www.tripwire.com Open in urlscan Pro
2606:4700::6812:1a3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know
Submission: On October 27 via api (October 27th 2024, 8:56:33 am UTC) from SA — Scanned from DE

Summary HTTP 67 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6812:1a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tripwire.com. The Cisco Umbrella rank of the primary domain is 579982.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.

This is the only time www.tripwire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700::68... 2606:4700::6812:1a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.225.78.53 13.225.78.53	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:ce00:4:d683:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
7	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	52.222.236.115 52.222.236.115	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
67	10

42 2606:4700::6812:1a3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tripwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-53.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:ce00:4:d683:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fortra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-115.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	tripwire.com www.tripwire.com — Cisco Umbrella Rank: 579982	2 MB
7	gstatic.com fonts.gstatic.com	56 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3434 consent-pref.trustarc.com — Cisco Umbrella Rank: 15711	35 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	326 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4352	28 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
2	fortra.com static.fortra.com — Cisco Umbrella Rank: 403553	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
67	9

	Domain	Requested by
42	www.tripwire.com	www.tripwire.com static.cloudflareinsights.com
7	fonts.gstatic.com	fonts.googleapis.com
5	consent.trustarc.com	www.tripwire.com consent.trustarc.com
3	www.googletagmanager.com	www.tripwire.com www.googletagmanager.com
3	static.addtoany.com	www.tripwire.com static.addtoany.com
2	region1.google-analytics.com	www.googletagmanager.com
2	static.fortra.com	www.tripwire.com
1	consent-pref.trustarc.com	consent.trustarc.com
1	fonts.googleapis.com	www.tripwire.com
1	static.cloudflareinsights.com	www.tripwire.com
67	10

This site contains links to these domains. Also see Links.

Domain
customers.tripwire.com
partners.tripwire.com
www.fortra.com
www.bitdefender.com
www.bleepingcomputer.com
www.abc.net.au
www.bbc.co.uk
www.theregister.com
twitter.com
www.linkedin.com
www.youtube.com
www.reddit.com

Subject Issuer	Validity	Valid
www.tripwire.com WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
static.fortra.com Amazon RSA 2048 M03	`2024-08-27` - `2025-09-25`	a year	crt.sh
static.addtoany.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know
Frame ID: 85A8C1DE83476C329000D5DE46141C8C
Requests: 64 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 35B8E7F7C0E0B53B84F7CD2DAB85133F
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: DFADA29ABA8F8B9C195E246DD9444490
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=advanced&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=ae6bb134-5c26-43f6-bcfd-4b3db8e8fbc4&userType=NEW
Frame ID: 435BF412986CE203FEFB9E9789724CE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Qilin Ransomware: What You Need To Know | Tripwire

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

drupal\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

2930 kB
Transfer

4584 kB
Size

2
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://customers.tripwire.com/customers
Title: Customer Portal

Search URL Search Domain Scan URL

URL: https://partners.tripwire.com/partners/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.fortra.com/about/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.fortra.com/about/our-leadership-team
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.fortra.com/about/newsroom
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/blog/hotforsecurity/ransomware-hits-the-big-issue-qilin-group-leaks-confidential-data/
Title: The Big Issue

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/qilin-ransomware-claims-attack-on-automotive-giant-yanfeng/
Title: Yanfeng

Search URL Search Domain Scan URL

URL: https://www.abc.net.au/news/2024-01-02/victoria-court-system-targeted-in-cyber-attack-russian-hackers/103272118
Title: Australian court service

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/news/articles/ceddqglk7qgo
Title: media

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2024/06/20/qilin_our_plan_was_to/
Title: interviews

Search URL Search Domain Scan URL

URL: https://www.fortra.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/tripwireinc
Title: X Find us on X

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tripwire/%20class=
Title: LinkedIn Find us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tripwireinc
Title: Youtube Find us on Youtube

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Fortra/
Title: Reddit Find us on Reddit

Search URL Search Domain Scan URL

URL: https://www.fortra.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fortra.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.fortra.com/impressum
Title: Impressum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request qilin-ransomware-what-you-need-know Show response
www.tripwire.com/state-of-security/ 57 KB
14 KB 177ms
137ms Document
text/html 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf22f75feb172d9daa6844d8ff686111bba7832762294462b63056f90f6c2494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 53
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 8d91791e5b3468fe-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Sun, 27 Oct 2024 08:56:29 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sun, 27 Oct 2024 08:55:35 GMT
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary: Accept-Encoding, Cookie, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-hjq7k
x-served-by: cache-chi-kigq8000065-CHI, cache-fra-eddf8230097-FRA
x-styx-req-id: 3b360279-9441-11ef-a265-f62c5b3284af
x-timer: S1730019389.197209,VS0,VE109

GET
H2 200 security_landscape.png
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 158 KB
158 KB 31ms
30ms Image
image/png 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/images/security_landscape.png

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81984ce57cf65fec51c4961c73ece1fb00b1c570de24ef0616785852d45cacfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-m9l26
cf-cache-status: DYNAMIC
etag: "671aac45-277d4"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 20:21:25 GMT
x-served-by: cache-chi-klot8100169-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 6, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.338848,VS0,VE5
x-styx-req-id: 47ac8b91-9246-11ef-bf66-f67a04588b76
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791f4baa68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 161748
server: cloudflare

