www.tripwire.com Open in urlscan Pro
2606:4700::6812:eb0 Public Scan

URL: https://customers.tripwire.com/customers
Title: Customer Portal

URL: https://partners.tripwire.com/partners/
Title: Partner Portal

URL: https://www.fortra.com/about/careers
Title: Careers

URL: https://www.fortra.com/about/our-leadership-team
Title: Leadership

URL: https://labs.withsecure.com/publications/darkgate-malware-campaign
Title: described

URL: https://en-gb.facebook.com/business/help/442345745885606
Title: enable

URL: https://labs.withsecure.com/publications/ducktail
Title: "Ducktail"

URL: https://info.tripwire.com/state-of-security-subscription-center

URL: https://www.fortra.com/privacy-policy
Title: Privacy Policy

URL: https://www.fortra.com/cookie-policy
Title: Cookie Policy

URL: https://www.fortra.com/impressum
Title: Impressum

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request phony-job-vacancy-targets-linkedin-users-darkgate-malware Show response
www.tripwire.com/state-of-security/ 51 KB
11 KB 188ms
77ms Document
text/html 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d7c8d458b993a472c85cbfc28fbade4c6c5a8d7715900a995b7a215447e4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1567
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 81cb798338885d7b-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 14:02:04 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 27 Oct 2023 11:35:40 GMT
server: cloudflare
vary: Accept-Encoding, Cookie, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
x-served-by: cache-chi-kigq8000092-CHI, cache-fra-eddf8230040-FRA
x-styx-req-id: f4ee0a6b-74bc-11ee-958f-72ff9156f6fc
x-timer: S1698415325.707935,VS0,VE2
x-ua-compatible: IE=edge

GET
H2 200 notice Show response
consent.trustarc.com/ 14 KB
6 KB 182ms
73ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f9739cc0542202e8e3d0f5cf3aad77e88d77dce023c23e045101fd3d0ba64643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5350
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: BE
timing-allow-origin: *
x-amz-cf-id: g9BuFh_L9RUwXW4yxCBAO7glXxhCSjBQSWwJ7Rc7GxNcN308hWJWTw==
expires: Fri, 27 Oct 2023 15:02:04 GMT

GET
H2 200 css_4IiiTqtlTFKeGhmvsfySMawp2rDRncxxOlXoTnhiO4M.css
www.tripwire.com/sites/default/files/css/ 10 KB
3 KB 113ms
112ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_4IiiTqtlTFKeGhmvsfySMawp2rDRncxxOlXoTnhiO4M.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e088a24eab654c529e1a19afb1fc9231ac29dab0d19dcc713a55e84e78623b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 22:32:02 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-84955cf4f5-xxx5v
content-length: 3090
x-served-by: cache-chi-klot8100145-CHI, cache-fra-eddf8230024-FRA
last-modified: Mon, 09 Oct 2023 20:44:48 GMT
server: cloudflare
x-timer: S1698415325.785145,VS0,VE2
etag: W/"65246640-26ca"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: aa9d15f8-66f3-11ee-b59c-fad5d868c988
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c9175d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 css_uwmONkHjy44a25_aOLRmdHVCokq6k2BEoWbzr0CUQU0.css
www.tripwire.com/sites/default/files/css/ 23 KB
7 KB 111ms
110ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_uwmONkHjy44a25_aOLRmdHVCokq6k2BEoWbzr0CUQU0.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb098e3641e3cb8e1adb9fda38b466747542a24aba936044a166f3af4094414d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 22:45:01 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-84955cf4f5-s85d9
content-length: 6763
x-served-by: cache-chi-klot8100022-CHI, cache-fra-eddf8230105-FRA
last-modified: Mon, 09 Oct 2023 20:44:48 GMT
server: cloudflare
x-timer: S1698415325.786609,VS0,VE2
etag: W/"65246640-5c5a"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 7b24b38a-66f5-11ee-99e8-062f6fe0a2e2
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c91a5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
www.tripwire.com/sites/default/files/css/ 812 KB
128 KB 62ms
61ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0407df423dd82ebef2eeeac6349a4fef10e3cbb4ae4c585326ddc9a8897a6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 130970
x-served-by: cache-chi-klot8100069-CHI, cache-fra-eddf8230040-FRA
last-modified: Mon, 09 Oct 2023 20:44:39 GMT
server: cloudflare
x-timer: S1698415325.778534,VS0,VE2
etag: W/"65246637-caf4c"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ea7ea7ba-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c91e5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 fortra-logo.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 1 KB
954 B 112ms
111ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/fortra-logo.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecf849595fcabd944cd51bed213d014bb5d70d619df4023f0089fa233de072c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:05 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62921
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 668
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698415325.784316,VS0,VE2
etag: W/"653acbdc-5cc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4efb5423-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c91f5d7b-FRA
x-cache-hits: 7, 1

