54da7
content-encoding: br
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4fc1c574-eb9f-4fa2-9842-877895d54da7
server: cloudflare
x-trace: 2B4F855D6F7E78FC389B0387539FDC2B996E9DC76C000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://checkmarx.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-w8jrp
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YWttYZSNeBCc1E2jRm08DCQi74AcC%2B2w9n27VPohw6fm4p9tZwXogpgKAV%2F34G6IgqSKE9OttLR2h0o0B3kevf6Q1HlxOceFxTYr8mQJYPqmvEJST4QaT9DsbS54fg41tcRQoF%2FGWIzCgGT"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ff1bf100c841e4e-FRA
access-control-allow-headers: *

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 7 KB
3 KB 199ms
181ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pid=146169&sv=cta-embed-js-static-1.202&rdy=1&df=t&pg=4c2e6bdf-ae82-4526-9232-d9e4d62b04df&pg=19a8ada6-0b37-4567-825c-aefe1cff3e04&pg=1385e65d-54b6-4a5d-8a28-f622009167ac

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a813d11a248bf55c2fafd4e1fbd9dc6586330c929033be2ece783c58157483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9fa80ba2-c4b2-4b1a-ae83-86d4844035d4
content-encoding: br
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9fa80ba2-c4b2-4b1a-ae83-86d4844035d4
server: cloudflare
x-trace: 2B43B67F41C81E4D19094971DC80F24490D43DF33E000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://checkmarx.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-8hpn4
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAg8ji4lyuwqvEJdHPSsXs3MxmwTQo8A3%2BVPQIH3S19in1Y3NSGNCnfmDiU8w%2BjRoRV8hBpDhdViwisdW3w%2Fgu8B3sbZ9BukyO%2BmTu8bXnhEKV0lmAHU%2B7Zw9N2AlGH1aQa4oXg1s2NBv2HrAAca9psWEqbFdkeOFsQ%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7ff1bf0eaf9d3a80-FRA

GET
H3 206 Closing_video_contact_us.mp4
checkmarx.com/wp-content/uploads/2023/08/ 3 MB
3 MB 44ms
43ms Media
video/mp4 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://checkmarx.com/wp-content/uploads/2023/08/Closing_video_contact_us.mp4

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ac6747c7fcba8b85d3669603b64a5d9f517d21a4a636229b1902201768725b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
age: 67107
x-wpe-request-id: db82455e2b6a21de712c973c13d68191
Content-Range: bytes 0-3582279/3582280
alt-svc: h3=":443"; ma=86400
Content-Length: 3582280
last-modified: Fri, 04 Aug 2023 12:17:24 GMT
server: cloudflare
etag: "64ccec54-36a948"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ff1bf0ffd7d35eb-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
432 B 150ms
149ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=146169&pg=19a8ada6-0b37-4567-825c-aefe1cff3e04&lt=1693447921422&dt=1693447921423&at=1693447923230&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 28b1c012-7f4f-4af7-bc68-1ef454571a0d
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 28b1c012-7f4f-4af7-bc68-1ef454571a0d
last-modified: Thu, 31 Aug 2023 02:12:03 GMT
server: cloudflare
x-trace: 2BBCAFABB62623D2C5557521F8329303B87E0DBA10000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dKh2HQGxDuZyDJ0cz7k17Wu3nIJN6MIfFbtOEIBTDdJ5s%2BWa4PNM0ZAR6WwV5d%2BeDhuPi80DaajGbIWEh0M9x%2BmwpixHJCZzAj9KcyH5ioASi%2F8f6HJbklYkWP7kqU3MhX55x1NRkqEi7c2eE7G30kPxOA%2Bcw0f0Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-m2kqt
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex, follow
cf-ray: 7ff1bf1038c83a80-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
500 B 162ms
161ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=146169&pg=4c2e6bdf-ae82-4526-9232-d9e4d62b04df&lt=1693447921420&dt=1693447921421&at=1693447923232&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9f1ac1d7-118d-47bd-a800-13b03e16dbc2
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9f1ac1d7-118d-47bd-a800-13b03e16dbc2
last-modified: Thu, 31 Aug 2023 02:12:03 GMT
server: cloudflare
x-trace: 2BE0E77FE26510DC82578F774E461EB38FC8E6D4B2000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zgTq23vOzTgUj%2FUnYzp2oDUk%2FJLnC5PlBf7GxuEPXMqlHfSSaPvsKDqSu1XmmDRsL1RRFTrjG%2Bd1OZlKA598D41MrXU8EJmxTUUTio%2FREJJ1J5gB1T4oLDrxDTXe3BXmXYXM72lo94YJi%2Fh7sEmPItbOUuVFrl%2Bqr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-d2gnr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex, follow
cf-ray: 7ff1bf1038ca3a80-FRA

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
515 B 147ms
146ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=146169&pg=1385e65d-54b6-4a5d-8a28-f622009167ac&lt=1693447921423&dt=1693447921424&at=1693447923233&ae=1&sl=1&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 31 Aug 2023 02:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c29b6386-3314-4f7f-baac-ec172add6d40
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c29b6386-3314-4f7f-baac-ec172add6d40
last-modified: Thu, 31 Aug 2023 02:12:03 GMT
server: cloudflare
x-trace: 2B7EC854CF70F72445243D26311B51A954AABB659A000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEdO9iLBaQ0Q8hXDo9QlWdG4onPX3WX70FH%2BBsDV3wHUjy1GBM4vTz0BzidoFU26udzFPWJvSDBNTsSVlsJSaaViTgNGblUNJuHJu0R2d0OXwqV3b7O09%2BE%2B4nsrhR47h8RL0sFlFIgfLui5%2BM259SczP5J4Lhu4xE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-4bsw8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex, follow
cf-ray: 7ff1bf1038cb3a80-FRA

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 248ms
141ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 02:12:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: de35a306-3fa0-4e7f-9f23-902e1c3e3acc
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: de35a306-3fa0-4e7f-9f23-902e1c3e3acc
Last-Modified: Thu, 31 Aug 2023 02:12:03 GMT
Server: cloudflare
X-Trace: 2BA9540C35AB079A8FDC929160713BF80EF3095BB2000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-6xsfj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7ff1bf10efa14dc7-FRA

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 511ms
403ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 02:12:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: fac1633d-5e0f-4088-a311-da0b32e11926
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fac1633d-5e0f-4088-a311-da0b32e11926
Last-Modified: Thu, 31 Aug 2023 02:12:03 GMT
Server: cloudflare
X-Trace: 2BCFBD692724830E67E180434DD9130515F85055EF000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-wcwld
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7ff1bf10eb179b98-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
1 KB 41ms
40ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 18:41:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
content-type: application/javascript;charset=utf-8
cache-control: max-age=59368
accept-ranges: bytes
content-length: 1046

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 43ms
41ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=19135
accept-ranges: bytes
content-length: 4862

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3808748,6477/domain/checkmarx.com/ 37 B
369 B 188ms
187ms XHR
application/json 2600:9000:20eb:bc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3808748,6477/domain/checkmarx.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5e046f12a1b32eeca61d8ce95853fee40ff94d2432160ae885c58ba6b98e175

Request headers

Accept: *
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
content-encoding: gzip
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: n8jX5jOthqzhCpYyKvEpe-jol8Vzt3PQxewAMu69fgJPDDRP4lBQvg==

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 389ms
261ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://checkmarx.com
Date: Thu, 31 Aug 2023 02:12:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 oribili.js Show response
cdn.linkedin.oribi.io/6477/ 74 KB
24 KB 266ms
196ms Script
application/javascript 2600:9000:20eb:bc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/6477/oribili.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70906f4f530165e348ba8f8caa338809a8311edaeb12c469e244df2f0b5c3be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=300
x-amz-cf-id: SecxInSCujmh426cqNSoxY3g7d1Zhsj9KcTGPbfyaPJuJTw_LlD9ZQ==

POST
H2 202 event Show response
gw.linkedin.oribi.io/ 0
184 B 615ms
200ms XHR
text/plain 54.214.244.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.linkedin.oribi.io/event
Requested by: Host: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/6477/oribili.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.244.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-244-79.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://checkmarx.com
date: Thu, 31 Aug 2023 02:12:04 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain

POST
H2 204 ws Show response
px.ads.linkedin.com/ 0
193 B 211ms
210ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/ws
Requested by: Host: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/6477/oribili.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 379CAD342B0D409EBCC67CA12E8ED366 Ref B: FRAEDGE1310 Ref C: 2023-08-31T02:12:03Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://checkmarx.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYELpH1a8dtxbWEfG5J+w==

GET
H2 200 /
px.ads.linkedin.com/ws_collect/ 0
142 B 287ms
287ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/ws_collect/?pid=6477&timestamp=1693447923967&raw_event_id=6477-4781d25c-28c3-c948-19bd-0fb9f52a6136-1693447923964
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FEEAF25A5D6844CF94E134143A2D9B50 Ref B: FRAEDGE1310 Ref C: 2023-08-31T02:12:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYELpH1XOhsTUDwlPeXZA==