GET
H2 200 css_eEbQ5KPWtT46fHPVcdCvOTQifY49A98deo-0caMN-Ds.css
www.tripwire.com/sites/default/files/css/ 6 KB
2 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/sites/default/files/css/css_eEbQ5KPWtT46fHPVcdCvOTQifY49A98deo-0caMN-Ds.css?delta=0&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d192ebb5e57806a39ffa23ec8c53dc291dc0082f2d5400c4cec159a64c0612e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-zlxkv
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aad7b-1874"
age: 217787
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 20:26:35 GMT
x-served-by: cache-chi-kigq8000100-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 6, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.333311,VS0,VE3
x-styx-req-id: 47ae650f-9246-11ef-9590-06bb26699794
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791f4ba768fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 2114
server: cloudflare

GET
H2 200 css_cdl9pf4Dy-yIlIvhXclDDsX374RM8WQxh61nq-JGhVU.css
www.tripwire.com/sites/default/files/css/ 18 KB
5 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/sites/default/files/css/css_cdl9pf4Dy-yIlIvhXclDDsX374RM8WQxh61nq-JGhVU.css?delta=1&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0467194e2db2010bf07204a4fa4a2d5c48ee8bbff88496be04a6ef1dbb46dda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-zg964
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aad7b-483f"
age: 217787
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 20:26:35 GMT
x-served-by: cache-chi-kigq8000146-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 9, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.337117,VS0,VE3
x-styx-req-id: 47aef57b-9246-11ef-8d70-6a89781253c1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791f4ba968fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 5421
server: cloudflare

GET
H2 200 css_p4FGHNtGdU_0yBN1v6021NEdntTvJGpr5_8Unhz-9gs.css
www.tripwire.com/sites/default/files/css/ 566 B
556 B 46ms
45ms Stylesheet
text/css 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/sites/default/files/css/css_p4FGHNtGdU_0yBN1v6021NEdntTvJGpr5_8Unhz-9gs.css?delta=2&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0f011847dded3545c5762cecd211f53cc41554e2cd72d5e00d690f67d0b74ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-m9l26
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aad6e-236"
age: 217787
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 20:26:22 GMT
x-served-by: cache-chi-kigq8000105-CHI, cache-fra-eddf8230121-FRA
x-cache-hits: 7, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.494072,VS0,VE4
x-styx-req-id: 47d404ec-9246-11ef-bf66-f67a04588b76
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3d68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 327
server: cloudflare

GET
H2 200 css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css
www.tripwire.com/sites/default/files/css/ 732 KB
142 KB 30ms
30ms Stylesheet
text/css 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcede7c1f32a39ac2f4785a4f1fc8a993ec38bfcf5bb1cba09e83c38026838d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-zg964
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aad6d-b6fc4"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 20:26:21 GMT
x-served-by: cache-chi-klot8100108-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 6, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.351739,VS0,VE4
x-styx-req-id: 47ae5e5b-9246-11ef-8d70-6a89781253c1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791f5bb368fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 144440
server: cloudflare

GET
H2 200 notice Show response
consent.trustarc.com/ 15 KB
6 KB 106ms
76ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&js=nj&noticeType=bb&gtm=1&text=true&pn=2&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

0dc8e3253c773037ce73f9a08809654ba38b050f56bfd2c4fb39286d6ac7fb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3600
access-control-expose-headers: *
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 5880
x-amz-cf-id: 5CsayYm1ea6gim-2EnQFyPSKahScpdrbatdT5NfK7sCALIXz90ALgg==
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C2

GET
H2 200 fortra-logo-full.svg
static.fortra.com/fortra-global-assets/ 2 KB
1 KB 26ms
24ms Image
image/svg+xml 2600:9000:225e:ce00:4:d683:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fortra.com/fortra-global-assets/fortra-logo-full.svg?l=1245329509
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd734ba3e15301099dcc5c397caf3c65a83de25ecf7d5f78d1c7849b824e5fff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: gzip
x-amz-version-id: 4WWw9.foC6HagcaJQqvH3odEO1Dw_1P3
etag: W/"4ac7a86c0a175061e8d720ffc640c014"
age: 2308
x-cache: Hit from cloudfront
x-amz-cf-id: D0oY2_gDmjcyF6UBGVOH1MxccOcBYcJOf8Fccchwz6bMEhwqj6k8vQ==
date: Sun, 27 Oct 2024 08:18:02 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 30 May 2024 20:25:08 GMT
x-amz-id-2: XZPMdig/1Gc6Hn54UA1nD9h8vS0MT0+rSlNZDfg6ZNgCIQJrOp4tTYjMo7WELsFIyCDKtC0tujvyEVHKosZbTNVXgF39b4fliLZ5xvqal5w=
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: ZAQ1QGGYQHSRVFEP
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fortra-logo-small.svg
static.fortra.com/fortra-global-assets/ 923 B
1 KB 106ms
27ms Image
image/svg+xml 2600:9000:225e:ce00:4:d683:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fortra.com/fortra-global-assets/fortra-logo-small.svg?l=411803405
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90bd0cf0a38f1a8bc611c41efeebf569d1de1b5cb3100a8727122c590e018675

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

x-amz-version-id: sDkTwiADsb7o1pbS9An_i3cfnlzeXIyA
etag: "332edc5730861cdd5763b00d19388299"
age: 1463
x-cache: Hit from cloudfront
x-amz-cf-id: S-RDCjuqvDYyFTItfnzwWOX5-459DTnnrru7bSV_5AioLlyc2PVzJw==
date: Sun, 27 Oct 2024 08:32:07 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 16 Nov 2023 17:28:56 GMT
x-amz-id-2: cA7f6dNXPmmK2Nztz9tQKFE3YCOs7/ZefpvmGeep21NErsgEEl6tK8a7gVPxFWck9bzBYxxse2w=
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: EZPPBRGMW4G4R4GX
accept-ranges: bytes
content-length: 923
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 tripwire-dark-bg.svg
www.tripwire.com/themes/custom/tripwire/images/ 7 KB
3 KB 43ms
41ms Image
image/svg+xml 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/themes/custom/tripwire/images/tripwire-dark-bg.svg