GET
H2 200 tripwire-dark-bg.svg
www.tripwire.com/themes/custom/tripwire/images/ 7 KB
3 KB 112ms
111ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/tripwire/images/tripwire-dark-bg.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5bcab0c22a0cb3bbc8dab11bd05d301c127a9f1c4f4e24abcae4232a209a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62921
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 2629
x-served-by: cache-chi-kigq8000046-CHI, cache-fra-eddf8230124-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698415325.789778,VS0,VE2
etag: W/"653acbcd-1d19"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f03ef4-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c9215d7b-FRA
x-cache-hits: 4, 1

GET
H2 200 fta-delta-white.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 297 B
499 B 109ms
104ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/fta-delta-white.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62921
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 253
x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698415325.786438,VS0,VE2
etag: W/"653acbc9-129"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f06007-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c92e5d7b-FRA
x-cache-hits: 4, 1

GET
H2 200 linkedin.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-08/ 2 KB
2 KB 110ms
106ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-08/linkedin.jpg?itok=JigBC1Bu
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57eb69e9c8d33c3584a794a714a80cd0d10169bb197e4fa78ab1a06108789448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:11:39 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62529
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 1670
x-served-by: cache-chi-kigq8000089-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 17 Aug 2023 15:34:27 GMT
server: cloudflare
x-timer: S1698415325.798059,VS0,VE2
etag: "64de3e03-686"
content-type: image/jpeg
x-styx-req-id: 94d96289-7409-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c9315d7b-FRA
x-cache-hits: 5, 1

GET
H2 200 Job-scams-How-they-persuade-and-how-to-protect-yourself.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-01/ 2 KB
2 KB 110ms
106ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-01/Job-scams-How-they-persuade-and-how-to-protect-yourself.jpg?itok=cLVUCroT
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe265af7eda5df10de96bf5174b42524180c3b3bfce9dc4693298781d783be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 06 Sep 2024 14:43:01 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62528
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-cf6bccf8c-4hcf9
content-length: 1770
x-served-by: cache-chi-kigq8000164-CHI, cache-fra-eddf8230029-FRA
last-modified: Wed, 10 May 2023 08:21:19 GMT
server: cloudflare
x-timer: S1698415325.797327,VS0,VE2
etag: "645b53ff-6ea"
content-type: image/jpeg
x-styx-req-id: ae28a77a-4cc3-11ee-bb52-525979f45ebf
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c9325d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 Common-Social-Media-Scams-and-How-to-Avoid-Them.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-04/ 2 KB
2 KB 138ms
136ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2023-04/Common-Social-Media-Scams-and-How-to-Avoid-Them.jpg?itok=GjqaNX95
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c411eee99e8687621ea9747a708c67d9eab7e242118b1156d1c59c1c39a2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 14:17:13 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62028
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-6bd7fc469b-qmwbr
content-length: 1757
x-served-by: cache-chi-klot8100077-CHI, cache-fra-eddf8230029-FRA
last-modified: Wed, 17 May 2023 15:49:24 GMT
server: cloudflare
x-timer: S1698415325.829832,VS0,VE1
etag: "6464f784-6dd"
content-type: image/jpeg
x-styx-req-id: 10354f43-562e-11ee-b9a9-ca53a2c7b3f0
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409935d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 state-of-security-sidebar-cta-2.png
www.tripwire.com/themes/custom/tripwire/images/ 27 KB
27 KB 140ms
138ms Image
image/png 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/tripwire/images/state-of-security-sidebar-cta-2.png
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f184ce8fdc31bfda8bba63b8b76f07bc77c6c993c2e8ab2eab57f51d4c8c1419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 27614
x-served-by: cache-chi-klot8100137-CHI, cache-fra-eddf8230105-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698415325.830702,VS0,VE2
etag: "653acbdc-6bde"
content-type: image/png
x-styx-req-id: ea8732b8-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409955d7b-FRA
x-cache-hits: 23, 1