GET
H2 200 /
px.ads.linkedin.com/ws_collect/ 0
142 B 286ms
286ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/ws_collect/?pid=3808748&timestamp=1693447923967&raw_event_id=6477-4781d25c-28c3-c948-19bd-0fb9f52a6136-1693447923964
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C317E2FC42254A7F8107B8FEF180F13F Ref B: FRAEDGE1310 Ref C: 2023-08-31T02:12:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYELpH1cvKjUUI6EGzDew==

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
573 B 154ms
40ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:04 GMT
an-x-request-uuid: 1735b9f8-31f7-4b64-8104-aa8435b583ad
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://checkmarx.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.102; 146.70.117.102; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 50ms
33ms XHR
text/html 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-210.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://checkmarx.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 50ms
34ms XHR
text/html 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-210.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://checkmarx.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
306 B 156ms
36ms XHR
text/html 2a02:26f0:7100::210:172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ac8d539fa2691c69c61152294bdd1bfb5c36c4235d4856ef737533f3f562ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:04 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://checkmarx.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:272::2e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693447924315_34603374_130528617_27_1096_32_73_219";dur=1
content-length: 19
expires: Thu, 31 Aug 2023 02:12:04 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 9141 2 KB
1 KB 142ms
142ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1693448100000/rp2be4x948ue.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://checkmarx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 02:12:04 GMT
etag: W/"7aa1fd7154d66cce48b5519438446858"
last-modified: Mon, 21 Aug 2023 19:32:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-id: SE6ZnHHP49k_1Loga1DktFZ8ScroRltEQBl_0KTBagA-5RU3NiBSWg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: wjyxT13_g6vJ9zXxMFNuYK9ENjLQXIyn
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 15

GET
H2 200 chat Show response
js.driftt.com/core/ Frame D497 2 KB
1 KB 139ms
138ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1693448100000/rp2be4x948ue.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://checkmarx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 02:12:04 GMT
etag: W/"7aa1fd7154d66cce48b5519438446858"
last-modified: Mon, 21 Aug 2023 19:32:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-id: BsyZ69UylA4MtIWBHYQ2kwBA58UqTQEvelnOH-9YogQMEnXxDEhaOw==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: wjyxT13_g6vJ9zXxMFNuYK9ENjLQXIyn
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 145ms
34ms Script
application/javascript 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: checkmarx.com
URL: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding: gzip
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
date: Thu, 31 Aug 2023 01:36:12 GMT
last-modified: Mon, 24 Jul 2023 07:50:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 59743
etag: W/"4eb0c668e820abe414d19a11b92dd0fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ETI1rIWue4xMvZS-JJfDy8U47XjG9pMroewP56bdQaCtEBNI0If7NA==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&RedC=c.clarity.ms&MXFR=1ADA8C7D2FF06B2A07E59F032BF0659A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&MUID=2C2E3AE07CB062D731C6299E7D626394

42 B
443 B

58ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&MUID=2C2E3AE07CB062D731C6299E7D626394
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:04 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 02:12:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E0CB0BEB609B44D2A9D862C05C726434 Ref B: FRAEDGE1220 Ref C: 2023-08-31T02:12:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=67BDC0A077DE47D788FBFFE2CA5E5E0D&MUID=2C2E3AE07CB062D731C6299E7D626394
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
809 B 170ms
158ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924316&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c3da06bf-9aae-4613-b0a2-58135d17a339
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c3da06bf-9aae-4613-b0a2-58135d17a339
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moIaFWcghnDX%2FnK9aOWHMrfgzlF%2Bl%2Fxaium%2FGs2jeMSW8jTTjs9vqHioRWdgWrmKSn1UdeWKTTBmw2vpt14FxRC2WJvtm4oHDJP7QBM1Wmo%2FYcPFDvB1mNFQzhC%2BaA5c8zihGTy8nZSoJZdr0TP5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-5bkxp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf172dc93a80-FRA
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
669 B 165ms
165ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c5a6f2bc-0e4e-4bc3-ac0b-e17d28498878
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c5a6f2bc-0e4e-4bc3-ac0b-e17d28498878
last-modified: Thu, 31 Aug 2023 02:12:04 GMT
server: cloudflare
x-trace: 2B7DA5DFC3A700DD691CEE95E77ACBC9CB8BA6773D000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-zdlrb
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7ff1bf171a926904-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
503 B 165ms
165ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=7448e385-d925-40d4-b69a-a004a7dc3366&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924321&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7a2da0a5-c233-4105-be54-d0e27d36fc5b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7a2da0a5-c233-4105-be54-d0e27d36fc5b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSt%2BLLv66z3JAHp%2FFAsDLFK881wNDU6gdYp7G0IcmqPRHapCq4h9IGguxSYHilKp%2FB9cO3o6gRjCsrTaSMG5pnf4ZhLhqY7D5%2BzBO%2BI47b4e08fniodLJLWKaONg%2BY5Nv5kgsErpnEH%2B7GXA56nw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-85gwf
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf172dca3a80-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
449 B 418ms
418ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=7448e385-d925-40d4-b69a-a004a7dc3366&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924322&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9c0f117f-d859-48d6-a62b-ae4519b0046e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9c0f117f-d859-48d6-a62b-ae4519b0046e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ4dSc%2FpyKA18QuM%2F3x0evnrD%2BWXABD1U6msovTgAO6nbPKmw%2FQpCs%2BX2B%2BcmCdnLewla3%2BrV55X%2BRe%2BZYFYNUHSbxQWR9ZdeFgljn0zmRRufqeTuNhGY%2FmBGtIckfoJnEgVm%2FTBAjU2l2TLLAj4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-s99qq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf172dcc3a80-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
436 B 152ms
152ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=43b59215-2251-4213-af6e-7d29fa2cc4a8&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924323&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e28476c2-57f4-4a1e-bfc9-6e3b0df2e326
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e28476c2-57f4-4a1e-bfc9-6e3b0df2e326
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocq835I99tZQmS%2B4xrC7ibeNVqILO5VNpWfBZeW2f2FiTbnJKEbd4102xGUcTqxnmHiq9Gb5iZhM8WJeFEjhrXX9cDtXGfffB%2FxMIuwX0LMkbqVfs2rnGCPflvfW4yn72DI6JPRpz51XcdHVFobz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-5qjc8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf174ddc3a80-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
442 B 153ms
152ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=43b59215-2251-4213-af6e-7d29fa2cc4a8&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924324&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1f1de73c-dcd6-4fec-8dcb-207048f7863a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1f1de73c-dcd6-4fec-8dcb-207048f7863a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BxvZ55zBmW%2BLnwZIejUNeDealQ1t1%2F9WqrQW38eamcSLU37gnR%2FNn8Woyx%2FhwG9EuRbJo%2FL9KYWJsUDBTjnJzv2bq1UPXrVvFTRP%2BzxQQpaEj4tiPU7gOizTesc%2BHQhCQ5VnvKTu1IEnEoONQcH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-jpkw5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf174ddd3a80-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
817 B 436ms
434ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=68bd5cb9-3035-4424-989f-a69fa01bf367&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924325&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9d55ac3d-a459-434b-bd80-62e6fe505cab
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9d55ac3d-a459-434b-bd80-62e6fe505cab
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDUvXBxNjE7sSZprRjOwdGXix1%2FCsDzJqICQ6QSw%2F49f4Cl%2BUOms%2F95Coz%2F6XDptLNiypEKvRTxDwOw8gTjamUCDMe4q3BSud81VUh49mePohZ%2BG3M47GPCeJ9v5OOkXcrMN3W1L%2F8zaOK%2B8ou%2Bz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-c4jbk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf175de13a80-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
922 B 163ms
162ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=2101c475-809f-4105-8eab-7dbdeb6b03d7&fci=68bd5cb9-3035-4424-989f-a69fa01bf367&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924326&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 71bd8fa9-2f5a-4710-ad4a-6764689addfd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 71bd8fa9-2f5a-4710-ad4a-6764689addfd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5xIHA0e8jkWxZ7oNKD0q%2F0ShVq1F2nO6utdA0FRTbUF%2FPO%2FdoZjU62AI8s%2FyLTu0rEc0j0cIJgklCPLo%2FZKr70n%2F52W9siqICojIsrBvXMLqax0T5BN%2FkVOMdjdVBUwBEVIcU%2Bxch13%2F9WlPDal"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-mx5h4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf182e111b35-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
879 B 199ms
198ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2219a8ada6-0b37-4567-825c-aefe1cff3e04%22%2C%2248354eb6-382a-4fb6-b9df-84a4241352a2%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924329&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e170a0d5-f599-4533-bbab-06d1cbbd8033
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e170a0d5-f599-4533-bbab-06d1cbbd8033
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qpNEIzCO5ua7NBnSDzS1CtKTk7bHu%2BDdxRQSEYcoORs3wlQfZckD15eExPIiiFORsGfTd71730ygxubf7pErBPiZbOMPa94huvE7FeOXJRX%2FAHTAbQ0LiH92Z4JA9xPqSB%2BQF9OHPc6yv0gv3zj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-w76pp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf183e161b35-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
879 B 199ms
198ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%224c2e6bdf-ae82-4526-9232-d9e4d62b04df%22%2C%222fb079a6-81fc-4c5f-ae75-feb00aa4f920%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924330&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7c75de8b-2f94-498c-bc83-1081f022823b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7c75de8b-2f94-498c-bc83-1081f022823b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6T4bAwB5uSSw93wfytSgw6%2BSZx76u9ydfrQqb2kfEC1nPXrNMCDzPULZbThFPoQO8bjwi3enn4ul%2BpzjH5kn1Cequ6et1Zgmqsqin%2F0T4kK%2Bt2CBCgCeg0mpSHU47IZvbISb7iFPm8oVHhTncy9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-mx5h4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf183e171b35-FRA
x-robots-tag: none