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5bcab0c22a0cb3bbc8dab11bd05d301c127a9f1c4f4e24abcae4232a209a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-znw7k
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac45-1d19"
age: 217787
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Oct 2024 20:21:25 GMT
x-served-by: cache-chi-kigq8000046-CHI, cache-fra-eddf8230150-FRA
x-cache-hits: 7, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.490733,VS0,VE4
x-styx-req-id: 47dba4a6-9246-11ef-99df-3eb11e256af2
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3c68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2629
server: cloudflare

GET
H2 200 logo.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/images/logo.svg

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd4bdc0592b9e477b5705975275206ab14339a7ef422c450fa92ad4983b0a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-zlxkv
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-6a3"
age: 217786
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100101-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 6, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.352159,VS0,VE4
x-styx-req-id: af408567-9245-11ef-9590-06bb26699794
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791f5bb568fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 777
server: cloudflare

GET
H2 200 email-decode.min.js Show response
www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 11ms
11ms Script
application/javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67180f7e-4d7"
x-content-type-options: nosniff
cf-ray: 8d91791f8bd968fe-FRA
expires: Tue, 29 Oct 2024 08:56:29 GMT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 20:47:58 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 jquery.min.js Show response
www.tripwire.com/core/assets/vendor/jquery/ 85 KB
35 KB 27ms
27ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/assets/vendor/jquery/jquery.min.js?v=3.7.1

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-cr4rg
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3d-155ed"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:17 GMT
x-served-by: cache-chi-klot8100078-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 8, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.391785,VS0,VE8
x-styx-req-id: 47b1925f-9246-11ef-9ae7-32be1daabea2
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791fabe768fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 35430
server: cloudflare

GET
H2 200 once.min.js Show response
www.tripwire.com/core/assets/vendor/once/ 1 KB
975 B 24ms
23ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/assets/vendor/once/once.min.js?v=1.0.1

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-clr87
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3b-54d"
age: 217788
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:15 GMT
x-served-by: cache-chi-kigq8000041-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 9, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.426287,VS0,VE3
x-styx-req-id: 47b21a7c-9246-11ef-b8d4-9a65522c32c1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d91791fdc0068fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 718
server: cloudflare

GET
H2 200 drupalSettingsLoader.js Show response
www.tripwire.com/core/misc/ 691 B
619 B 48ms
48ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/misc/drupalSettingsLoader.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-ld9g8
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3b-2b3"
age: 217788
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:15 GMT
x-served-by: cache-chi-klot8100106-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 1, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.454553,VS0,VE2
x-styx-req-id: af4089fe-9245-11ef-8655-7eb59d2dd4c9
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179200c1468fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 392
server: cloudflare

GET
H2 200 drupal.js Show response
www.tripwire.com/core/misc/ 21 KB
7 KB 27ms
26ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/misc/drupal.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-hfssn
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac4b-5241"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:31 GMT
x-served-by: cache-chi-klot8100111-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 7, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.456952,VS0,VE5
x-styx-req-id: 47afce0b-9246-11ef-be0d-6e139f02b313
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179200c1768fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 7270
server: cloudflare

GET
H2 200 drupal.init.js Show response
www.tripwire.com/core/misc/ 960 B
1 KB 26ms
23ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/misc/drupal.init.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-xsn9s
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3d-3c0"
age: 31123
expires: Sat, 25 Oct 2025 20:26:20 GMT
x-cache: MISS, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:17 GMT
x-served-by: cache-chi-kigq8000096-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 0, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.474889,VS0,VE3
x-styx-req-id: 3b2a34b8-9246-11ef-96cd-c65082232e83
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2568fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 508
server: cloudflare

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 38ms
19ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7980d9a797beb21fbeb086d8f294ad7b"
age: 20717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpkBeMhuPkQZlsSfwVBjW7v6hzlBmU%2FTv6eqKgEvR66JGRkcJFnUvMMXjGqiYoEIRJmd8TOKDlPfwRv4dE%2FBikXHx46cf1f5ppfHzdkWaa3OhbRe953hi%2FOuRsl2XJb2bZYBskKJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d9179204e46db9b-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 debounce.js Show response
www.tripwire.com/core/misc/ 1 KB
969 B 29ms
26ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/core/misc/debounce.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08917ce03bf43e31f728f6aa830cd2f8d252e39a8f6d769578f07b500c3eb87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-d6kgt
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3b-5d0"
age: 217787
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:15 GMT
x-served-by: cache-chi-kigq8000068-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 1, 9
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.478353,VS0,VE4
x-styx-req-id: af40b954-9245-11ef-934f-6ae6a8918bbb
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2768fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 697
server: cloudflare

GET
H2 200 popper.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 21 KB
8 KB 35ms
32ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/popper.min.js?slvnfu

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-d6kgt
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac45-52f1"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:25 GMT
x-served-by: cache-chi-klot8100103-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 8, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.483070,VS0,VE4
x-styx-req-id: 47af081e-9246-11ef-934f-6ae6a8918bbb
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2868fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 8365
server: cloudflare

GET
H2 200 accessible-nav.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 6 KB
2 KB 30ms
27ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/accessible-nav.js?slvnfu

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50be820de886ca2746d2811daadfed53b75332624517ab318585e7eb1bb8ea04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-h9wkz
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-19ff"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-kigq8000030-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 8, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.477919,VS0,VE4
x-styx-req-id: 47af9098-9246-11ef-9f2c-3a98e06bbaa3
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2968fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 2084
server: cloudflare