GET
H2 200 logo.svg
www.tripwire.com/themes/custom/fortra_parent_2022/images/ 1 KB
953 B 143ms
141ms Image
image/svg+xml 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/images/logo.svg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d701cd8539ccd07580c2dbd5904966347bb2769484b12dfc3fd1372d5e9668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:23 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62921
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 685
x-served-by: cache-chi-klot8100101-CHI, cache-fra-eddf8230024-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698415325.840132,VS0,VE2
etag: W/"653acbe0-5e2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: e8f0fb3b-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409975d7b-FRA
x-cache-hits: 22, 1

GET
H2 200 email-decode.min.js Show response
www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 48ms
43ms Script
application/javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tripwire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 17:55:16 GMT
server: cloudflare
etag: W/"65380504-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 81cb7983c9345d7b-FRA
expires: Sun, 29 Oct 2023 14:02:04 GMT

GET
H2 200 jquery.min.js Show response
www.tripwire.com/core/assets/vendor/jquery/ 88 KB
36 KB 109ms
105ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/jquery/jquery.min.js?v=3.6.3
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 36217
x-served-by: cache-chi-kigq8000160-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.785940,VS0,VE2
etag: W/"653acbd6-15f5b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea865efa-743e-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7983c9385d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 element.matches.js Show response
www.tripwire.com/core/misc/polyfills/ 284 B
427 B 146ms
142ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/polyfills/element.matches.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1559a8d7ea18f16e60f0e1c547bdeeb72d9e45834bab35060c17add9750593aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 208
x-served-by: cache-chi-klot8100024-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.833631,VS0,VE2
etag: W/"653acbd6-11c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea85f7b6-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984096a5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 object.assign.js Show response
www.tripwire.com/core/misc/polyfills/ 917 B
760 B 139ms
135ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/polyfills/object.assign.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cb1071734d4e8505251de42e4246d3a216f8430002f313f217bd0a03f37d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62917
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 495
x-served-by: cache-chi-klot8100106-CHI, cache-fra-eddf8230024-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.830080,VS0,VE0
etag: W/"653acbd6-395"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86bb2f-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984096d5d7b-FRA
x-cache-hits: 3, 3

GET
H2 200 once.min.js Show response
www.tripwire.com/core/assets/vendor/once/ 1 KB
953 B 115ms
111ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/once/once.min.js?v=1.0.1
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 718
x-served-by: cache-chi-kigq8000041-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.818496,VS0,VE1
etag: W/"653acbd6-54d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87573a-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984096e5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 jquery.once.min.js Show response
www.tripwire.com/core/assets/vendor/jquery-once/ 908 B
671 B 116ms
112ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.3
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da79754ccda7c241f56d5a82ed377c3384b58db3c718d9c1fd38843c47d8df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 452
x-served-by: cache-chi-kigq8000027-CHI, cache-fra-eddf8230024-FRA
last-modified: Thu, 26 Oct 2023 20:28:11 GMT
server: cloudflare
x-timer: S1698415325.815796,VS0,VE1
etag: W/"653acbdb-38c"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1bb079-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984096f5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 drupalSettingsLoader.js Show response
www.tripwire.com/core/misc/ 516 B
557 B 141ms
137ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupalSettingsLoader.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2952f321b6eed0df6098ad6d125468b0d02f3a48db5c5002317aad5e4eb0fdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62917
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-rdthk
content-length: 311
x-served-by: cache-chi-klot8100026-CHI, cache-fra-eddf8230105-FRA
last-modified: Thu, 26 Oct 2023 20:27:48 GMT
server: cloudflare
x-timer: S1698415325.828170,VS0,VE0
etag: W/"653acbc4-204"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1ce963-743e-11ee-8796-daea815b4acc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409725d7b-FRA
x-cache-hits: 4, 2

GET
H2 200 drupal.js Show response
www.tripwire.com/core/misc/ 6 KB
2 KB 146ms
143ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupal.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867ee5a948613ac97de43e7a202275dc70c5fe91b4cb8f9e2533e03f16b0e9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 2088
x-served-by: cache-chi-kigq8000073-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 26 Oct 2023 20:27:52 GMT
server: cloudflare
x-timer: S1698415325.853529,VS0,VE1
etag: W/"653acbc8-18c5"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86a243-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409745d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 drupal.init.js Show response
www.tripwire.com/core/misc/ 728 B
602 B 115ms
112ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/drupal.init.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6908b5b19c1f4e108f8a4544274e29369e04565fda82ae39e902d2f373bd841a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 401
x-served-by: cache-chi-klot8100086-CHI, cache-fra-eddf8230029-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.822134,VS0,VE2
etag: W/"653acbd6-2d8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea86de28-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409785d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 150ms
55ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:04 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 99106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:33 GMT
server: cloudflare
etag: W/"c09-60618514a9dca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 81cb79845b2a4d52-FRA