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
884 B 200ms
199ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%221385e65d-54b6-4a5d-8a28-f622009167ac%22%2C%22b14996c2-373d-4971-a05c-0bb363e40a16%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924332&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 22526bc3-e9d9-4828-9ea9-6c3a88fdbf6d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 22526bc3-e9d9-4828-9ea9-6c3a88fdbf6d
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09ubCrPVITJNWQzxJGMTLSChjyEC7zDcK%2FYeiSuOVZF7h%2Bzfmf8%2BOacu0ZjLZbWUfUS3GhYs4e%2FMuy%2BTt4p7WcyBZSq7l70y9sSTxHrNACz6%2FkdAWQ4mn3uCywGUgQU1Px6as6NOV5KZLdYa7q9t"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-mx5h4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf183e181b35-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 241ms
230ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A01%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 25 KB
6 KB 261ms
180ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=146169&utk=c3255bfcfd846120cc3cbe0e0dcd59d9&__hstc=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&__hssc=206289484.1.1693447924303&currentUrl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffeb33fc48ba9e85563d35557752bea7e4ed68690df9df0666a930e3ed0d5d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a1b78ab4-9fc0-4369-9958-7e0c9d7a8618
content-encoding: br
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a1b78ab4-9fc0-4369-9958-7e0c9d7a8618
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://checkmarx.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UK7sdetW2hO9HI%2FtAvLvYXLTCfK7ZuRbZv9C4QUJJdI55XuXsjJxZCd%2B7Vr%2BgbgoxpGW3qEdhvdWgMRjqp9CWAeq2gcHxzFHz%2BkSNuEltdPwY6ZTFZYFtoiOiq5EZ6L69TYMdgS5WbxW8oDw5Kuk"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7ff1bf1868219277-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-4bsw8

GET
H2 200 runtime~main.a33c11b7.js Show response
js.driftt.com/core/assets/js/ Frame 9141 6 KB
3 KB 34ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: _V7xL2BqKI.FEUuI_wYuPAkfaYhpCJ_C
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 18 Aug 2023 19:22:24 GMT
server: istio-envoy
etag: W/"ddc8ca5b0563491dbf4c2c07057c251d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VOLd80nCXuaD-1XDSAiSLsJFhN8m80N88zEZVRzLFiyA1gAfiQIzmA==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 35 KB
13 KB 41ms
40ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18607628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mAz91tgjyEFrI5EAmeba6B8scYdVn2gw90rLcGUU_wXI71U95990rA==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 7 KB
3 KB 41ms
41ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:18:12 GMT
x-amz-version-id: UAS9fZEsWJhy55_yzrvbe0LqT9eTyvUT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4665232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Thu, 29 Jun 2023 18:36:40 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HiGHCGjgylWZ_pROuiB4HTBz-cN_DwyZ-zrkAxuqvtpoTZJAD9HNRg==

GET
H2 200 runtime~main.a33c11b7.js Show response
js.driftt.com/core/assets/js/ Frame D497 6 KB
3 KB 35ms
35ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: _V7xL2BqKI.FEUuI_wYuPAkfaYhpCJ_C
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 18 Aug 2023 19:22:24 GMT
server: istio-envoy
etag: W/"ddc8ca5b0563491dbf4c2c07057c251d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QZ_2_Xgog1MdbGnWY1c-mPJCrb3dlcYRkJ_WEfWRhd3fl52hcr3FkQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 35 KB
13 KB 39ms
38ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18607628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PdYwY3YDfOmM3KvMfbddeKUkSnyYrMr0YVJlsT3aa456sMiFNqeDkQ==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 7 KB
3 KB 40ms
40ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:18:12 GMT
x-amz-version-id: UAS9fZEsWJhy55_yzrvbe0LqT9eTyvUT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4665232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Thu, 29 Jun 2023 18:36:40 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pUX4DPBA9TsJ5khY7l14wLLoUJaZL38QNrLUX0VCV-9w0XgiqmX83g==

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 199 B
561 B 461ms
461ms Fetch
application/json 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: / Express
Resource Hash: d412633eff79e6c98071db76009c757dac23cceb0bdc0152355793fb1e501fb0

Request headers

Content-Type: application/json
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer c3d2aff0d01669730571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
visited_url: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"c7-8e5vMmMM3AJcCeEyaatmtSr4PB4"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 199
apigw-requestid: KgOGVhX5PHcEPJA=
x-amz-cf-id: 7jQfv8IueOypH10q8nbF15oJliKoqr9lVbP9moTdfIIRkOTWtqNh7Q==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 257ms
182ms Preflight 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://checkmarx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: KgOGRjwIPHcEP3g=
date: Thu, 31 Aug 2023 02:12:04 GMT
vary: Access-Control-Request-Headers
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-id: bvuUAa95LmMzzeuKdhGsHGEBkainPV7nXSlV_NQxVXz-hUynwWFHzA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 23 KB
8 KB 43ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xvXee1QKkEKF0TW3H5PuPT-Rgqr50yeVUU8ywWJsgbElnfv08OYW3g==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 36 KB
10 KB 44ms
37ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4848110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RgcV7vG6vCaO8vdHMyVhYawj2oyFS3JO-TkrBrhopiO3hzsCS5kuog==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 32 KB
11 KB 49ms
42ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:16:45 GMT
x-amz-version-id: b6Bt2g8ryVQoHB7t6bzl84fc0qn29fSy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4233319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TvzN_RN8x56ybz0NeX1wR7PnEyWE_wKCxMRTyDaZTLHqEnJEpkurpA==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 17 KB
6 KB 51ms
43ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7501010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dOs6PDr73POqEn3DoTWh_eDlPPcHBsFg9YdvGx3IeTEUvkp1agf9aA==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 25 KB
8 KB 53ms
45ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4747620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SEo-YvcMBRa-Xd88hvXig325bBPtN6bqvbmGEJCYWY1wZWPcoDpoOQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 74 KB
23 KB 61ms
53ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Fri, 16 Jun 2023 20:26:54 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yNHL4NEXXIFd0Kt2wPR2ou7YN0gmLXYv6HObfJxf0EIU_zqLTv8Anw==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 66 KB
20 KB 72ms
65ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8449396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C9nmvTeU0OWfiX70G6oUCguCqWPDOWiI40Ev9ZQ9Agx8CtZmvzOMFw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 91 KB
28 KB 81ms
74ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4716424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LCCtzuttO5k-GWbHpBJgr6AnnXTjrVKfoMtolXLhUz7ounJgLusKYA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 23 KB
7 KB 90ms
83ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8003351
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DQyCFo6EMkAeG9_Gaq1WgIVW606pNdefbGLBP2M1ApgIvLKWsuNFow==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 62 KB
20 KB 94ms
87ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5530213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VsO8arCwCU43_rglYrnS78duyYmlUfrRrTf_6NdNVhJvO6DutvvmIQ==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 105 KB
34 KB 99ms
92ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uj_2MUocMCh4YzHK4ecR-Lj7T5zC0VUsRhUM9fh1NZGGxsLoP3X0uQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 12 KB
4 KB 105ms
98ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id: d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8378314
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Wed, 24 May 2023 17:52:54 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KDCRDhfE7q78ENlim4HklFXg-PP3ekyi_JULLWh9iijmQ7NwzExT-Q==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 13 KB
6 KB 105ms
99ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uuwfnc0-IRmOV10SS-Tuzp5292vnkOM9MhSRctzw9FcXIJbcDMpqeA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 17 KB
7 KB 107ms
101ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id: VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7490845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BBuoN1dR2tu0AsjDXOks3jbtOcnkv1fgCDCTOrYv5KitR-WwwwZoqw==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 9141 31 KB
4 KB 72ms
67ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R2TxgYATegDeNN-6epJlXcpx3BNbQxGqNLblUfar-vPp5glzico_WA==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 81 KB
25 KB 106ms
101ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3823254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: --W_uR1fRjiiUmfTAxK1zkirtjLlqdq_xWGaqkBLPfgJGV8VOj2iVA==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 9141 24 B
697 B 73ms
68ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 9550953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
content-length: 24
last-modified: Thu, 11 May 2023 20:21:34 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JO0X5VgcZvXBrHwyxlXjXBdH6pSKM0ginAs_DvFwaV70p3q1sqAdGw==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 91 KB
23 KB 113ms
109ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2877289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w9_30EfoV1e2LdS1YuHH8ppRiqmtt0x7ZBywzhiQJK0Baw3jPFdnFg==