GET
H2 200 faqs.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 1 KB
648 B 38ms
35ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/faqs.js?slvnfu

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6664321569126983b6dc3cd001887c2a6ad4c6210f2624dbdfb241461d74d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-hfssn
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-41a"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100066-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 9, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.484173,VS0,VE5
x-styx-req-id: 47afcfb3-9246-11ef-be0d-6e139f02b313
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2b68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 392
server: cloudflare

GET
H2 200 stacktable.js Show response
www.tripwire.com/libraries/stacktable/ 8 KB
3 KB 32ms
29ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/libraries/stacktable/stacktable.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-hfssn
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3d-201b"
age: 217788
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:17 GMT
x-served-by: cache-chi-kigq8000168-CHI, cache-fra-eddf8230032-FRA
x-cache-hits: 1, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.481991,VS0,VE3
x-styx-req-id: af41c004-9245-11ef-be0d-6e139f02b313
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2c68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 2372
server: cloudflare

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 10 KB
4 KB 39ms
36ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/global.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a6bac964bdad37a01570b13d9548ab10621dbbde48db16aa6c339f28a1f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-w2hmf
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-29f7"
age: 217788
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100045-CHI, cache-fra-eddf8230087-FRA
x-cache-hits: 8, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.485895,VS0,VE4
x-styx-req-id: 47b1acd9-9246-11ef-ae88-0e01b08e9924
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2d68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 3600
server: cloudflare

GET
H2 200 iframeResizer.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 13 KB
6 KB 29ms
26ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-znw7k
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-34f8"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-kigq8000153-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 8, 4
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.479471,VS0,VE2
x-styx-req-id: 47b0ee59-9246-11ef-99df-3eb11e256af2
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2e68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 5880
server: cloudflare

GET
H2 200 pardot-iframe.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 26 B
294 B 34ms
31ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/pardot-iframe.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-b4xjq
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac45-1a"
age: 217788
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:25 GMT
x-served-by: cache-chi-klot8100159-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 8, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.483736,VS0,VE3
x-styx-req-id: 47b22212-9246-11ef-8c1c-dee740a65a0a
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c2f68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 46
server: cloudflare

GET
H2 200 widget.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 8 KB
3 KB 34ms
32ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-d6kgt
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-2162"
age: 217788
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100040-CHI, cache-fra-eddf8230076-FRA
x-cache-hits: 1, 6
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.485496,VS0,VE3
x-styx-req-id: af418bb4-9245-11ef-934f-6ae6a8918bbb
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179202c3068fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 3113
server: cloudflare

GET
H2 200 widget-code.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 1 KB
870 B 37ms
35ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget-code.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-clr87
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-5c3"
age: 217788
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100030-CHI, cache-fra-eddf8230092-FRA
x-cache-hits: 6, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.486807,VS0,VE2
x-styx-req-id: 47b14459-9246-11ef-b8d4-9a65522c32c1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3268fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 659
server: cloudflare

GET
H2 200 barrio.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 939 B
646 B 42ms
40ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/composer/bootstrap_barrio/js/barrio.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc08d5788eb290f3da4da3fb3ece34d347bea310b5a75117aa27a364b9b6101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-k8hfp
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3f-3ab"
age: 217788
expires: Sat, 25 Oct 2025 20:22:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:19 GMT
x-served-by: cache-chi-klot8100136-CHI, cache-fra-eddf8230032-FRA
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.487056,VS0,VE6
x-styx-req-id: af4300f2-9245-11ef-a9e9-16d4b11ce865
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3368fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 396
server: cloudflare

GET
H2 200 affix.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 1 KB
1 KB 42ms
40ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/composer/bootstrap_barrio/js/affix.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642a89d4c0baf5122e5f2e568900187b072977596ac62bbbff2c8bdbfcd7b79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-gwm87
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3e-404"
age: 217788
expires: Sat, 25 Oct 2025 20:26:21 GMT
x-cache: MISS, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:18 GMT
x-served-by: cache-chi-klot8100154-CHI, cache-fra-eddf8230051-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.489858,VS0,VE4
x-styx-req-id: 3bb5166d-9246-11ef-bfd2-d2262e5583ea
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3568fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 490
server: cloudflare

GET
H2 200 bootstrap.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 61 KB
19 KB 41ms
39ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/js/bootstrap.min.js?slvnfu

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-tmsbz
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-f463"
age: 217788
expires: Sat, 25 Oct 2025 20:26:41 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100144-CHI, cache-fra-eddf8230049-FRA
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.489812,VS0,VE3
x-styx-req-id: 47b08e6f-9246-11ef-83cd-4a99526bc4d8
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3668fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 19305
server: cloudflare

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/tripwire/js/ 1 KB
916 B 42ms
40ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/tripwire/js/global.js?v=10.3.6

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6ea3749c8bdfaf05c751f00f3a2cc02ff6e5163cad607cdeb6f964eb3f7e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-zg964
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-5f0"
age: 217788
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100075-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 8, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.487896,VS0,VE5
x-styx-req-id: 47b1937c-9246-11ef-8d70-6a89781253c1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3768fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 632
server: cloudflare

GET
H2 200 better_exposed_filters.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 1 KB
739 B 42ms
40ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/modules/composer/better_exposed_filters/js/better_exposed_filters.js?v=6.x