GET
H2 200 popper.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 21 KB
8 KB 109ms
106ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/popper.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 8365
x-served-by: cache-chi-klot8100045-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698415325.816839,VS0,VE1
etag: W/"653acbdc-52f1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87bd9c-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984097a5d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 bootstrap.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 61 KB
19 KB 115ms
111ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/bootstrap.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 19264
x-served-by: cache-chi-kigq8000048-CHI, cache-fra-eddf8230105-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698415325.821575,VS0,VE2
etag: W/"653acbe0-f3e8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea894e97-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984097b5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 stacktable.js Show response
www.tripwire.com/libraries/stacktable/ 8 KB
3 KB 139ms
135ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/libraries/stacktable/stacktable.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 2372
x-served-by: cache-chi-kigq8000130-CHI, cache-fra-eddf8230124-FRA
last-modified: Thu, 26 Oct 2023 20:28:08 GMT
server: cloudflare
x-timer: S1698415325.825723,VS0,VE2
etag: W/"653acbd8-201b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87110f-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984097e5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 6 KB
2 KB 143ms
140ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881410ee52aa6c774807d189bb8010708d7c17a871d337c32bfadfaf06dc9721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 2374
x-served-by: cache-chi-kigq8000035-CHI, cache-fra-eddf8230124-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698415325.839038,VS0,VE3
etag: W/"653acbcd-1950"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea869d5e-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984097f5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 iframeResizer.min.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 13 KB
6 KB 139ms
137ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-jgv7p
content-length: 5880
x-served-by: cache-chi-klot8100099-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698415325.830014,VS0,VE1
etag: W/"653acbcd-34f8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea870d67-743e-11ee-a13d-82414d93f872
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409805d7b-FRA
x-cache-hits: 2, 3

GET
H2 200 pardot-iframe.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 26 B
218 B 142ms
139ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/pardot-iframe.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 46
x-served-by: cache-chi-kigq8000176-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698415325.839088,VS0,VE2
etag: W/"653acbe0-1a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea87bdf4-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409825d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 widget.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 8 KB
3 KB 109ms
106ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-t8wgs
content-length: 3113
x-served-by: cache-chi-kigq8000029-CHI, cache-fra-eddf8230082-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698415325.822006,VS0,VE2
etag: W/"653acbdc-2162"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea878604-743e-11ee-b1ae-6e71d40c639a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409845d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 widget-code.js Show response
www.tripwire.com/themes/custom/fortra_parent_2022/js/ 1 KB
900 B 141ms
139ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/js/widget-code.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 659
x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698415325.832958,VS0,VE2
etag: W/"653acbcd-5c3"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8ab619-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409855d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 jquery.once.bc.js Show response
www.tripwire.com/core/misc/ 1 KB
788 B 144ms
141ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/jquery.once.bc.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677e31ab08602b0823fbeed9b5a72c62b3d1e630b28ae1f155ef2ad3c940ee0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 523
x-served-by: cache-chi-kigq8000049-CHI, cache-fra-eddf8230029-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.838929,VS0,VE2
etag: W/"653acbd6-4f3"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d7e8b-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409865d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 762 B
624 B 143ms
141ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/composer/bootstrap_barrio/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d352a062e20f25442a337c59b45e0c53752ecae4343240979bb937badd964f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 328
x-served-by: cache-chi-kigq8000068-CHI, cache-fra-eddf8230105-FRA
last-modified: Thu, 26 Oct 2023 20:27:50 GMT
server: cloudflare
x-timer: S1698415325.839321,VS0,VE4
etag: W/"653acbc6-2fa"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8abc3c-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409875d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 affix.js Show response
www.tripwire.com/themes/composer/bootstrap_barrio/js/ 1009 B
721 B 138ms
135ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/composer/bootstrap_barrio/js/affix.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 919d85e8e1ed4523535898cf35e18f976df480923585221ad7c6142bf251a262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-vqjjl
content-length: 480
x-served-by: cache-chi-klot8100057-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:28:14 GMT
server: cloudflare
x-timer: S1698415325.827503,VS0,VE2
etag: W/"653acbde-3f1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a200717-743e-11ee-bf30-a2ccb631cd5a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409895d7b-FRA
x-cache-hits: 4, 1