GET
H2 200 24.380267cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 50 KB
14 KB 113ms
110ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.380267cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: 8hWikhJQH5GfSgG2PvWZLnxoCVY3VOaQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"2b5e6260a27f45c0ebdabaab4c4ea3ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wTvyS8IIZPZjtZ3Cc_qXg1YjWUBVGSUSFw7KQdb3xZHWhyJCAe9B9w==

GET
H2 200 17.4cd64079.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 40 KB
13 KB 119ms
116ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4cd64079.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: pudlSGb3FDz6jiJXdGlm.W03Zp5sJ.NJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"69b954ce34c53a01750881fd21f7c5d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gNnoX17JIqJ7mTVVW577PHARWLypTAavZ_wDDqKiJRVVKRGRtUUvVQ==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 23 KB
8 KB 115ms
112ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ttp9X5LRf5kUSGqXpxKtXTZz-Hb1tKUZ1e9Buwn8pI-9egivovgcFA==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 36 KB
10 KB 115ms
112ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4848110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pFEUgNT1eYWrupY6yspS3AFJrgLq20icEUUEcMOwNU6jedcI9hSXWw==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 32 KB
11 KB 116ms
113ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:16:45 GMT
x-amz-version-id: b6Bt2g8ryVQoHB7t6bzl84fc0qn29fSy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4233319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PAr-64z_AT2UoqaFXtIgkVcYmX7HMJab2OBhcKYzhdMvgGSAxSNSUQ==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 17 KB
6 KB 119ms
116ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7501010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Op54MvuJ_Hd0DvRL_gMEA80dwnt_URxuBKBq2QEn05Jc2rYty44BBg==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 25 KB
8 KB 120ms
117ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4747620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CrmDdaD2dg0pQPQopEIPNZP3L9SHKrP3gpd5mX0g07whv_VqBXq12g==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 74 KB
23 KB 121ms
118ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Fri, 16 Jun 2023 20:26:54 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LKN-BiSyX6HIi4Q2erTo1IzW2Dlj7jbQTB_O0S0btAtsaDGYE7IE_A==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 66 KB
20 KB 127ms
123ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8449396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yFh59-5JaUIQNKlhQz-my9V_s9rTCNxow6dCWNbik-SWQiE2CFhaWQ==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 91 KB
28 KB 130ms
127ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4716424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JdGG7jJ9bGnzYI9w40-b0b1ugLjE3KIXco98aAK0fwgO4FnN2wsVmw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 23 KB
7 KB 133ms
130ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8003351
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3mIm1K8AfKszwHSqxKdcppddON1UMVJdPqs9cv0RHuYRv7Q9gtNhaQ==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 62 KB
20 KB 134ms
131ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5530213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ds7W8OIKvKBjD-gAjnGx4cwVnm9k0KWmrW1NnJVrPwMhpEJBZM8H_g==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 105 KB
34 KB 136ms
133ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pn2ILypvvYAjudl-wE4ilAoAe2PSHJuGNzcHzYhecTjqhkFTnxEarA==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 12 KB
4 KB 138ms
135ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id: d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8378314
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Wed, 24 May 2023 17:52:54 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UVqa03eok-4Ei8y-2rnZg6JUEIqfoyH7TEl7gVnaSgTiib7owdUkwg==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 13 KB
6 KB 139ms
136ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r3rloPwCshJvvRnP-Jeh6HyqD6XbttnxIDKZkUySgRDePSZHP3GmEA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 17 KB
7 KB 165ms
163ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id: VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7490845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m7tBt-C7qU66872JnPUHrDfwDRWUMasRjtoOk2K8xUCZoUNKG3vRPw==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame D497 31 KB
4 KB 123ms
121ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6218644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WEk5Oa_X376qxPLSUh1KN3SkosFRWVV0jYL7V9BWke5Wii9zEJco0g==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 81 KB
25 KB 169ms
168ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3823254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XZNf0XOQvaf4OHhKvg6yYm3wmn53wLKtriQCUq8dt4VUm4k0kSpR9Q==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D497 24 B
696 B 170ms
168ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 9550953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
content-length: 24
last-modified: Thu, 11 May 2023 20:21:34 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BJ3oKvb_t9_RV-PcAHLlKO5JWHXh9bqc85IhR5ebaLVdqIuU3N68DQ==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 91 KB
23 KB 170ms
169ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2877289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IRPD2ONQKvgaNXaOp49XnnnpbS22M1NFG9CD8Byrty2qFksr_cAslA==

GET
H2 200 24.380267cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 50 KB
14 KB 174ms
172ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.380267cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: 8hWikhJQH5GfSgG2PvWZLnxoCVY3VOaQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"2b5e6260a27f45c0ebdabaab4c4ea3ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DyjVAOUMrMLKFKO-HUe0YEU68LkKkHh6WDKEM8Zv1GaqbzLJgMXWHQ==

GET
H2 200 17.4cd64079.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 40 KB
13 KB 174ms
173ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4cd64079.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 19:32:27 GMT
x-amz-version-id: pudlSGb3FDz6jiJXdGlm.W03Zp5sJ.NJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 801577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"69b954ce34c53a01750881fd21f7c5d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UFDarytctIfG9J_jOvt5jyuDmKe2vnNrm-74GfaFh5FGs9Dor13d4A==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 9 KB
3 KB 38ms
37ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: 11XPwI2xxVbguG7UE_GEw7u.mY1XZ4Ws
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3053923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Wed, 26 Jul 2023 13:14:41 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X8h8A4uoCLzt1qlcLV6Vz9Y6tgYbojcjkrPtSol3T9-GFDcbwYh8yA==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 35 KB
10 KB 39ms
38ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:02:59 GMT
x-amz-version-id: nle0j8birQ7TqZcCTCj2_Aiuc4PU4FBJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6221345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mDD--m24cysfLAZjZgDrhW3siuzR7MQW31EFMRjR4qKSYEFukpcE0Q==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 9141 8 KB
2 KB 35ms
35ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:30:40 GMT
x-amz-version-id: o5Mqj_3FT3WjX9660DbCXWXmwKjwNZDi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3069684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0lUPH9m-fTRcatzc7QC2PsphjQRxwrAJXJhkpebobCa1eQsNTMeBhQ==

GET
H2 200 28.bdd92ff2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 14 KB
6 KB 41ms
40ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 01:08:20 GMT
x-amz-version-id: FvCtLBM3Ax0E94dTAA_8PRI1sla9ZXxV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2077424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"260fbabe310bd2cae5c44538f3d833ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DvlFA_PfSndBYtz-Nhr5JqjS1-E0OfYH05Ga7JxnloNLlad5uaVXjw==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 9141 365 B
1 KB 37ms
37ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 23:31:21 GMT
x-amz-version-id: n.AcAAyNdrluKmEb0IgSI_RvtitbHfQj
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 3033643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 68
content-length: 365
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AFh6hIeHmKL6SeSTsMJXy2Sef-qYuVrHhb9KbqcxIHEElLsurCWlrA==

GET
H2 200 25.a9a52994.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 91 KB
25 KB 41ms
41ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:11 GMT
x-amz-version-id: gwpLuUCx14LwmyLJHh.v9ArijcPAHA0d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3823253
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
last-modified: Mon, 17 Jul 2023 15:59:41 GMT
server: istio-envoy
etag: W/"34109a0bf2906f78b21b4a9f5fa4ab8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8y6yKph_ugS4hkg6DvOON5uWQNF3etUppskVBpUZ0jUkZsmJBVGL2g==

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
881 B 156ms
156ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=bce66c00-102e-4ab9-8547-1ec456b0e210&lfi=4958825&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=146169&ct=blog-post&rcu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pu=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&t=An+Ongoing+Open+Source+Attack+Reveals+Roots+Dating+Back+To%C2%A02021&cts=1693447924817&vi=c3255bfcfd846120cc3cbe0e0dcd59d9&nc=true&u=206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1&b=206289484.1.1693447924303&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 79275826-b1cd-4450-9a25-a84d7c0f312d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 79275826-b1cd-4450-9a25-a84d7c0f312d
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8inuAG2r%2B%2BXUKEyWwLF8Z6aJx80Yb3AlH64O6L9H3SjglpHixD4oyIcI7qzeRotsZh7xUQGnlfLaXCLTKKh0EpPlJujhk4SLC2%2BsrqqSMqV1Cb%2FqRmrh4KFghHYeouMfYQPuSOsq7%2BgW2CKd6Dc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-78r47
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ff1bf1a2f471b35-FRA
x-robots-tag: none