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0c7e45a2a21230703828b4be828d5d81ed7c85e6cf881da1a42d7c6f1c9cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-dbdts
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3d-40b"
age: 217788
expires: Sat, 25 Oct 2025 20:22:25 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:17 GMT
x-served-by: cache-chi-kigq8000081-CHI, cache-fra-eddf8230142-FRA
x-cache-hits: 7, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.489131,VS0,VE3
x-styx-req-id: aebd0765-9245-11ef-9d40-eeb635b720b1
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3868fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 488
server: cloudflare

GET
H2 200 auto_submit.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 4 KB
2 KB 43ms
41ms Script
application/x-javascript 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/modules/composer/better_exposed_filters/js/auto_submit.js?v=6.x

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b8a851688b2b102b98f7f497f1603bd7a8204408aa07b41fd406e28e9af26d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-ld9g8
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac3d-113d"
age: 217788
expires: Sat, 25 Oct 2025 20:26:22 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 20:21:17 GMT
x-served-by: cache-chi-klot8100149-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019389.491556,VS0,VE3
x-styx-req-id: 3bcd5ee2-9246-11ef-8655-7eb59d2dd4c9
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179203c3a68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 1811
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 36ms
18ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d9179204d7ddcb2-FRA
access-control-allow-origin: *
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
2 KB 65ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21d28329bee038ef4160232a6060de918107ec67d30e7922c01947aa0bb4bdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 08:56:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 27 Oct 2024 08:56:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
105 KB 129ms
84ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMS49C8

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a72df3a16bb9820068d52df51eaa76bcdb04aa7f04a58def4ceeddc89e88449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 27 Oct 2024 08:56:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 27 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106739
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 66ms
42ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 465567
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 fa-sharp-light-300.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 354 KB
355 KB 28ms
27ms Font
font/woff2 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-light-300.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af937301b20d4f7bd7b84b07dd3cb9c5a2c35af0bcc6a0469adebff15381505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-w2hmf
cf-cache-status: DYNAMIC
etag: "671aac43-58954"
age: 217787
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230076-FRA
x-cache-hits: 0, 1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.529055,VS0,VE4
x-styx-req-id: 47fd6b35-9246-11ef-ae88-0e01b08e9924
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c6a68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 362836
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 75ms
51ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 403355
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:53:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:53:54 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 53ms
30ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 404409
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:36:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:36:20 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H2 200 fa-sharp-solid-900.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 251 KB
252 KB 68ms
67ms Font
font/woff2 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-solid-900.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5092d37720c5a4b6b7b4768599df2e43ed0c19b7502f20800500948125d9df89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-h9wkz
cf-cache-status: DYNAMIC
etag: "671aac43-3edd8"
age: 217787
expires: Sat, 25 Oct 2025 20:26:43 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100118-CHI, cache-fra-eddf8230097-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.529886,VS0,VE5
x-styx-req-id: 4873ebdb-9246-11ef-9f2c-3a98e06bbaa3
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c6b68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 257496
server: cloudflare

GET
H2 200 fa-sharp-regular-400.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 320 KB
321 KB 67ms
66ms Font
font/woff2 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-regular-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6dbea358c770232d65488985fbebe3d3f4d75949c9fdcc293c316388545098b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-xsn9s
cf-cache-status: DYNAMIC
etag: "671aac43-500e8"
age: 217787
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100079-CHI, cache-fra-eddf8230142-FRA
x-cache-hits: 5, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.531906,VS0,VE3
x-styx-req-id: 4847d4fc-9246-11ef-96cd-c65082232e83
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c6d68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 327912
server: cloudflare

GET
H3 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 57ms
32ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 404286
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:38:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:38:23 GMT
last-modified: Fri, 22 Mar 2024 00:00:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8668
x-xss-protection: 0
server: sffe

GET
H3 200 pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 54ms
29ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 403140
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:57:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:57:29 GMT
last-modified: Fri, 22 Mar 2024 00:00:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8596
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 60ms
37ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 403531
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:50:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:50:58 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 9 KB
9 KB 62ms
37ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 404543
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:34:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:34:06 GMT
last-modified: Fri, 22 Mar 2024 00:01:04 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8724
x-xss-protection: 0
server: sffe

GET
H2 200 fa-light-300.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 419 KB
420 KB 73ms
72ms Font
font/woff2 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-light-300.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-ld9g8
cf-cache-status: DYNAMIC
etag: "671aac43-68d70"
age: 217787
expires: Sat, 25 Oct 2025 20:22:25 GMT
x-cache: MISS, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-kigq8000110-CHI, cache-fra-eddf8230051-FRA
x-cache-hits: 0, 1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.534719,VS0,VE8
x-styx-req-id: aec574d1-9245-11ef-8655-7eb59d2dd4c9
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c7468fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 429424
server: cloudflare

GET
H2 200 fa-brands-400.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 108 KB
109 KB 45ms
45ms Font
font/woff2 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-brands-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/sites/default/files/css/css_qes_5s3f3KZMQpslIHUNK0TLd62G5ai6Dzuz5r93_ck.css?delta=3&language=en&theme=tripwire&include=eJxlj0FuxDAIRS_kxlUuZEHMOKi2sQBrOrevpVlMlWwf7wP_tHRMc2kJqxw_Fs8LCB_gTy6Jfp26sfT_6mUS7GVOLSIYhYeoK6QBSt3T_r3vsVRBqF_mr8q9BBRxW85ICKos17krjycrXflaCWXFTotZ54C6fcg2-5hY2U7K9wNdMoVGmSE-uDrpdsDw9fpdRSXIh86GAcmXunoOMcrpnbRYqJNCvUdX8_YH3MCL8g

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-k8hfp
cf-cache-status: DYNAMIC
etag: "671aac41-1b154"
age: 217787
expires: Sat, 25 Oct 2025 20:26:42 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 20:21:21 GMT
x-served-by: cache-chi-kigq8000097-CHI, cache-fra-eddf8230049-FRA
x-cache-hits: 8, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.531997,VS0,VE3
x-styx-req-id: 47fe5d3c-9246-11ef-a9e9-16d4b11ce865
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c7568fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 110932
server: cloudflare

GET
H2 200 qilin.jpg
www.tripwire.com/sites/default/files/2024-06/ 142 KB
143 KB 42ms
40ms Image
image/jpeg 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/sites/default/files/2024-06/qilin.jpg

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0700c9d23065ac37866715b9265094f1869a35553ed7f8384b00cbcf14b55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-74fc78c4c8-wkl6x
cf-cache-status: DYNAMIC
etag: "667440ad-236c6"
age: 214259
expires: Thu, 21 Aug 2025 11:18:33 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/jpeg
last-modified: Thu, 20 Jun 2024 14:46:05 GMT
x-served-by: cache-chi-kigq8000166-CHI, cache-fra-eddf8230092-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.529712,VS0,VE4
x-styx-req-id: f00a329b-5ee5-11ef-9638-d651fbda6b82
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c6f68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 145094
server: cloudflare

GET
H2 200 qilin-ransom-note.jpeg
www.tripwire.com/sites/default/files/2024-06/ 262 KB
262 KB 142ms
140ms Image
image/jpeg 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/sites/default/files/2024-06/qilin-ransom-note.jpeg

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63a0c8b14cc603b86e8e2af5f0e134a5c8ac8a96402460b643465297dc6f20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-779b66bbcf-xgghz
cf-cache-status: DYNAMIC
etag: "6675309d-41619"
age: 214259
expires: Sun, 22 Jun 2025 07:49:56 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/jpeg
last-modified: Fri, 21 Jun 2024 07:49:49 GMT
x-served-by: cache-chi-kigq8000031-CHI, cache-fra-eddf8230031-FRA
x-cache-hits: 1, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.533171,VS0,VE110
x-styx-req-id: da827865-2fa2-11ef-a8c7-22c6aab8deee
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c7168fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 267801
server: cloudflare

GET
H2 200 synnovis-leak.jpeg
www.tripwire.com/sites/default/files/2024-06/ 179 KB
179 KB 151ms
150ms Image
image/jpeg 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/sites/default/files/2024-06/synnovis-leak.jpeg

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72155643b65be268a521f880f94bd08fda77c5c98e0f9612079e6a7ff79007a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-96b8c6b8b-bvx8j
cf-cache-status: DYNAMIC
etag: "667530b5-2cbd8"
age: 214259
expires: Mon, 15 Sep 2025 09:27:26 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/jpeg
last-modified: Fri, 21 Jun 2024 07:50:13 GMT
x-served-by: cache-chi-klot8100101-CHI, cache-fra-eddf8230087-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.531140,VS0,VE112
x-styx-req-id: 8e4f87d7-727b-11ef-b360-92ad4b97fafb
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c7268fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 183256
server: cloudflare

GET
H2 200 graham-cluley_profile_pic.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/ 2 KB
3 KB 44ms
42ms Image
image/jpeg 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/graham-cluley_profile_pic.jpg?itok=ffTH8VnN

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb67fac14a3ff2580053f5a7e7b1b81d143e3de1e602748e0334c392a5396ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100051_CHI
x-pantheon-styx-hostname: styx-fe4-b-6478bf8859-sz8g6
cf-cache-status: DYNAMIC
etag: "65c40146-8bd"
age: 217783
expires: Sun, 02 Mar 2025 02:19:08 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/jpeg
last-modified: Wed, 07 Feb 2024 22:16:38 GMT
x-served-by: cache-chi-klot8100051-CHI, cache-fra-eddf8230032-FRA
x-cache-hits: 1, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
backend-name: 140.248.77.51,443
x-timer: S1730019390.531769,VS0,VE4
x-styx-req-id: 15dab3bd-d772-11ee-8c6e-a20617c12b96
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179207c7368fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 2237
server: cloudflare

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 35B8 0
0 47ms
37ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 20853
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8d917920ace84da8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 27 Oct 2024 08:56:29 GMT
last-modified: Sun, 27 Oct 2024 03:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwgstDNBq7gIB9K6rXZKosEfyMZwD68kCR2d9WdYednAxl5KM%2BJ4VTQCikOej3sT7Gqo9vFQv5OVR9wmRcXbbXKBrSqWGGMlsUv8y8ztpp3%2FaXeWwJL63QZuTMf1WI1rJAvls5mK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.m4v434v2.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 60ms
51ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.m4v434v2.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"a4f330a2c6b3bd08f77e32260990108f"
age: 1628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RcLVbgEcGo66%2BGtP6lzkvAqaOKN8D%2FQl2WSzymM1nKZp2ixLNVuoQQe9YS7DOxu2Qwx0DowgOQyZMi5V973omWcnBsmbdmXAfXl%2F2HCuAogZZ0Rrr6WwXW7PhoNovrxFAdR4eaTF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d91792098685d8d-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 v1.7-532 Show response
consent.trustarc.com/asset/notice.js/v/ 95 KB
28 KB 18ms
12ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-532

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&js=nj&noticeType=bb&gtm=1&text=true&pn=2&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

0611221e6c284313f20f76ffb5b1cd2122dc5e95efc8d84c64902f044dda905a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.tripwire.com
Referer: https://www.tripwire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=2592000
access-control-expose-headers: *
content-encoding: gzip
pragma: public
age: 1551
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 3dOooccOzzphzWvByFb_yKir9rXft0azN8S1k6GIpp5M2oFKCD48gw==
date: Sun, 27 Oct 2024 08:30:39 GMT
content-type: text/javascript
last-modified: Wed, 23 Oct 2024 02:45:25 GMT
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C2

GET
H2 200 get
consent.trustarc.com/ Frame DFAD 0
0 36ms
10ms Document
text/html 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1452
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Sun, 27 Oct 2024 08:32:17 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-id: _XU8gOez2RL35OrRtZDf-gDBSxfU8Mg2dM8clkeF41LgBNVGV5sJFA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 63ms
40ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&session=ae6bb134-5c26-43f6-bcfd-4b3db8e8fbc4&userType=NEW&c=990b&referer=https://www.tripwire.com&language=de

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: lkZdLt0lQrhe3eA80cojMSUzGUa_zJ1gAeeXkUEW50OMvj1n0-Vubw==
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/gif
x-amz-cf-pop: FRA2-C2
vary: Origin

GET
H2 200 /
consent-pref.trustarc.com/ Frame 435B 0
0 75ms
39ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=advanced&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=ae6bb134-5c26-43f6-bcfd-4b3db8e8fbc4&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Sun, 27 Oct 2024 08:56:29 GMT
expect-ct: max-age=86400; enforce;
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-id: EHJ6GsqB6GrUeMM39YJ84hrxCzQawrd-yyoOUj630hCQJbN_UHKPDg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
428 B 47ms
47ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.4645117702961572&session=ae6bb134-5c26-43f6-bcfd-4b3db8e8fbc4&userType=NEW&referer=https://www.tripwire.com

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: UZEfrhzWahVxQSsnBdWi0g-G13DgGZc49KsiXfE-eieFIWDKSkunqw==
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/gif
x-amz-cf-pop: FRA2-C2
vary: Origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 355 KB
113 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CM76E0XMNW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMS49C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1920b19ca1eb08f2aba7d136a36761149f62abc87e7ee20e31dc0d0eb84b986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 08:56:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115582
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
108 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMS49C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82f4103c54d1078da3dd93a5d8a79a34caa216b538ec86de2ef1a3f0ac5291a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 08:56:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110359
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 rum Show response
www.tripwire.com/cdn-cgi/ 0
183 B 14ms
12ms XHR
text/plain 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d917922ddcc68fe-FRA
access-control-allow-origin: https://www.tripwire.com
date: Sun, 27 Oct 2024 08:56:29 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 favicon.svg
www.tripwire.com/themes/custom/fortra_parent_2022/ 479 B
651 B 24ms
24ms Other
image/svg+xml 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36413ff4f8f0ccef8e54a810ebd7ec3625c6fda31716f7dc2fa9fe5da2ef97a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f998d8f5-hfssn
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"671aac43-1df"
age: 217782
expires: Sat, 25 Oct 2025 20:26:47 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Oct 2024 20:21:23 GMT
x-served-by: cache-chi-klot8100056-CHI, cache-fra-eddf8230150-FRA
x-cache-hits: 8, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.904313,VS0,VE3
x-styx-req-id: 4b24e18d-9246-11ef-be0d-6e139f02b313
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d917922ddcd68fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 336
server: cloudflare

GET
H2 200 favicon.ico
www.tripwire.com/themes/custom/fortra_parent_2022/ 15 KB
2 KB 28ms
27ms Other
image/x-icon 2606:4700::6812:1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/themes/custom/fortra_parent_2022/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a687650c8e56abe48c8ee0c232cfdd4ecff257c067669e9bf387b816c56781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/state-of-security/qilin-ransomware-what-you-need-know

Response headers

x-pantheon-styx-hostname: styx-fe4-a-746c76f549-xsn9s
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "671aac45-3aee"
age: 217768
expires: Sat, 25 Oct 2025 20:27:01 GMT
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 08:56:29 GMT
content-type: image/x-icon
last-modified: Thu, 24 Oct 2024 20:21:25 GMT
x-served-by: cache-chi-kigq8000054-CHI, cache-fra-eddf8230069-FRA
x-cache-hits: 4, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31622400
x-timer: S1730019390.935560,VS0,VE3
x-styx-req-id: 535c2a7e-9246-11ef-96cd-c65082232e83
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d9179230de168fe-FRA
permissions-policy: accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 1655
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 53ms
19ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CM76E0XMNW&gtm=45je4ao0v874937301z8865909572za200zb865909572&_p=1730019389456&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101533421~101823848&gdid=dNTIxZG&gtm_up=1&cid=529635010.1730019390&ul=de-de&are=1&frm=0&pscdl=denied&_geo=1&_rdi=1&_s=1&sid=1730019389&sct=1&seg=0&dl=https%3A%2F%2Fwww.tripwire.com%2Fstate-of-security%2Fqilin-ransomware-what-you-need-know&dt=Qilin%20Ransomware%3A%20What%20You%20Need%20To%20Know%20%7C%20Tripwire&en=page_view&_fv=1&_nsi=1&_ss=1&ep.tag_name=Google%20Analytics%204&ep.clean_path=%2Fstate-of-security%2Fqilin-ransomware-what-you-need-know&tfd=1226
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM76E0XMNW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.tripwire.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
22ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NHMHGJWX49&gtm=45je4ao0v9134213712z8865909572za200zb865909572&_p=1730019389456&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101533421~101823848&gdid=dNTIxZG&gtm_up=1&cid=529635010.1730019390&ul=de-de&are=1&frm=0&pscdl=denied&_geo=1&_rdi=1&_s=1&sid=1730019389&sct=1&seg=0&dl=https%3A%2F%2Fwww.tripwire.com%2Fstate-of-security%2Fqilin-ransomware-what-you-need-know&dt=Qilin%20Ransomware%3A%20What%20You%20Need%20To%20Know%20%7C%20Tripwire&en=page_view&_fv=1&_ss=1&ep.clean_path=%2Fstate-of-security%2Fqilin-ransomware-what-you-need-know&tfd=1234
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.tripwire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.tripwire.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 08:56:30 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tripwire.com/	1970-01-21 00:33:41	Name: TAsessionID Value: ae6bb134-5c26-43f6-bcfd-4b3db8e8fbc4\|NEW
			.tripwire.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=10.3.6(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://static.addtoany.com') does not match the recipient window's origin ('https://www.tripwire.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-pref.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
static.addtoany.com
static.cloudflareinsights.com
static.fortra.com
www.googletagmanager.com
www.tripwire.com
13.225.78.53
142.250.184.195
172.67.39.148
2001:4860:4802:32::36
2600:9000:225e:ce00:4:d683:27c0:93a1
2606:4700::6810:5049
2606:4700::6812:1a3
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
52.222.236.115
0467194e2db2010bf07204a4fa4a2d5c48ee8bbff88496be04a6ef1dbb46dda9
0611221e6c284313f20f76ffb5b1cd2122dc5e95efc8d84c64902f044dda905a
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
08917ce03bf43e31f728f6aa830cd2f8d252e39a8f6d769578f07b500c3eb87f
0b8a851688b2b102b98f7f497f1603bd7a8204408aa07b41fd406e28e9af26d3
0dc8e3253c773037ce73f9a08809654ba38b050f56bfd2c4fb39286d6ac7fb6f
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752
1cb67fac14a3ff2580053f5a7e7b1b81d143e3de1e602748e0334c392a5396ac
1cd3f28cdd95b9189601f65545a6fc9095734f3bf7d2f74f13e60d86fc86da77
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
1d6664321569126983b6dc3cd001887c2a6ad4c6210f2624dbdfb241461d74d6
1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736
21d28329bee038ef4160232a6060de918107ec67d30e7922c01947aa0bb4bdc6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a72df3a16bb9820068d52df51eaa76bcdb04aa7f04a58def4ceeddc89e88449
2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df
2dc08d5788eb290f3da4da3fb3ece34d347bea310b5a75117aa27a364b9b6101
36413ff4f8f0ccef8e54a810ebd7ec3625c6fda31716f7dc2fa9fe5da2ef97a5
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3bd4bdc0592b9e477b5705975275206ab14339a7ef422c450fa92ad4983b0a51
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4d192ebb5e57806a39ffa23ec8c53dc291dc0082f2d5400c4cec159a64c0612e
5092d37720c5a4b6b7b4768599df2e43ed0c19b7502f20800500948125d9df89
50be820de886ca2746d2811daadfed53b75332624517ab318585e7eb1bb8ea04
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547
577a6bac964bdad37a01570b13d9548ab10621dbbde48db16aa6c339f28a1f5c
58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327
5b5bcab0c22a0cb3bbc8dab11bd05d301c127a9f1c4f4e24abcae4232a209a42
642a89d4c0baf5122e5f2e568900187b072977596ac62bbbff2c8bdbfcd7b79f
6af937301b20d4f7bd7b84b07dd3cb9c5a2c35af0bcc6a0469adebff15381505
6e0700c9d23065ac37866715b9265094f1869a35553ed7f8384b00cbcf14b55a
7c6ea3749c8bdfaf05c751f00f3a2cc02ff6e5163cad607cdeb6f964eb3f7e91
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81984ce57cf65fec51c4961c73ece1fb00b1c570de24ef0616785852d45cacfb
82f4103c54d1078da3dd93a5d8a79a34caa216b538ec86de2ef1a3f0ac5291a8
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90bd0cf0a38f1a8bc611c41efeebf569d1de1b5cb3100a8727122c590e018675
923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a0f011847dded3545c5762cecd211f53cc41554e2cd72d5e00d690f67d0b74ae
a72155643b65be268a521f880f94bd08fda77c5c98e0f9612079e6a7ff79007a
a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a
b9a687650c8e56abe48c8ee0c232cfdd4ecff257c067669e9bf387b816c56781
c1920b19ca1eb08f2aba7d136a36761149f62abc87e7ee20e31dc0d0eb84b986
c6dbea358c770232d65488985fbebe3d3f4d75949c9fdcc293c316388545098b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf22f75feb172d9daa6844d8ff686111bba7832762294462b63056f90f6c2494
dd734ba3e15301099dcc5c397caf3c65a83de25ecf7d5f78d1c7849b824e5fff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f63a0c8b14cc603b86e8e2af5f0e134a5c8ac8a96402460b643465297dc6f20f
fa0c7e45a2a21230703828b4be828d5d81ed7c85e6cf881da1a42d7c6f1c9cba
fa2c31f1139ecdb4a5ee194df5b10f4844435639cdf791bebae6c49ee5b05089
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fcede7c1f32a39ac2f4785a4f1fc8a993ec38bfcf5bb1cba09e83c38026838d2
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

www.tripwire.com Open in urlscan Pro 2606:4700::6812:1a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

60 %IPv6

9 Domains

10 Subdomains

10 IPs

2 Countries

2930 kBTransfer

4584 kBSize

2 Cookies

18 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tripwire.com Open in urlscan Pro
2606:4700::6812:1a3 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

2930 kB
Transfer

4584 kB
Size

2
Cookies

67 HTTP transactions
0 data transactions