GET
H2 200 bootstrap.min.js Show response
www.tripwire.com/themes/custom/tripwire/js/ 61 KB
19 KB 142ms
140ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/tripwire/js/bootstrap.min.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 19264
x-served-by: cache-chi-kigq8000075-CHI, cache-fra-eddf8230040-FRA
last-modified: Thu, 26 Oct 2023 20:27:57 GMT
server: cloudflare
x-timer: S1698415325.839243,VS0,VE2
etag: W/"653acbcd-f3e8"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea874f9f-743e-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984098a5d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 global.js Show response
www.tripwire.com/themes/custom/tripwire/js/ 2 KB
1 KB 140ms
138ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/tripwire/js/global.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811de965a04f402872dcbad603d6fa5c7822096cb36bfb11e5d626d3d5d58f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 828
x-served-by: cache-chi-klot8100081-CHI, cache-fra-eddf8230124-FRA
last-modified: Thu, 26 Oct 2023 20:28:16 GMT
server: cloudflare
x-timer: S1698415325.830911,VS0,VE2
etag: W/"653acbe0-82e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d4b2f-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984098c5d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 better_exposed_filters.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 1 KB
736 B 113ms
111ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/modules/composer/better_exposed_filters/js/better_exposed_filters.js?v=4.x
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa0c7e45a2a21230703828b4be828d5d81ed7c85e6cf881da1a42d7c6f1c9cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:24 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-fpxqn
content-length: 488
x-served-by: cache-chi-kigq8000068-CHI, cache-fra-eddf8230024-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698415325.823286,VS0,VE1
etag: W/"653acbc9-40b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 5a1d5ec8-743e-11ee-a80c-d6ee2c492568
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984098e5d7b-FRA
x-cache-hits: 4, 2

GET
H2 200 debounce.js Show response
www.tripwire.com/core/misc/ 745 B
645 B 136ms
134ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/core/misc/debounce.js?v=9.5.11
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d591bcdfc0e449a3d93b3574e883942e867f9edfadd21d2a0c5447d1d5726c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-k4xjg
content-length: 407
x-served-by: cache-chi-klot8100040-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:28:06 GMT
server: cloudflare
x-timer: S1698415325.828181,VS0,VE1
etag: W/"653acbd6-2e9"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea891f29-743e-11ee-ac54-929ea5698253
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7984098f5d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 auto_submit.js Show response
www.tripwire.com/modules/composer/better_exposed_filters/js/ 4 KB
2 KB 142ms
140ms Script
application/x-javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/modules/composer/better_exposed_filters/js/auto_submit.js?v=4.x
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e17c0a99049cfb34ccbe70106ed428a72c57a492686368253288ba2948b489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:26 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-c6lqj
content-length: 1836
x-served-by: cache-chi-klot8100138-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:28:08 GMT
server: cloudflare
x-timer: S1698415325.839440,VS0,VE2
etag: W/"653acbd8-117d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ea8b7e77-743e-11ee-804f-72da6b7578c1
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb798409915d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css
www.tripwire.com/sites/default/files/css/ 497 B
519 B 89ms
89ms Stylesheet
text/css 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/sites/default/files/css/css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6381ffe01aa68320ad1bb13b61db1e4ecdaabf2f42df8739d6405a9837606ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 21:09:54 GMT
date: Fri, 27 Oct 2023 14:02:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-75fb65bc5f-gbfhb
content-length: 271
x-served-by: cache-chi-kigq8000045-CHI, cache-fra-eddf8230040-FRA
last-modified: Mon, 09 Oct 2023 20:44:38 GMT
server: cloudflare
x-timer: S1698415325.907251,VS0,VE2
etag: W/"65246636-1f1"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 316810f6-66e8-11ee-bcbc-925837b5a23a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb79848a325d7b-FRA
x-cache-hits: 3, 1

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3602b010a88d9792ba0a6f20eb912700ebead8993eb12141f20ed1cbf9223d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 14:02:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 14:02:05 GMT

GET
H2 200 v1.7-1064 Show response
consent.trustarc.com/asset/notice.js/v/ 88 KB
26 KB 46ms
46ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-1064