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame D497 3 KB
1 KB 36ms
35ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:43:49 GMT
x-amz-version-id: 6S9dem0QqRNKdsXJa9pt.hiZoFHo8G8.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4843695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Fri, 30 Jun 2023 16:16:07 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iP7bZjlDSedDKJY1bfrJP3V7CPr_CK1xvraHj1MWLysTIa6djVRv-w==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 3 KB
2 KB 36ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 04:59:35 GMT
x-amz-version-id: Fv09MwZ9_aib0TbI3DWT7N_8oqF8DxL_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6210749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r0Qnmba5jrzMDsKY6hg2UrTuPQPmEQy4t40jXt7z9rmbq7bN644oNw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 9 KB
3 KB 33ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: 11XPwI2xxVbguG7UE_GEw7u.mY1XZ4Ws
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3053923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Wed, 26 Jul 2023 13:14:41 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qv5iYx52FWRiL3WxQJ-2ZVCoQ2jqx2Me7Hp-xMy3oDHJ5dV58IsLwA==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame D497 7 KB
2 KB 33ms
33ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3053923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QTh3rjZmCurwXinwSmclFlladF6Lw5TizusrCbq6P7oNnCuR1zah2g==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 54 KB
15 KB 35ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:32:39 GMT
x-amz-version-id: jXTrJe6220Uy3oL4jKw8LE4E7PDU6e2f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3083965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Tue, 25 Jul 2023 18:08:14 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kQC2R-8_YmGXWQnen6mIAzDYTuVMkHSiunIVIW7b8XzlddKQsADeNw==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame D497 44 KB
7 KB 34ms
33ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:01:02 GMT
x-amz-version-id: 19YOPtagzF0I0emgnq_seBKB.3mPQekh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3568262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
last-modified: Thu, 20 Jul 2023 18:22:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Muy6OXPs66S0RdHXopUvZbxGReXyepQkBTySCLe8RmtWSktaygd4NA==

GET
H2 200 1.be8346b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 54 KB
17 KB 35ms
35ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.be8346b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 02:40:26 GMT
x-amz-version-id: Qzn498zebCoTnQo6nXMgO_6Igex61YXE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2071898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 28 Jul 2023 18:55:09 GMT
server: istio-envoy
etag: W/"c2bd45f4e9f02db923342d39137bf141"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YEK45pHINtVCjr9dNZZ0rP_c2HdXx0pGOfYPm1r04PO4lMmntdmIdQ==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 23 KB
10 KB 36ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:55:58 GMT
x-amz-version-id: uGJ36CDXFf5jc7zFgfXUohqg1i8mPHWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3136566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 25 Jul 2023 18:08:15 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OD247bgZ3YlwyN0zAN5rAXBCf6WDizFyPcRRs3KmK3LV35bnZYXMkA==

GET
H2 200 34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame D497 16 KB
3 KB 36ms
35ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:11:02 GMT
x-amz-version-id: q2speui9tJuSqazhqyXXmusrZlo.6X8E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3369662
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 21 Jul 2023 20:53:06 GMT
server: istio-envoy
etag: W/"95b017fb41a8751bd7175f8a73f035f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mar1MzksrV1E6PQr-sMAGLlzSJdamL6GcGgo5h6tiMnVshJHgixAtw==

GET
H2 200 34.26535e57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 12 KB
5 KB 36ms
36ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.26535e57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:07 GMT
x-amz-version-id: zimEW5MMc4dniZpXAOMuEdtXaNnspzUJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2044857
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Fri, 28 Jul 2023 18:55:11 GMT
server: istio-envoy
etag: W/"d1f726d8d49e4c3e218775f6ce78039f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Eod7tnaLOjR6e1qIzjbZHgARon5lPwYKnoO_Yj0IkCU07Dtley9-kg==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 9141 178 B
619 B 418ms
129ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

84c2c8f4f4dc175c96a1e1851a7de9582ab2acca94189f2a95396f232dd13861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: dbd96dcf91a7a4eb
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 178

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/g6JF8KNPKRHdmX0E8idB/ Frame 0
0 247ms
166ms Preflight
text/html 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/g6JF8KNPKRHdmX0E8idB/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type
Access-Control-Request-Method: GET
Origin: https://checkmarx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin: https://checkmarx.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ff1bf1d1bc51d9e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 02:12:05 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 56 KB
18 KB 160ms
71ms Script
application/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae6a506c94896868cbf0a444b246e89641e8be3741e537915d11534811d3b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2761
x-guploader-uploadid: ADPycdsmQ40QV3ONUL7pEQ3xL0li2jYA702X6bU9G_q_GoklxfQIUSYI2FIPvScVzISaSi2ehAMSXQ1bPSkJteWnuov4oY6IgkPg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 09:39:19 GMT
server: cloudflare
etag: W/"1a8de462ae11cdc712fb7c20f6abe2a7"
x-goog-hash: crc32c=nve1dw==, md5=Go3kYq4RzccS+3wg9qvipw==
x-goog-generation: 1693215559192397
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 57636
cf-ray: 7ff1bf1d198a1c26-FRA
expires: Thu, 31 Aug 2023 02:26:04 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/g6JF8KNPKRHdmX0E8idB/ 3 KB
1 KB 349ms
310ms Fetch
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/g6JF8KNPKRHdmX0E8idB/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b9bcaca09934b3fa45954881e63165a9b3ded8206ed001b24fa80a52e59d907b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
_vtok: MTQ2LjcwLjExNy4xMDI=
_zitok: f8b5cdbca563a52fad3b1693447925
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/javascript

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://checkmarx.com
access-control-allow-credentials: true
cf-ray: 7ff1bf1e59a535f1-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc: h3=":443"; ma=86400

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 222ms
221ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A01%20GMT%22%2C%22timeSpent%22%3A%223299%22%2C%22totalTimeSpent%22%3A%223299%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 164ms
164ms Preflight
text/html 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://checkmarx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://checkmarx.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ff1bf1dcc411d9e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 02:12:05 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 2 B
353 B 187ms
187ms Fetch
application/json 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer 4cd326324f4f95f9779c9db9a285b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://checkmarx.com
access-control-allow-credentials: true
cf-ray: 7ff1bf1ec9ed35f1-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length: 2
alt-svc: h3=":443"; ma=86400

POST
H2 200 v2 Show response
customer.api.drift.com/integrations/hubspot/utk/ Frame 9141 2 B
65 B 384ms
383ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: f3eeaed7ed722ed6
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 258
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2

OPTIONS
H2 200 v2
customer.api.drift.com/integrations/hubspot/utk/ Frame 0
0 140ms
127ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Aug 2023 02:12:05 GMT
requestid: drift20b839246e9b26708c1d253f1c2
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 9141 25 B
112 B 144ms
137ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 02:12:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 10858f3969cfd077
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 9141 17 KB
6 KB 480ms
479ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

edc67cd79d95f519d3fc5be95f3165905fdddc3f03241af3d00e7c219d3291da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 02:12:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: be16f6bb69487a12
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 353
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 212ms
212ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A05%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224301%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 144ms
143ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://checkmarx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://checkmarx.com
Date: Thu, 31 Aug 2023 02:12:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 200 track Show response
event.api.drift.com/ Frame 9141 659 B
718 B 127ms
126ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

c0a7f8a6c5cfeb868d64f03eaef97662c90efdbc0d220803274cf918d7ec90d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTMwMzcxNzEyMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQzOTQiLCJleHAiOjE3MjUwNzAzMjYsImlhdCI6MTY5MzQ0NzkyNn0.ywBCIgWxXtB0x1HDILRjIF3rv3IZW0ewUPHRNzki6Uvb_3TO6y1fJ-t22zxrVnNYZIC4JxCJA5K4g_WKa9pyUg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: bba1d6a53ee9941e
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 659

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 133ms
127ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Aug 2023 02:12:07 GMT
requestid: drifta68e54b469286efed11828ea2dd
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 9141 929 B
519 B 127ms
127ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b4ea46b6cfbc69750ecf59c99a561c15a8bf032e6d4a953d4ae7e26240564f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTMwMzcxNzEyMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQzOTQiLCJleHAiOjE3MjUwNzAzMjYsImlhdCI6MTY5MzQ0NzkyNn0.ywBCIgWxXtB0x1HDILRjIF3rv3IZW0ewUPHRNzki6Uvb_3TO6y1fJ-t22zxrVnNYZIC4JxCJA5K4g_WKa9pyUg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 9998621c9bbb1004
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 458