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f45a4b7d84fcba68fee4db26859810d7021314e50fca1a716449a2a7beeb97e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:07:35 GMT
content-encoding: gzip
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 3269
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 23 Oct 2023 05:12:34 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: T5IOVySWAkafcPA8E2gsefOkChhjr7jY-LjRcGFOtyMIakvnpAvb4Q==
expires: Sun, 26 Nov 2023 13:07:35 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 40CA 2 KB
1 KB 120ms
41ms Document
text/html 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2269
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 27 Oct 2023 13:24:16 GMT
expires: Sun, 26 Nov 2023 13:24:16 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-id: 8PhgA1vet_qSgTnlDy2v1rf02gtQ6xXu4aDZkeEmqg-1zq96EICJ8A==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 149ms
69ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW&c=9c55&referer=https://www.tripwire.com

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: WwDJsu7-FRokmdSMPzQt3-5fOEA6twL3uT7tqJnCqVtGGYF8ybVgrg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
88 KB 164ms
64ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMS49C8

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9245934d9d4327827f55b56fe92c77987691ae961592a1d112596d3db8883d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89387
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 14:02:05 GMT

GET
H2 200 fa-light-300.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 186 KB
186 KB 77ms
75ms Font
font/woff2 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-light-300.woff2
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586

Request headers

Referer: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:33:27 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-f2blj
content-length: 190440
x-served-by: cache-chi-kigq8000110-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 26 Oct 2023 20:28:12 GMT
server: cloudflare
x-timer: S1698415325.128390,VS0,VE2
etag: "653acbdc-2e7e8"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: ead0d65d-743e-11ee-8eb8-668f5772df65
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7985ec035d7b-FRA
x-cache-hits: 1, 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 173ms
78ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 313198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 203ms
107ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 136413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 00:08:32 GMT

GET
H2 200 fa-solid-900.woff2
www.tripwire.com/themes/custom/fortra_parent_2022/fonts/ 138 KB
139 KB 59ms
58ms Font
font/woff2 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripwire.com/themes/custom/fortra_parent_2022/fonts/fa-solid-900.woff2
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

Referer: https://www.tripwire.com/sites/default/files/css/css_4EB99CPdguvvLu6sY0mk_vEOPLtK5MWFMm3cmoiXpu8.css
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 20:29:18 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62918
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 141600
x-served-by: cache-chi-klot8100120-CHI, cache-fra-eddf8230029-FRA
last-modified: Thu, 26 Oct 2023 20:27:53 GMT
server: cloudflare
x-timer: S1698415325.125275,VS0,VE2
etag: "653acbc9-22920"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: 565a7778-743e-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb7985ec085d7b-FRA
x-cache-hits: 1, 1

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 211ms
116ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:27:52 GMT
x-content-type-options: nosniff
age: 23653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 07:27:52 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 186ms
91ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:27:18 GMT
x-content-type-options: nosniff
age: 581687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 20:27:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 135ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 330202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 18:18:43 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 145ms
50ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 17:02:00 GMT
x-content-type-options: nosniff
age: 334805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:02:00 GMT

GET
H2 200 linkedin-job.jpg
www.tripwire.com/sites/default/files/2023-10/ 105 KB
105 KB 63ms
62ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/linkedin-job.jpg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9343838c3ed1a1667db9e74c7984f245c234554e7a09a037f987d524d048a6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:12:39 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62909
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-hd8fh
content-length: 107051
x-served-by: cache-chi-klot8100107-CHI, cache-fra-eddf8230024-FRA
last-modified: Thu, 26 Oct 2023 14:12:11 GMT
server: cloudflare
x-timer: S1698415325.192732,VS0,VE2
etag: "653a73bb-1a22b"
content-type: image/jpeg
x-styx-req-id: b8899b82-7409-11ee-996f-2ac8c4b86eed
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb79866c985d7b-FRA
x-cache-hits: 8, 1

GET
H2 200 linkedin-malware-message.jpeg
www.tripwire.com/sites/default/files/2023-10/ 33 KB
33 KB 89ms
88ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/linkedin-malware-message.jpeg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54759ca38945050fdfc8469be8e8204763ea31dbb1e09aedb71bdf0ed1dba259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:05:26 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62527
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-6679b8f9f8-hjjgq
content-length: 33549
x-served-by: cache-chi-kigq8000117-CHI, cache-fra-eddf8230105-FRA
last-modified: Thu, 26 Oct 2023 14:05:21 GMT
server: cloudflare
x-timer: S1698415325.197715,VS0,VE2
etag: "653a7221-830d"
content-type: image/jpeg
x-styx-req-id: b6a65767-7408-11ee-a786-72ff9156f6fc
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb79866c9a5d7b-FRA
x-cache-hits: 5, 1