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 143ms
126ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Aug 2023 02:12:07 GMT
requestid: driftc8ec8b14f0bb90627375403748e
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 212ms
212ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A06%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225302%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame 9141 4 KB
2 KB 158ms
158ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

be275055d0c32419326f2c05c573f86c5ed37f2911cc48eea36cba9c378f8f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTMwMzcxNzEyMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQzOTQiLCJleHAiOjE3MjUwNzAzMjYsImlhdCI6MTY5MzQ0NzkyNn0.ywBCIgWxXtB0x1HDILRjIF3rv3IZW0ewUPHRNzki6Uvb_3TO6y1fJ-t22zxrVnNYZIC4JxCJA5K4g_WKa9pyUg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: b1b356a995316614
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 31
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2040

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 144ms
126ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Aug 2023 02:12:07 GMT
requestid: drift5d59a7c48dd8be6ab684c722979
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 127ms
126ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Aug 2023 02:12:07 GMT
requestid: drift4b5207e481fbbd184ef4f070d9d
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 9141 0
37 B 134ms
134ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTMwMzcxNzEyMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTQzOTQiLCJleHAiOjE3MjUwNzAzMjYsImlhdCI6MTY5MzQ0NzkyNn0.ywBCIgWxXtB0x1HDILRjIF3rv3IZW0ewUPHRNzki6Uvb_3TO6y1fJ-t22zxrVnNYZIC4JxCJA5K4g_WKa9pyUg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 81f79f6792e17e65
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1322611976&t=event&ni=1&_s=4&dl=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&ul=en-us&de=UTF-8&dt=An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%C2%A02021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202491842&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1017652453.1693447922&tid=UA-6105155-1&_gid=1982481816.1693447922&gtm=45He38u0n81KHF9F29&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fbmewj78kvp%2Fq8hku5%2F1tqjgd8&z=1565748504

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 07:22:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67784
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9141 19 KB
7 KB 34ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=rp2be4x948ue&eId=rp2be4x948ue&region=US&forceShow=false&skipCampaigns=false&sessionId=5e5f3d9a-3ed5-4904-9efe-da13caa350d6&sessionStarted=1693447924.267&campaignRefreshToken=e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86&hideController=false&pageLoadStartTime=1693447921100&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:57:26 GMT
x-amz-version-id: RC9wHzNSJSUNxtwIhSrk.IaHgPmrvySk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1034081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 18 Aug 2023 19:22:23 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y7_lTsLmrijDXdyAXic3_Jf0TqTkiNVYQJA8OuTmTYCBODdU129S5Q==

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D497 19 KB
7 KB 34ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a33c11b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1693447921100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:57:26 GMT
x-amz-version-id: RC9wHzNSJSUNxtwIhSrk.IaHgPmrvySk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1034081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 18 Aug 2023 19:22:23 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mLVoqwE7xt-2LHhcBPKO-TCRRCXYUr34QIJtQMjdiZrFBtPezKnhhg==

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F2109621%252F1c15b0d996bded3ed01761067606b84ekms5avp7byuw%3Ffit%3Dmax%26fm%3Dpng%26h...
driftt.imgix.net/ Frame 9141 4 KB
2 KB 157ms
48ms Image
image/svg+xml 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F2109621%252F1c15b0d996bded3ed01761067606b84ekms5avp7byuw%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Dfe0309f06438928b93ae63b976d0bb49?fit=max&fm=png&h=200&w=200&s=18eaa1c525fd7366d5d4915f607c53cb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4017071a66e4cf1d7568df35e5a6c9b14b2c5eab59a92009f26312ea8cedc7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2021238
x-cache: HIT, HIT
x-imgix-id: cd682832628021974a56e10d073dedb84ab6783b
cross-origin-resource-policy: cross-origin
content-length: 1447
x-served-by: cache-sjc1000125-SJC, cache-fra-etou8220043-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 05 May 2022 14:36:08 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3.ee35dea2.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
851 B 33ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/3.ee35dea2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1693448100000/rp2be4x948ue.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 23:38:44 GMT
x-amz-version-id: pMohofQYEF1dohPHFcPmV3oeRzVr6CuK
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 3292403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
content-length: 158
last-modified: Fri, 21 Jul 2023 20:53:14 GMT
server: istio-envoy
etag: "e6714addd36102488fb27a980401fd36"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o9lDdb3-fllQ7uQqXnxi7ThZm9u6TzfX5nNmOPehSllonojGLjQVdg==

GET
H2 206 notification.5f7c6014.mp3
js.driftt.com/conductor/assets/media/ 8 KB
8 KB 35ms
34ms Media
audio/mpeg 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://checkmarx.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Sep 2022 07:38:10 GMT
x-amz-version-id: Ub51puyo1Locv75rMJeYD6NAYp0fo__l
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 31257237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-7754/7755
Content-Length: 7755
last-modified: Thu, 01 Sep 2022 13:18:52 GMT
server: nginx
etag: "5f7c6014cf73831f91963a668b71fbb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uX_wXuv4g1t59RtU5Ej48XQu-xu3wkbfJPrU7z8TZJ-mhP-BfS_6HA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 221ms
220ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A07%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226303%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 9141 25 B
108 B 138ms
138ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 31 Aug 2023 02:12:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: f3614976e6dcad7c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 222ms
222ms Image
image/gif 2.17.100.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c1558e423bf0a1f52dea7179a3fb4dda&svisitor=null&session=e0a3f787-c297-4955-87a8-8f5ca04b9113&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Aug%202023%2002%3A12%3A08%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227304%22%7D&isIframe=false&m=%7B%22description%22%3A%22Developers%20in%20the%20cryptocurrency%20sphere%20are%20being%20targeted%20once%20again%2C%20as%20yet%20another%20threat%20actor%20has%20been%20exposed.%20This%20user%20has%20been%20publishing%20malicious%20NPM%20packages%20with%20the%20purpose%20of%20exfiltrating%20sensitive%20data%20such%20as%20source%20code%20and%20configuration%20files%20from%20the%20victim%E2%80%99s%20machines.%20The%20threat%20actor%20behind%20this%20campaign%20has%20been%20linked%20to%20malicious%20activity%20dating%20back%20to%202021.%20Since%20then%2C%20they%20have%20continuously%20published%20malicious%20code.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22An%20Ongoing%20Open%20Source%20Attack%20Reveals%20Roots%20Dating%20Back%20To%26nbsp%3B2021%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcheckmarx.com%2Fblog%2Fan-ongoing-open-source-attack-reveals-roots-dating-back-to-2021%2F&pageViewId=f0048a52-90c6-40ca-8f09-11ab29736981&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-210.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkmarx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 02:12:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
checkmarx.com/	1969-12-31 23:59:59	Name: quform_session_e8859b199080c76209ccd8379169b60c Value: eDhJYGphSsv9NfsnGEYh1EIzXxPNEjnN0BP2B8y8
.hubspot.com/	1970-01-20 14:24:09	Name: __cf_bm Value: zXB2ygOj.zabhXSTKX6bg3B7wJ1VGtAj0spora5_47M-1693447921-0-AcpikKVcnC8FXdDwXHJZICmGEMwQoSsnkmU0t0zn9xeyZwQTEeyXA3UConTLWDEDczDh7YkH9svUbxd2xXUuT/c=
www.clarity.ms/	1970-01-20 23:09:43	Name: CLID Value: 4c9b72a3f5164430b510a2ee1d237a42.20230831.20240830
.checkmarx.com/	1970-01-20 16:33:43	Name: _gcl_au Value: 1.1.1337170329.1693447922
.checkmarx.com/	1970-01-20 14:25:34	Name: _gid Value: GA1.2.1982481816.1693447922
.checkmarx.com/	1970-01-20 14:24:07	Name: _gat_UA-6105155-1 Value: 1
.checkmarx.com/	1970-01-21 00:00:07	Name: _ga_TGCYJYTE53 Value: GS1.1.1693447922.1.0.1693447922.60.0.0
.checkmarx.com/	1970-01-21 00:00:07	Name: _ga Value: GA1.1.1017652453.1693447922
.checkmarx.com/	1970-01-20 23:09:43	Name: _clck Value: q8hku5\|2\|fem\|0\|1338
.linkedin.com/	1970-01-20 16:33:43	Name: li_sugr Value: 52676491-2ab5-430c-9abf-8e58a5bc4553
.linkedin.com/	1970-01-20 23:09:43	Name: bcookie Value: "v=2&a19f4f62-8cf4-4154-8f37-fee0cac24767"
.linkedin.com/	1970-01-20 14:25:34	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2621:u=1:x=1:i=1693447922:t=1693534322:v=2:sig=AQEE32kLhutnQ9LhQrGiQS1CzuLcpjV6"
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-necessary Value: yes
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-functional Value: no
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-performance Value: no
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-analytics Value: no
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-advertisement Value: no
checkmarx.com/	1970-01-20 23:09:43	Name: cookielawinfo-checkbox-others Value: no
.linkedin.com/	1970-01-20 15:07:19	Name: UserMatchHistory Value: AQL1ubK8fONOPgAAAYpJXKTYcRO9aqFqNLpWDMMFZatdH1lLUAp3IVSeJGWXSTvSP61hK51O0bDxsA
.linkedin.com/	1970-01-20 15:07:19	Name: AnalyticsSyncHistory Value: AQJ_G-Ayi-EIZAAAAYpJXKTYBDWjiJIxPmWEzv-tm8Goa7wPXbSpYx28o2zCwCCXB9sqULaON0RKoGImThFQag
.www.linkedin.com/	1970-01-20 23:09:43	Name: bscookie Value: "v=1&20230831021203d0c48fad-1676-432e-8152-aa1538e6648eAQFtAkIUd2mcMr3u_pN7vcHDF56U2YV2"
.linkedin.com/	1970-01-20 18:43:19	Name: li_gc Value: MTswOzE2OTM0NDc5MjM7MjswMjHsvgbmMLjggwHrvuqDpcnSEZJe9zXc4ZHefEislyJx0g==
.checkmarx.com/	1970-01-20 14:25:34	Name: _clsk Value: 1tqjgd8\|1693447923338\|1\|1\|r.clarity.ms/collect
checkmarx.com/	1970-01-20 14:25:34	Name: ln_or Value: eyIzODA4NzQ4IjoiZCIsIjM4MDg3NDgsNjQ3NyI6IjY0NzcifQ%3D%3D
.checkmarx.com/	1970-01-20 23:09:43	Name: oribili_user_guid Value: f462d11b-0dc8-f0a6-4658-6ce57272b133
checkmarx.com/	1970-01-20 14:24:09	Name: drift_campaign_refresh Value: e05a2e32-e4e5-43bc-ad3b-8f7bcfe7ee86
.checkmarx.com/	1970-01-20 18:43:19	Name: __hstc Value: 206289484.c3255bfcfd846120cc3cbe0e0dcd59d9.1693447924303.1693447924303.1693447924303.1
.checkmarx.com/	1970-01-20 18:43:19	Name: hubspotutk Value: c3255bfcfd846120cc3cbe0e0dcd59d9
.checkmarx.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.checkmarx.com/	1970-01-20 14:24:09	Name: __hssc Value: 206289484.1.1693447924303
checkmarx.com/	1970-01-20 14:34:12	Name: _an_uid Value: 0
checkmarx.com/	1970-01-21 00:00:07	Name: _gd_visitor Value: a1f4fa74-8a1f-4c71-820f-3bd2c5c5eedb
checkmarx.com/	1970-01-20 14:24:22	Name: _gd_session Value: e0a3f787-c297-4955-87a8-8f5ca04b9113
.bing.com/	1970-01-20 23:45:43	Name: MUID Value: 2C2E3AE07CB062D731C6299E7D626394
.c.bing.com/	1970-01-20 14:34:12	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:45:43	Name: SRM_B Value: 2C2E3AE07CB062D731C6299E7D626394
.6sc.co/	1970-01-21 00:00:07	Name: 6suuid Value: ce64110247960000f4f6ef64900200005c651600
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:45:43	Name: MUID Value: 2C2E3AE07CB062D731C6299E7D626394
.c.clarity.ms/	1970-01-20 14:34:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:24:08	Name: ANONCHK Value: 0
.checkmarx.com/	1970-01-21 00:00:07	Name: _zitok Value: f8b5cdbca563a52fad3b1693447925
.zoominfo.com/	1970-01-20 14:24:09	Name: __cf_bm Value: 5LFiQMJ7BPC0potSgY4cFhpnsTAU71yMybgKEGOlPXY-1693447925-0-AbKY/eMQDs8VwWtlu3f4xisRM49Q7AgBYSSPJ7PJ/VvvFR/e2EO5r2fPi5iF3OnuLzHBBAK1AeMC2DRZtGl2/tw=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Imf05kqx_SIkCCPfIbCGU49pTIOzQ39e3SIw19QeP0o-1693447925336-0-604800000
.checkmarx.com/	1970-01-21 00:00:07	Name: drift_aid Value: a80cd35e-79c5-4f55-9e25-d905b77d5c3d
.checkmarx.com/	1970-01-21 00:00:07	Name: driftt_aid Value: a80cd35e-79c5-4f55-9e25-d905b77d5c3d

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://checkmarx.com/wp-content/themes/stratusx/?ver=220913-10806 Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
checkmarx.com
cta-service-cms2.hubspot.com
customer.api.drift.com
driftt.imgix.net
event.api.drift.com
flow.api.drift.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
gw.linkedin.oribi.io
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscta.net
js.hsforms.net
js.hsleadflows.net
js.zi-scripts.com
metrics.api.drift.com
no-cache.hubspot.com
perf.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.clarity.ms
region1.analytics.google.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
targeting.api.drift.com
track.hubspot.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
141.193.213.20
18.66.112.118
185.89.210.180
2.17.100.210
20.119.174.243
2001:4860:4802:34::36
2600:9000:20eb:bc00:2:53b2:240:93a1
2606:4700:4400::6812:22e5
2606:4700::6810:4eba
2606:4700::6810:88ce
2606:4700::6810:890f
2606:4700::6810:bc59
2606:4700::6811:c9cc
2606:4700::6811:e6a3
2606:4700::6812:7c0c
2606:4700::6812:b07d
2606:4700::6812:c07d
2606:4700::6812:d133
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9d
2a02:26f0:3500:16::215:149b
2a02:26f0:7100::210:172
2a04:4e42:8e::720
3.94.218.138
52.222.236.102
54.214.244.79
68.219.88.97
03b7eecbd09f42538b7a7bdd867355e0a265746556d39830e90af4b3fdd746bf
05065171ac0b691d2ae8801e8f3d24f1744606045afd6d4230c779ff2582dce1
053a01136cfac10dcdde9b9a0037e1793b49f0c52812640b3f4afd4c5cfa642d
05ebea9e5d53731430158fa2ce20401619d4d9cae01f13d5ab1d4eecb940f9fd
07e698d5630f0bf25ff857de921616467f4362aea493963653969950522859b0
0a11ae77fcb4867270516f6f425b8bb454a5794cba4e4fb862d421636c08be66
0b47c6f613bff41662a4af43e11dd7a291ad7a1fbb2346cbcf6260fc2895c911
0df199ae8bcace939dc25c21f42a53af2847d13bc7643f48ee8f9ffe389899e8
0f13207f4d34132c589e7c152a91a7dd0b166a1ae433ccd90e573e57f20b3c92
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13a212c6b892024aae8c2db3d8cf9a5ec7d7f0f86948669384001e375a55edb5
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1a0037fa0fabe13aab89c6aaa50412d14b704ade4437227c5205e1635d18cf44
2076ab16903cb902534c67d5faf95a50090816c2071b021234c463f3da7c2a24
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
225a9da24e4ab81b00141036b3da481f082398091509d5baea4aa3e8b588857c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2919b477cc499bccfe89612692490f56dc73237f3cb7165ed19a0f564e365fa2
292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb
2992617d916a0bb041ded4eb2eebb609a7800b4670b43d8966bda2425b1b43dd
29dc7b9cfc046e68df68accc1f583adebd867889ca203399bff93fcf23d7c3b9
2a39504ff0e8230cff9511b4027a386c4b2a54601d27524c751e7dc6f0a6e6f9
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
2c3dd1b0483dc7ee2f784c79f0aae5ef0e99cb64f217165c5507cbdc1146c72b
2c9eed2cfa93b8d3aa3bb82e59667500daf5077564a6a874ac89062a11634744
2dc063e78a32a733bf4f1b7e6331a1c24374b8b614369a12412cc0bd1f47dc44
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2e9a831a6d59eb9df0e935e9c05d24a730ee62bb5bddb5735abc1ce901c8c8d5
2ecf160ce3d74f9d2940ff54b53ae5142481b843a9720429a37a33234153b581
2fdaf549542c19d303a61dd53d8558a115ff3a1296d974b3392f9e47cb64fd5f
3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31d2b32cf356d2c383335eacb7687e03b6dfddd3acb2e753dd09a97fa4f0b70d
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
366247af307ea140e017b24e2d0814493228bdbd3c53c6dbf2c1fc834b077292
36baa3e24c74b8f6621f51a2543f0435beaded0cd069eb77836a08d789e6c28d
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
391286f634b990866c24e99c0cd4c939445d6b174d3efef4620d05a7b159513a
3963b8591050c4af2f0edf8a96662113f01900444868e6936c5d192bc44dfe6d
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
3ceb0da3fc29fbb50b1dfd4a13ceb0abb742567f96b4810eb8bd45d3d30d08fd
3e584003b5c6df9bc2854b2775e527ef7240f3d1cae4047e9aa504cdfbc109f9
4017071a66e4cf1d7568df35e5a6c9b14b2c5eab59a92009f26312ea8cedc7eb
4094cf2491f97f2b9ddca2b7698160cfb37ef4972c348d69464531d97cfd8ebf
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de
46e4f04042e77435de08e0cd0d961786f5415fd9c6e8fbc569f2faafb0d01230
481614731c7e4ab5af6be3df2f373c4b3175f4ffbabfa7a56d0f561c43514e02
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4906a6af959d89f594482bb8d02095fbee125bdef731f0b379d5ae5f47fde3a0
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e3c33de42319b360a25988a9e0230c6398298450d3240d278c1a20479759330
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5052c87ad0ab4cce937c19bb1247fb95ba0a5e42eac503d46deaa8d307463deb
50ab33fc354407ebf6a0bc0c49ddf4d38c33106a78d9f855269543ba55a095f9
50c3e329ea170bf0b7111f19c8a65894894e8a31991f5ee2672e59159e99165c
50f281054f51e964bf6421e043f3b3b61d077719e028f818e32cf11c51fc7a58
51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
55cfa0bac38750e4b58678e0c4a534c6aa030599aaf32420ecdfabf5b483b89b
566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861
57ac6747c7fcba8b85d3669603b64a5d9f517d21a4a636229b1902201768725b
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e61a5119fdb9f56d1bdfeb0a8900c49d8faabdb4482769df2168b94abea89f1
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
5ebc7550313f51029cd86227709777fbe6cc2c8928c595583c579cd95580146b
6037280596f1a3f5c6aa461bcb243656630dea5fae942c746bc418dba01f7d03
6153d00b79b60a4562a0dfdbbc6a46b042fe79e27978983d436ee575b05f3eb3
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
64bfe05478454245e962771172010666bc231cf7d0fa1e295627777d226e7724
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
65d247fd0ff06523bc6642757237f495db4d2ec1c364689535eae40ebe75c878
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67e4568c51ded6d9d5d2f620b7ad2bf6efbf6c70c0a29c87635c03ef28063066
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69ff013760515696c54749156ae5dba9f130fa01e2e355fec69a26e6d87f1892
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6dc4d2ff233255c8a11048eb95600d21e390d204b460953f487b031350192283
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
6f133e6f9ccc8483c12bd4b07b20794cf70d9499f1f9efc47e4503fe8c9433c7
70f3cc852c9c3849b93ab403bff853542df94d4421891b4f50aeacb24f9aeeef
747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1
7519c42804b627af1d8c19e82e3e6e6c2712f04229c09ff064ea842b52099f8b
7584930c1e7dc0018002b45bbe4b5c9b8571c9960796767f540e206df913b408
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
765a1665e4ef9385ae805fb5eb8fc6d92569d88e97631e38885de3325969c121
76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
787d1a0048a8b1129b00efa3dfd7a097a72b0aed1439957e9534f7e9f4827957
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b9333a0af497e8fb916a4aec7d447c960ce1d228320b611d1b0b4e7899de03f
7c82ae4146a7c576369bdd46cb33ecc1b6c818a355fa855a8419095425f25285
81b9b779c48bf74671ef9245a456c5218f459683113da939b72a1684ced93a1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c2c8f4f4dc175c96a1e1851a7de9582ab2acca94189f2a95396f232dd13861
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f5e70acd27202eb19096160862e3df7f2ba0b02c554fb6e369b09f10da9432
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8ce9e34a0fd0ad30ff61ec6b87e26c59f321a02845777a30f116183e109186e7
8cf90ba11fd9e74bb920bfd24facf0c72f4caee666547dce2a760063b65d19c1
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
9111e4bb992804c34001b0b095c1a25cfadf2bbd126cc9444f5d35dcd008567d
92b6560cecf4f3db9c875bafb1a79605fc7951a53c8ff19d3d1e4a824ffdc73e
948240da929defbe2f377b6a2173cf7c0988edc05972424cb3872abc739aa024
95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082
96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157
973f60869c6e37e5fadd3ba505c9471adcc1a6afeeb625d9352c036313da8f81
97c56217561cf3e434cd73c6136974b000b5fc4bd2c5183a5292d009d88736c7
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9de9f0b358f828f556c7808ee8c4d5cbc51617fbde8bf9dfe05f9f3d76f6fb88
9f5052cac86ab3ecf578f1776698daccfc5c78e58cbb8a5fa7b2be7a753f013f
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a29506b4cfbfcae55dd6d932ff8c48da7ba9c48413ccdbfc7392a80243795b99
a32097ad93a916167c322db80792af9cda488828b93bb6a9ee5df96f9dc0c826
a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79
a48d01207db36011a52ba50f8fdbef2c589fc97692a7f5c93d182f846dc77164
a609a93adbee494b64d02c70b406f9d2135fb5b4452f56cae3b5268c40f74fc4
a76b0a61d06ad8a36b31fd019535ec9ff8faaeac4b919939efe2398d5c36dbbd
a97547bd06173228035d6a9debd6c84618174108c6b4d5eb668d9137d7492b83
ab2707d8aaae8edb869b844986008b9c4823694951fa4a188daa854509475075
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac8d539fa2691c69c61152294bdd1bfb5c36c4235d4856ef737533f3f562ef17
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0b0dbfec18aecd0518daf2ae4b6d60b0b148de91978fd182e2831ce659b5a2
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b212b5d5a1ff05906a7bbe45ec1192cb7f8cb096da65573b94eb19e3d853bccd
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2a813d11a248bf55c2fafd4e1fbd9dc6586330c929033be2ece783c58157483
b37ebd2524191bf943476446276026a92083fe5bc43571eec11855c3872bd1af
b4ea46b6cfbc69750ecf59c99a561c15a8bf032e6d4a953d4ae7e26240564f7f
b5a1831fcfb64a7420796c5cb36662657aebc76981efd3c181c795e7ff828445
b68d680fe22c79281c483a6cff939bfb690bd8154752a75e1c0466e0826ff4dc
b81890ba37fa54ccad75765a9406b00c1e42415a0535930c81d460e132a171f7
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b9bcaca09934b3fa45954881e63165a9b3ded8206ed001b24fa80a52e59d907b
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
be275055d0c32419326f2c05c573f86c5ed37f2911cc48eea36cba9c378f8f59
be557052880037a1c160050458fc687e95a193799d58686f0e2eefc8b39f4f42
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
c0a7f8a6c5cfeb868d64f03eaef97662c90efdbc0d220803274cf918d7ec90d7
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c5e046f12a1b32eeca61d8ce95853fee40ff94d2432160ae885c58ba6b98e175
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
c70906f4f530165e348ba8f8caa338809a8311edaeb12c469e244df2f0b5c3be
c7392965572317dad5a1a140455b70234c7e0dccb55989d86a68acab462cd0dc
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cffee356eb5248eefcee6214fe5373fe8cfd8717dcd0bb63eea21f8fd26c4293
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3
d412633eff79e6c98071db76009c757dac23cceb0bdc0152355793fb1e501fb0
d52045a2174dd171da331dcfa3b406dc3c51df0fa73dec618157c439b7fd2630
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e7589d30adf674bd2f262122a9ae553bcd759c2eb324f34846cf24f411691d9b
e92fb6dc00e3c04e1f9af5a1554a33e2b3f2b1d7f9a9266066863a932437f0b9
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
ea84ab2383d29d6dd80acbbf3cc1a828ff978247d5fb5cc0e745af5fc8271d62
eae6a506c94896868cbf0a444b246e89641e8be3741e537915d11534811d3b2f
eaff775ad40803675c3df967fd79d70cfe3cca7b691c0c7a5e03bfdc0b2850ff
eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edc67cd79d95f519d3fc5be95f3165905fdddc3f03241af3d00e7c219d3291da
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40523779b3280cbc2a9889f72c36d50467115444181036c034eff72b952391e
f5043d86133eaa80a87cd126cffc2cd8966852387f243e02e3c4177ff298cbc7
f575780283d440de5559016657ced4cb6aed2d8a4c9cb4ce087957a49cb7cdb2
f5c21fe1321be6ade60c1aaa5a35dfdee5a74a170b54cfc2a8780be9a3857527
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fc8a49dcdd74ef560a8ba00e1bfef071a53bc361c4b6bbaecb69930893c5589c
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fca5eb2f7f0e369ce02c777e7c947f792a56d9cd843b274e5a535da2dc7211c8
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffeb33fc48ba9e85563d35557752bea7e4ed68690df9df0666a930e3ed0d5d4c

checkmarx.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

300 Requests

98 %HTTPS

72 %IPv6

28 Domains

48 Subdomains

36 IPs

4 Countries

8478 kBTransfer

15463 kBSize

46 Cookies

33 Outgoing links

Redirected requests

300 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

checkmarx.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

300
Requests

98 %
HTTPS

72 %
IPv6

28
Domains

48
Subdomains

36
IPs

4
Countries

8478 kB
Transfer

15463 kB
Size

46
Cookies

300 HTTP transactions
0 data transactions