GET
H2 200 corsair-job.jpeg
www.tripwire.com/sites/default/files/2023-10/ 43 KB
43 KB 71ms
71ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/2023-10/corsair-job.jpeg
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c926030f3f91f720ddc902ee6a836ee7d9b962b9c7d5545370e58461a153b37d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Oct 2024 14:06:45 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62527
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-574b8cd764-8wjkj
content-length: 44230
x-served-by: cache-chi-kigq8000102-CHI, cache-fra-eddf8230124-FRA
last-modified: Thu, 26 Oct 2023 14:06:36 GMT
server: cloudflare
x-timer: S1698415325.195608,VS0,VE2
etag: "653a726c-acc6"
content-type: image/jpeg
x-styx-req-id: e544a57a-7408-11ee-ad1b-0a834989ccb7
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb79866c9b5d7b-FRA
x-cache-hits: 5, 1

GET
H2 200 graham-cluley_profile_pic.jpg
www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/ 2 KB
2 KB 88ms
87ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripwire.com/sites/default/files/styles/thumbnail/public/2022-10/graham-cluley_profile_pic.jpg?itok=ffTH8VnN
Requested by: Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb67fac14a3ff2580053f5a7e7b1b81d143e3de1e602748e0334c392a5396ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 20 Sep 2024 18:49:01 GMT
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
age: 62844
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-7d68986d5d-5cbjh
content-length: 2237
x-served-by: cache-chi-klot8100051-CHI, cache-fra-eddf8230082-FRA
last-modified: Wed, 10 May 2023 07:27:50 GMT
server: cloudflare
x-timer: S1698415325.203147,VS0,VE2
etag: "645b4776-8bd"
content-type: image/jpeg
x-styx-req-id: 5d90bd2a-57e6-11ee-82dc-866ed7ad4f37
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 81cb79866c9d5d7b-FRA
x-cache-hits: 2, 1

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 33A6 677 B
564 B 56ms
54ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2198752
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 81cb79866d5c4d52-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 14:02:05 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.f4498a6a.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 100ms
54ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.f4498a6a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tripwire.com/
Origin: https://www.tripwire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2842503
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:31 GMT
server: cloudflare
etag: W/"11650-606185138cb5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 81cb7986aecd3668-FRA

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 2224 5 KB
3 KB 170ms
77ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.tripwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 14:02:05 GMT
etag: W/"5111-1696834446000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-id: bcu1mqq7zG8gfPv8CReVL2yIlLmcLQ3yPd-46Oz85HSNJ5y7AlUZig==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
428 B 72ms
71ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.39916345979231904&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW&referer=https://www.tripwire.com

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tripwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: dQyGY9rFXotZFJjRxTD8ytmWcvtIrMjlO5y1xjQvoS8mtdM7r5PncQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 2224 5 KB
3 KB 67ms
67ms Script
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-174-47.cdg50.r.cloudfront.net

Software

nginx /

Resource Hash

5a1239e59fef1fc369bb2339c810999caa4d063949f1ae78acb073c8acbd250a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"4867-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: MCuR1vTqmX9We5hFxArNoxS19_7zD404fuIz64kb1c4A5oDo9k6y8Q==
expires: Fri, 27 Oct 2023 14:02:04 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 2224 20 KB
5 KB 180ms
56ms Script
text/javascript 52.222.174.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.174.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: public
date: Sun, 15 Oct 2023 16:39:18 GMT
content-encoding: gzip
via: 1.1 31a1ed822e5cb0d9c8c86a015f42b7be.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG50-P2
age: 1027367
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: oxI6Ig4SyxLHrOsg3pdHTbMXEmGPvSbE8BeHgV9XQFaVkOMIoC9Y7A==
expires: Tue, 14 Nov 2023 16:39:18 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 2224 3 KB
3 KB 41ms
40ms Image
image/gif 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:35:32 GMT
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1594
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"2608-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: SwClSUOy3yHMEgkNZV_DLvk8P51hcdX60zc4oPstD0l5PevaGxNn3g==

GET
H2 200 A9C0FF58CA469E40741F487C4C79DD16.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CE15 141 KB
46 KB 46ms
46ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ebbe09ce80b9c406ffb23539c11f2061b6b3a413b72a35c3f8ccfda49858bf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 378743
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 23 Oct 2023 04:49:42 GMT
etag: W/"144103-1696834466000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-id: V71L4Q59QL8H6mg5NOlglH7DfcDKSW6vBAbVgA_oODCWe4FYc6mvow==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 2224 1 KB
1 KB 66ms
65ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 481
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: tQ00zaD6gKVkgoj-AzYCnrLFZWg66TkzC-loCm6HIfToXctavshcPA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 2224 48 B
622 B 68ms
67ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

efe2facfa752abb5024b14d3357d74b797fde7e0548f65f57eface0e66a78741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: JMqd5MJRI0gZ-TiWZqENPU2m9Q4CJJ8wL1bab33xyHsCjTXV9Jtd7w==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 2224 30 KB
7 KB 88ms
87ms Stylesheet
text/css 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:29:28 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1970
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"30603-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: EttIc-B_kyZWaoZJ68mTv4kzn4tPAnqk3yC0zsLpo5JeKIvFSTItKA==
expires: Fri, 27 Oct 2023 13:29:14 GMT

GET
H2 200 11.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 2224 266 KB
91 KB 45ms
45ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/11.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

53a209d677bcf8346ee7650210fc3cb7fd7cd448832297e3c9186f05a2301659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:23 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 378702
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"272572-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: UJ6cuab3k25TNmz5Fv9ABy6MuyAmIpQrK6g3jW5M7zT38GCt2pSHnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 2224 20 KB
9 KB 43ms
43ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-100-25-206-26.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4946599a26d4b4702c629c4faeeb37fe6ac01b11c82ea11aa973692170e9f665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:23 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 378702
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"20966-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: LzdmENKRVGaiSUS8Ajm_Q7D41qNWY06ql7e0XodYsEeRQB2qldm9LA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 1E6A 5 KB
2 KB 433ms
140ms Document
text/html 100.25.206.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW

Requested by

Host: www.tripwire.com
URL: https://www.tripwire.com/state-of-security/phony-job-vacancy-targets-linkedin-users-darkgate-malware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.206.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:02:06 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 2224 856 B
945 B 66ms
66ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 353
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: gQsXsAVjhqMrQhux2fzXBv_t5SobDJsJeXzKYU5dlxRD34FCzyojwQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 2224 24 KB
7 KB 67ms
67ms XHR
application/json 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A9C0FF58CA469E40741F487C4C79DD16
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 14:02:05 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6347
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 8GLc7MW2ijU2jvut4-EdvcICNbWWVO870N6q4Sc6jQ_1UoiL2xoGNQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 2224 4 KB
5 KB 39ms
39ms Image
image/png 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:35:37 GMT
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1589
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
server: nginx
etag: W/"4197-1696834446000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: tcIHUe_SUuKgar9JSi5IbqS8hHGIpiN4TcESbBCRI6h0xGpr5EQ3lw==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/ Frame 2224 7 KB
4 KB 40ms
39ms XHR
application/javascript 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A9C0FF58CA469E40741F487C4C79DD16/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A9C0FF58CA469E40741F487C4C79DD16.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84564ffaf2ad066235fbf5e6ffca74b4347faf5c61be31c00b7138d4b70a5117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 04:50:25 GMT
content-encoding: gzip
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 378701
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 Oct 2023 06:54:26 GMT
server: nginx
etag: W/"7462-1696834466000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 72ol-eqyQvNEgUQmWDHoGMN8FoUwTvEcQyfjOYCJTH3HTZ8KGTo5gw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 2224 3 KB
1 KB 43ms
43ms Image
image/svg+xml 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: public
date: Fri, 27 Oct 2023 14:01:24 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 42
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Xa3GsJ19i3J2TTX46VJKpeWHUqHnQHOPk5MNgZqhQUgI_8ZUrbgiLg==
expires: Sun, 26 Nov 2023 14:01:24 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame D525 2 KB
1 KB 41ms
40ms Document
text/html 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=c0071dba-489d-4b8d-ac74-74d724dcc0c7&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1721
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 13:33:25 GMT
etag: W/"2008-1696834446000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 09 Oct 2023 06:54:06 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-id: FHjCxe_cdbsfa8KcACwvn6aqFd8xEk5sZ7TzexRW0DXnq3AyOAhqtw==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 2224 4 KB
5 KB 40ms
40ms Image
image/png 52.222.236.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS