www.crowdstrike.com Open in urlscan Pro
2606:4700::6810:f3e7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=h...
Submission Tags: falconsandbox
Submission: On August 23 via api (August 23rd 2023, 10:23:57 am UTC) from US — Scanned from DE

Summary HTTP 165 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 165 HTTP transactions. The main IP is 2606:4700::6810:f3e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crowdstrike.com. The Cisco Umbrella rank of the primary domain is 120313.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 28th 2022. Valid for: a year.

This is the only time www.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
78	2606:4700::68... 2606:4700::6810:f3e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:26f0:480... 2a02:26f0:480:99e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
23	2606:4700::68... 2606:4700::6812:bada	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:215... 2600:9000:2156:fc00:a:de52:1580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.82.91.175 54.82.91.175	14618 (AMAZON-AES) (AMAZON-AES)
165	20

78 2606:4700::6810:f3e7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:480:99e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:bada (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

281-obq-266.mktoweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:fc00:a:de52:1580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:62a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.91.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-91-175.compute-1.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	crowdstrike.com www.crowdstrike.com — Cisco Umbrella Rank: 120313 go.crowdstrike.com — Cisco Umbrella Rank: 202454	7 MB
23	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 354	391 KB
13	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 449	201 KB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 5612 c.6sc.co — Cisco Umbrella Rank: 8464 ipv6.6sc.co — Cisco Umbrella Rank: 5885 b.6sc.co — Cisco Umbrella Rank: 3914	17 KB
6	mktoweb.com 281-obq-266.mktoweb.com — Cisco Umbrella Rank: 519129	150 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	403 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 485 p.typekit.net — Cisco Umbrella Rank: 610	73 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	132 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1065	281 KB
3	addsearch.com cdn.addsearch.com — Cisco Umbrella Rank: 198144	88 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9269	575 B
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 596	442 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366	120 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3366	3 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 465	575 B
1	gstatic.com www.gstatic.com	183 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
165	17

	Domain	Requested by
78	www.crowdstrike.com	www.crowdstrike.com go.crowdstrike.com
23	cdn.cookielaw.org	go.crowdstrike.com www.crowdstrike.com cdn.cookielaw.org
13	assets.adobedtm.com	www.crowdstrike.com go.crowdstrike.com assets.adobedtm.com
6	b.6sc.co
6	281-obq-266.mktoweb.com	go.crowdstrike.com 281-obq-266.mktoweb.com
5	www.googletagmanager.com	assets.adobedtm.com go.crowdstrike.com www.googletagmanager.com
4	www.youtube.com	assets.adobedtm.com www.youtube.com
4	use.typekit.net	www.crowdstrike.com use.typekit.net
4	go.crowdstrike.com	www.crowdstrike.com go.crowdstrike.com
4	use.fontawesome.com	www.crowdstrike.com use.fontawesome.com
3	cdn.addsearch.com	www.crowdstrike.com cdn.addsearch.com
2	epsilon.6sense.com	j.6sc.co
2	geolocation.onetrust.com	cdn.cookielaw.org
2	ajax.googleapis.com	go.crowdstrike.com
2	munchkin.marketo.net	go.crowdstrike.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	www.google.com	go.crowdstrike.com
1	p.typekit.net	use.typekit.net
165	22

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
go.crowdstrike.com
www.trustwave.com
attack.mitre.org
documentation.help
www.instagram.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
crowdstrike.com Cloudflare Inc ECC CA-3	`2022-12-28` - `2023-12-27`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
go.crowdstrike.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-07`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
281-obq-266.mktoweb.com Cloudflare Inc ECC CA-3	`2023-01-24` - `2024-01-23`	a year	crt.sh
cdn.addsearch.com Amazon RSA 2048 M02	`2023-02-12` - `2024-03-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
Frame ID: 27E2AFFE1307CDF35C2F85E9C7E68AED
Requests: 123 HTTP requests in this frame

Frame: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
Frame ID: 16E8BF7B23860B17B83F1B46A7A0CB6A
Requests: 39 HTTP requests in this frame

Frame: https://281-obq-266.mktoweb.com/index.php/form/XDFrame
Frame ID: F0D88DE3DE2CBE9D5906C743B230E148
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Self-Extracting Archives, Decoy Files and Their Hidden PayloadsBack ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

165
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

22
Subdomains

20
IPs

3
Countries

9303 kB
Transfer

14083 kB
Size

14
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crowdstrike

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent.html
Title: Start Free Trial

Search URL Search Domain Scan URL

URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/archive-sidestepping-self-unlocking-password-protected-rar/
Title: blog post

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1546/012/
Title: Image File Execution Options debugger

Search URL Search Domain Scan URL

URL: https://documentation.help/WinRAR/HELPSFXSetup.htm
Title: setup option

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=How+Falcon+OverWatch+Investigates+Malicious+Self-Extracting+Archives%2C+Decoy+Files+and+Their+Hidden+Payloads&url=https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/&title=How+Falcon+OverWatch+Investigates+Malicious+Self-Extracting+Archives%2C+Decoy+Files+and+Their+Hidden+Payloads
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crowdstrike/?hl=en

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

165 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/ 75 KB
17 KB 300ms
195ms Document
text/html 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb3e8a320b29a8fb84f12843eab8195826c4a74036b703d6d8972a7bbabed3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 7fb2a4772f1d8ff2-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
content-type: text/html
date: Wed, 23 Aug 2023 10:23:51 GMT
expires: Wed, 23 Aug 2023 14:23:51 GMT
last-modified: Thu, 03 Aug 2023 20:24:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-amz-cf-id: _v-b1zvr2pcu2VzuvuxjHq7Ie7R7CSwgco7M0HM092tXDSRTI9INIQ==
x-amz-cf-pop: ZRH55-P1
x-amz-version-id: jP7P_MN6fTmUbgs3OK82MtoswLpAiiUR
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
x-xss-protection: 1; mode=block

GET
H2 200 classic-themes.min.css
www.crowdstrike.com/wp-includes/css/ 291 B
420 B 70ms
69ms Stylesheet
text/css 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: FnDyPT7rI4tlhRBXWWKf04BmAhXQ.6cf
age: 2097
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Thu, 22 Jun 2023 19:33:05 GMT
server: cloudflare
etag: W/"1a0804b1a9d09705657f91fe7cad4c5a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fb2a47868b78ff2-FRA
x-amz-cf-id: m5-596fqwzot1WZYfWrFslc_bReHgxiP9hDbn9irIide0WsbUItlSQ==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 single-post.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/ 41 KB
6 KB 73ms
72ms Stylesheet
text/css 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a27f67646142dabf6aa023a556e5beda6ee2ffde499ffa43f4287e7db99827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: MjWE5FGh1bP8e.yfP5592JVTOktViKDa
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:27 GMT
server: cloudflare
etag: W/"fe8bd9df47f8a43373d012be1f279d38"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fb2a47868bb8ff2-FRA
x-amz-cf-id: B6skiPOBG1WGW-saZWYZ6B3ohyMeXWOokIJn-6WItiZEgw-rSiglHg==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 theme-styles.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/ 430 KB
74 KB 73ms
72ms Stylesheet
text/css 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a0d1ee23ff89e1e03b431fd6ed36fbf587939fe4b67434bf2a0d223ba90dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: OhxdUGrsOWJ2Qn6p34U1flQ.W3.Pjrsg
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:28 GMT
server: cloudflare
etag: W/"65c8111a3c400785041676a5f39ea0b2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fb2a47868bd8ff2-FRA
x-amz-cf-id: iO7HJlnJi6FzRznzmAWc8wAZO-_6PLQbcQUv6Be2USyAcwkUFA0SKg==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 tablepress-combined.min.css
www.crowdstrike.com/wp-content/ 6 KB
2 KB 69ms
68ms Stylesheet
text/css 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/tablepress-combined.min.css?ver=28

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: tsHm.4aglhivxJ6SfEs8YL4ACcBPHmEM
age: 2097
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 30 Aug 2022 15:32:39 GMT
server: cloudflare
etag: W/"e246c6f72f6db9cc7c8a1061c6b8717b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fb2a47868be8ff2-FRA
x-amz-cf-id: WS1JbunpUWJDXQ7ME8jX_6mdeJI2W_lJnqnxmnJ-kIkXiesdHTF8qA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.2.0/css/ 99 KB
23 KB 173ms
74ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349

Request headers

Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JKCPF4KEJX219PY9
age: 85279
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ine5iC42GRQ+qc7tTmh5E/D5dD6h4uBdz7t1kPMIwgV9uiQVhxK85OExZRYFt5Wd9edsNd/cIu4=
last-modified: Tue, 30 Aug 2022 16:39:37 GMT
server: cloudflare
etag: W/"6cb5a85b30082e3d59d7e371e002ce8d"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrHc6LWi1IIRqpZ7XnckWjo9vY81lL%2B4OImP5ucXiHl4cxYjI1jFICf8cE34bF5RA52%2F715GwAf5xncP%2B67%2BSPl%2FjFt1cdhQkZJY892QHvL9ujgfoLUEy25CRUqeqjWeNKw9yc%2BPVXTkZe%2BzcJUFj7Iv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7fb2a4790ca29bb3-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.2.0/css/ 27 KB
5 KB 157ms
58ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/css/v4-shims.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 302c63800f372511b5c5981ce65f09ddc9926619a28ab7c8ebd23d0b120236a2

Request headers

Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F82F098GMVRMZSAV
age: 85279
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mZGG3eJgnVhzATtiTt36WFKDbwWg4sBYSYi0N2fy++MKSrn4FDyZbK/Pq/BDPOQC2NBTFGQu5wo=
last-modified: Tue, 30 Aug 2022 16:39:37 GMT
server: cloudflare
etag: W/"a0c6ae12659c0a469d1114415303f9da"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IA%2FxXPrbjA1%2FuXYj5CbSAFiMNxUGNZeBHRHOUOML6FzR6MQFbd2waYoCwXCC6Ned5V55M5FE87UNY0tbZxxlaOsuFzRWAH%2Bocyel1I2fkdsmf7etifAlFVxqCHXQiJCzMKkVcg4%2BxS047E4qdBmbrT0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7fb2a4790ca39bb3-FRA

GET
H2 200 0621_06_ZipFile.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 177 KB
178 KB 154ms
153ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0621_06_ZipFile.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

811aeff0824c021896e77ddff5450e44f8da8182ab100f2c3604ef25662d336c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: h6f9GINbN5b6jcRpw6Sr6eNSa6oqTIya
age: 2216
x-amz-cf-pop: ZRH55-P1
cf-polished: degrade=85, origSize=582597
x-cache: Hit from cloudfront
content-length: 181405
last-modified: Mon, 12 Jun 2023 15:04:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "454388686bfc2cbd327ff514e6ca057a-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47888e58ff2-FRA
x-amz-cf-id: M8IrXFvCA9E0RuIn9RqtA6S7SzlqdDTfjjovXyN1XVDgCfkxW1Bc0w==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 breaches-stop-here-post-cta.jpeg
www.crowdstrike.com/wp-content/themes/main-theme/dist/images/blog/ 18 KB
18 KB 155ms
153ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/images/blog/breaches-stop-here-post-cta.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e697ef2b43407b9149ac0a3fc681669cd26b35dadcba28005da205ba2255db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: efL7mcshOrMk9S6SwQYz_sgWy4dDkrtm
age: 5750
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=22804
x-cache: Hit from cloudfront
content-length: 17960
last-modified: Tue, 22 Aug 2023 20:26:57 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "60023d760235f6fe7b6933de922ced6e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47888e78ff2-FRA
x-amz-cf-id: tDsLbr_Ou1g_21G3yO-9SSbI6mLBnoCZpW-8Xh8oK12AjGoYjHu_SQ==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 AU-Podcast_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/07/ 212 KB
212 KB 155ms
154ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/07/AU-Podcast_Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5350ff07a73190d995c9851a8ff2bde8694463918618c8b001127053e92ca5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: r1scemVNyXZ19iRmK17rFq_zv4EEf9mC
age: 6687
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=634812
x-cache: Hit from cloudfront
content-length: 216917
last-modified: Mon, 14 Aug 2023 18:03:53 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "eb697339b53801c202d24f9e7f30b6ac-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47888e88ff2-FRA
x-amz-cf-id: 4Ql5DODvGn-3jkH8KnqmcZKtv3tGXI8cU10e5LlljAGXpu2NB-JzhA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 mapping-it-out-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/02/ 109 KB
110 KB 153ms
152ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/02/mapping-it-out-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057cf64e13a70d98b7ad8f18487273135e4bb1f5083088f3f58bdf345c197620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: CF06vRsCBQFECURRG._anuJduA.h7mdg
age: 6687
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=321647
x-cache: Hit from cloudfront
content-length: 111753
last-modified: Wed, 09 Aug 2023 21:11:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a1c9f1bfd248a5bf73316d1c50cf3cfe-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47888e98ff2-FRA
x-amz-cf-id: Qy39R3ychrtmYIex1bjsblgFusSsvQRjlNxOfAEyme2MQ_DbWAXtgA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698-1.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 759 KB
760 KB 198ms
197ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5bb911d804e4d1f86f3ba3c7c91679115a598c6131b48d535e62d5fb4546b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d994808da6a9ce8c9e7b1364fa689ea.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: JM9sb8NaRysNp._YNw3wlP.aOYxO.rR6
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
content-length: 777012
last-modified: Wed, 09 Aug 2023 21:11:02 GMT
server: cloudflare
etag: "cce4b4e5706071a714de5d5b4b942f14-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47888eb8ff2-FRA
x-amz-cf-id: SKofRqhG8hiYrlq-TnrW3laLEyazESiIWEma0Vr9Hqgwvae8VpVc0g==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 exit-promoter.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/ 4 KB
1 KB 155ms
153ms Stylesheet
text/css 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/exit-promoter.min.css?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d918dfd178470f1be12242960742fd20f811cf84c1beb90695770308a92cf017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: aP8F1Q4ktoqSdC1d5NqWTY1RN.P0.WHL
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:23 GMT
server: cloudflare
etag: W/"37121aa112ff01e70805c21126a4ae89"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7fb2a47888e28ff2-FRA
x-amz-cf-id: 2F7fbwezizM1Y93lZnRx5ljdYcFCIpbTxi3Jk-dd53J-aC4XYoXSxw==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 rocket-loader.min.js Show response
www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 154ms
153ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
server: cloudflare
content-encoding: gzip
etag: W/"64e38ff7-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb2a478b9298ff2-FRA
expires: Fri, 25 Aug 2023 10:23:51 GMT

GET
H2 200 launch-6cccf53edc18.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/ 396 KB
101 KB 161ms
46ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 011288ca9bc229a6ab4e57c010e04373efcb1c49e57e0edbcba9ef2723fcbfda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:00 GMT
server: AkamaiNetStorage
etag: "c79979c96d301b643c5ac5283ab493c5:1692712800.431761"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 103072
expires: Wed, 23 Aug 2023 11:23:51 GMT

GET
H2 200 WF-Trial-to-Pay_LP-Registration-Footer.html Show response
go.crowdstrike.com/ Frame 16E8 11 KB
4 KB 437ms
148ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3cb045c72b63d20fd9cdbff038a26d02e4829ca2196544c1439defd5118a27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crowdstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: stale-while-revalidate=60, max-age=300, public
cf-cache-status: DYNAMIC
cf-ray: 7fb2a47a5c8b1e64-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 10:23:51 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: *,Accept-Encoding
x-asset-type: LP
x-cache-status: HIT
x-content-type-options: nosniff
x-mkto-nginx-cache: true

GET
H2 200 zya3koo.css
use.typekit.net/ 3 KB
915 B 177ms
41ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zya3koo.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a0f9ad349100e22fc0f804bf2cd7295202370354e8b5b519b2a03468b3c7e67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 23 Aug 2023 10:23:51 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 692

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
83 KB 141ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKTET1D58V

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47f5da88dcb49a135b8a6bf78740734b74bc6a8ac3df612c9141eafc9dc52ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85002
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 158ms
64ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 159ms
40ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zya3koo&ht=tk&f=39496.39498.39500&a=30979937&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 launch-720e977888ec.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/ Frame 16E8 337 KB
91 KB 42ms
39ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3e02470942d07648cc92bf3d0485bddd19d8ea9e6849b2b251bc2260956a17ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:53 GMT
server: AkamaiNetStorage
etag: "88f4d17acbe68870722db6733d3a50de:1692634493.480235"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 92902
expires: Wed, 23 Aug 2023 11:23:51 GMT

GET
H/1.1 200
OK munchkin-beta.js Show response
munchkin.marketo.net/ Frame 16E8 1 KB
1 KB 159ms
60ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin-beta.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aaf173c00687da3d4328c0a1593d764175af1cb6708fa79ca5febcdc5f7de161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 10:23:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Feb 2023 02:35:29 GMT
Server: AkamaiNetStorage
ETag: "7ea9bdc17bda32d919638e9e573666e3:1675391729.535053"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ Frame 16E8 58 KB
10 KB 145ms
60ms Script
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/OtAutoBlock.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63bf01eb9c526436e112dac238827fe17a752fc80b34ba3934ec092778497876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51473
content-md5: ArpAkXa9oQKiejC8E9GJWg==
content-length: 9635
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:22 GMT
server: cloudflare
etag: 0x8DAFE4ED8DFCC04
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6651b140-201e-0005-35e1-5a2c99000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47bce469a1b-FRA
expires: Thu, 24 Aug 2023 10:23:51 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 16E8 21 KB
7 KB 135ms
50ms Script
application/javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 64194
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:10:59 GMT
server: cloudflare
etag: 0x8DBA269973EC8AB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd67f6c-c01e-006d-2268-d48dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47bde499a1b-FRA

GET
H2 200 mktLPSupportCompat.css
go.crowdstrike.com/css/ Frame 16E8 2 KB
756 B 63ms
60ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/css/mktLPSupportCompat.css

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2231
content-length: 635
last-modified: Thu, 13 Jul 2023 18:50:43 GMT
server: cloudflare
etag: "400689-633-60062cf2ea6c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47b4e0e1e64-FRA
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 16E8 94 KB
33 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 07:10:40 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 16E8 1 KB
1 KB 139ms
48ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcc256d3c85d0761c5c792e4ac3c94644c5ee16fe5ceca1ef6cba132b937e83f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 forms2.min.js Show response
281-obq-266.mktoweb.com/js/forms2/js/ Frame 16E8 208 KB
70 KB 565ms
62ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 5295
etag: "417fb-34099-60062cdee3780"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7fb2a47e6e7391e3-FRA
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 16E8 86 KB
86 KB 174ms
83ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 08:19:21 GMT
x-content-type-options: nosniff
age: 7470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88145
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 08:19:21 GMT

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame 16E8 61 B
498 B 80ms
78ms Script
text/plain 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd5161d2c093bb6a9af95b7144ef620ce78622ea235eb3df1f6587a41ea3dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
content-encoding: br
x-amz-version-id: ulr4Tkpam5aOsZ3wEbjjCfk5V72p4jDY
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Thu, 09 Jul 2020 21:49:17 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:4e8c383c7319828a9ac3bc642297474a
etag: W/"4e8c383c7319828a9ac3bc642297474a"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 7fb2a47b4c1d8ff2-FRA
x-amz-cf-id: rQ6Y6I-9N-vEs2Ap8HLxf2bOzge1zgoMk5QMPsRII6m_RqY4mELghQ==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// Frame 16E8 1 KB
2 KB 147ms
50ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 10:23:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 stripmkttok.js Show response
go.crowdstrike.com/js/ Frame 16E8 2 KB
871 B 55ms
52ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/stripmkttok.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2344
content-length: 678
last-modified: Thu, 13 Jul 2023 18:50:23 GMT
server: cloudflare
etag: "42161b-602-60062cdfd79c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47b4e101e64-FRA
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/ 209 KB
65 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66086
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Aug 2024 09:20:18 GMT

GET
H2 200 l
use.typekit.net/af/28f000/00000000000000003b9b2048/27/ 23 KB
23 KB 157ms
39ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28f000/00000000000000003b9b2048/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
server: nginx
etag: "5d5df1b25290dc82b22a668f0395604299f16750"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23176

GET
H2 200 l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ 24 KB
24 KB 168ms
50ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
server: nginx
etag: "98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24452

GET
H2 200 l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ 25 KB
25 KB 162ms
44ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
server: nginx
etag: "79b73a8b60023503d1f34e07b81f37976902b3f9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25780

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v6.2.0/webfonts/ 105 KB
106 KB 46ms
45ms Font
font/woff2 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2T8N7VEMHZE58HNQ
age: 1689919
alt-svc: h3=":443"; ma=86400
content-length: 107460
x-amz-id-2: ZTwngJAeQnESwoNaSfJGB2pZKSi9cNfCh6u7w/I8dkVO0z3vn/2XAVfyxzd/2e59xM/vIbG6zKs=
last-modified: Tue, 30 Aug 2022 16:40:00 GMT
server: cloudflare
etag: "f4bdd85a576812f553ec3cfea8b1a2b5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JZNcbF4vwVGMS9ymUW4epCvZIlQ1r1%2BTSiroAeVEDXYt8HsGaC%2BnE8jT%2FsAFtCTkaSY%2BRst%2BBYxKG9dTl3B%2Bfe%2BK71JyGdZGKJELSzs%2BJWQlUZMJn4GiJPos7K%2BWbEjPDk79vzhKvIC307XXfJEI3eY"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fb2a47ba86e9bb3-FRA

GET
H2 200 Fatman-Light.woff2
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/Fatman/ 17 KB
18 KB 63ms
61ms Font
font/woff2 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/Fatman/Fatman-Light.woff2

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6addb827a2a39237154916d2a692464bceb44dc7bd73e7cdeb7150181615b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ecSetWAkfTqOrLXza9fJ20LlwW0EOpe_
age: 2094
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
content-length: 17736
last-modified: Tue, 22 Aug 2023 20:26:52 GMT
server: cloudflare
etag: "85db19d40add135904a6215a2a29ef38"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47bac878ff2-FRA
x-amz-cf-id: qxkXLH3uLq472YosRinfa9NBsU1bGvHrzyH5oJ0BPibVCBqgzmWMaA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.2.0/webfonts/ 147 KB
148 KB 65ms
64ms Font
font/woff2 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P4JAYQBHVVJQB46J
age: 1690979
alt-svc: h3=":443"; ma=86400
content-length: 150472
x-amz-id-2: odcmgXBvySp5qLPYMlqiOHTxWWwv1MNUcLJOTn7tI73kbgw+jcIBUuHLmFJ1rgHQT5ZoWgCiPu0=
last-modified: Tue, 30 Aug 2022 16:40:00 GMT
server: cloudflare
etag: "3e50e269ee627bb2279f91d18c085167"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wv4vhEeIugTFmqYWwYqSz5XMwMTh6mOxGZ%2FP6vegHFDWIRM6EdAtJ17032si11IJtNM%2B7dw3CHiTkNZUAnlnaOqV6RxTMRx89k%2BmC4miHnFF1Q1YWhMzOMapN53L7%2FGIsTEHhoZgMfsg6xKMKmKi7Lm4"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fb2a47ba86f9bb3-FRA

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/ 82 KB
47 KB 65ms
64ms Font
font/ttf 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/crowdstrike.ttf?sfjo45

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: JP35z8OzwEpqL6GCIsKCleouCBl.hEhC
age: 849
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:26:51 GMT
server: cloudflare
etag: W/"ad87bba53a140fc17152a36f87a03f2f"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=14400
cf-ray: 7fb2a47bac898ff2-FRA
x-amz-cf-id: JOgwzW-zI0nZFLdcQRa_b1Z1c1KKGNei0bn7_kMJ7pcPgJu8GV5Onw==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 Screenshot-2023-03-14-at-7.12.20-am.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 41 KB
41 KB 172ms
171ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-14-at-7.12.20-am.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e5a3aaa72ef5e9c6fd17a1be42cf0ae714d1886111e9203bd9469425f0f3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: tslK1oPkqjOcxJXuNijVQ2TiflPcC4xT
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
content-length: 41766
last-modified: Thu, 13 Apr 2023 15:04:21 GMT
server: cloudflare
etag: "43ee9bf834a0351b9ba9d7f19428793f-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47bdcb38ff2-FRA
x-amz-cf-id: kJQQsxYd3FLDGJLy0PqluRNEkSOHS8Ne6Ixmm7WRgcfz5NBESUCrzQ==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 Screenshot-2023-03-14-at-7.14.34-am.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 125 KB
126 KB 167ms
166ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-14-at-7.14.34-am.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c4140bcd77a711c9e67268dcfdb62ff8405ebd540f26a3a06c23485f6eab61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: viEgGXJGzSRgLpvNr5dzWCTjZ4gLp_1I
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
content-length: 128443
last-modified: Thu, 13 Apr 2023 15:04:23 GMT
server: cloudflare
etag: "8107ccb3964da6a56f71c6e1baacc788-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47bdcb78ff2-FRA
x-amz-cf-id: ZKinpbqekOjhw4DV_Imr6Hmq9To7_2Owg7fYS5yjwv45U2PaYlL6Iw==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 Screenshot-2023-03-14-at-7.17.42-am.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 33 KB
33 KB 182ms
181ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-14-at-7.17.42-am.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f626a497cc987702885d0c7f95a969d5a44ff8011a5ad827120ab57dda53f4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 099d4ba9ace3ae96fa2a16ccfeeac6ec.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: .HVH9r9eKMMPWZmfkVLS9POSTPFqUg4Y
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
content-length: 33876
last-modified: Thu, 13 Apr 2023 15:04:24 GMT
server: cloudflare
etag: "d066fe5bbcada053f2f1b2570d1fdddf-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47bdcb98ff2-FRA
x-amz-cf-id: AZAvVklnqV3nyYfDpsk7906fdeaqjRbfZJpTSgYdNVnv-httuoFU2A==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 Screenshot-2023-03-14-at-7.20.06-am.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 94 KB
94 KB 207ms
207ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-14-at-7.20.06-am.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c6911feba6e3f29209aaa82a942ea38e8687be61bc2f1a564a676dcbc4ea36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e042bf1e56617a2fbe098f111a30b514.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: u0GQkr.s8BAAyhZCiFvPPVP_8Jitza1E
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
content-length: 96156
last-modified: Thu, 13 Apr 2023 15:04:25 GMT
server: cloudflare
etag: "0740236cf9053e0d32a880b88ea9e27c-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a47bdcba8ff2-FRA
x-amz-cf-id: FDeiJcsqrQxMJB64sCNUIgu9kdx_OdFiTxlRfy_lL1ExdytcXpbawA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 exit-promoter.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/ 21 KB
7 KB 118ms
115ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/exit-promoter.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e2b7ac1455764bddeff044a40d8828b3f96b6c57e5240836f536e5911ee866a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: TRDXVJBhWnBiMTa1smVnHtXieXtTtLk.
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:23 GMT
server: cloudflare
etag: W/"a8c9d963f1f3847fe844dc4c6ed1d2c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47bdcc18ff2-FRA
x-amz-cf-id: mD4CYZkUYoCKH0PB-SHcVeHG3_5IRtb68gI81PMYMkN7Rv_mUEKeng==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 theme-scripts.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 201 KB
66 KB 62ms
58ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/theme-scripts.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdb62033bfafd3a7231992ba900f922549ec78f474defd5088b808730c39ce21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: uImzb7jY7amuoDu7fHGsapIjFsXliAiT
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:23 GMT
server: cloudflare
etag: W/"9ebfbf2c07216eb15b1cb43abf8d118a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47beccc8ff2-FRA
x-amz-cf-id: 7FFY_D8ZFhBO52ooiePKNo05fVB_39nGNIxAlCyl4CAnmgL-B8H9bA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 footer-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 22 KB
8 KB 66ms
62ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67526852b622581af6d73b3990538facaf3a49c7e7ab24b6af1c696fb1463767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: mlCJ2yDwpd7CGY0No84acbrasfcNDLCD
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:21 GMT
server: cloudflare
etag: W/"f224701e8255d99466aa356e2e87d065"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47beccd8ff2-FRA
x-amz-cf-id: Z0SB9RU6-fptzVMGZ_wia6zuS_7jCs2-BpkBpl3gdZLPZbID3IEWOA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 addsearch-ui.min.js Show response
cdn.addsearch.com/v5/ 301 KB
80 KB 198ms
47ms Script
application/javascript 2600:9000:2156:fc00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04ed8e8eff616f08c8b425150bf1f1b0b12482a9806f97c8f27deffeb844b27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:28:26 GMT
content-encoding: gzip
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 07:43:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 64526
x-amz-server-side-encryption: AES256
etag: W/"d9e6037eabd176915fd299e312d7621e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: f6NtqKxA4FwHIgEAIOLFfnS4SW1ib0_R3m78pearWyYCJ0jW5cCBsA==

GET
H2 200 blog-category-sidebar.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 67ms
64ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea01987f1b76dfc2985483ac05bc1eaa38dc8e1e83fa23882a481d007c4ed11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 7_zTl_qfpYNGfT.0yeLJImg_WE0pOZDD
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:21 GMT
server: cloudflare
etag: W/"e5d5ec756dbb81740a60d1f33f60e53d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47becce8ff2-FRA
x-amz-cf-id: HnUpnVY519t2NcoAE_J5EWrtjC8A71aKgFXdZCqS1cIxsuQHfFmEqA==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 blog-categories.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 98ms
95ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-categories.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a293b52c1398944f36b9c3d1af9c735c333f37474bf669937e1f99dd3ab9d1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: M8C0WNYCU1oTHOqcipevs6hxZ9aX2KeP
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:21 GMT
server: cloudflare
etag: W/"eb7c83b364f7a171a07fe2ffd1d63147"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47becd88ff2-FRA
x-amz-cf-id: I6QwZ3FxO3QptLHqgBX5cd5e1V-xTiemYeH7EmA2CzCydxu6PTG-iw==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 blog-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 7 KB
3 KB 73ms
70ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2680f84a70dbda78935d04211a3909efeb0514c9556bca7e02da51f2a8cccb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: mHjpEfoEB__qEC5RfDR65VsqZX5VUSoW
age: 2938
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:21 GMT
server: cloudflare
etag: W/"1bba48fa4d674c117a07dd675db3be40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47becdb8ff2-FRA
x-amz-cf-id: s18MHJlJL3IuAMYH6iY_Tdw5X0Vdbnopcxkl98iML_k9kHXQ-iErTQ==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 fetch-inject.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 1 KB
921 B 68ms
65ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/fetch-inject.js?ver=1691092551

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: uLSJlk4rDx9zc1tPRLm3e8rc2eHx6zQ_
age: 2938
x-amz-cf-pop: FRA56-P3
cf-polished: origSize=1343
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:22 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e80eef79b8a9c769c9fe24903f880fb5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a47becdc8ff2-FRA
x-amz-cf-id: je1gVM4zR3yOtbkeC57pMUlj7SNOlpMMD_fgKMMSSLfvWJfdxYrKHg==
expires: Wed, 23 Aug 2023 14:23:51 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 58 KB
9 KB 62ms
59ms Script
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/OtAutoBlock.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63bf01eb9c526436e112dac238827fe17a752fc80b34ba3934ec092778497876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51473
content-md5: ArpAkXa9oQKiejC8E9GJWg==
content-length: 9635
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:22 GMT
server: cloudflare
etag: 0x8DAFE4ED8DFCC04
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6651b140-201e-0005-35e1-5a2c99000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47bee5f9a1b-FRA
expires: Thu, 24 Aug 2023 10:23:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 16E8 172 KB
63 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32242ae8477b7217f73c423cbabc02a727c281ebb219c67edd36c96a1695200b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64841
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 RCd4a8da803122457eb6df6cf216d28fc4-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/ 2 KB
1 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/RCd4a8da803122457eb6df6cf216d28fc4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f65ed8b79dbab445487a2a2a23eccf6e96da66d63cbc87b1ec79b8aaeca43da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:01 GMT
server: AkamaiNetStorage
etag: "f0541a5771c3c005e0c75670db556fc8:1692712801.244579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 878
expires: Wed, 23 Aug 2023 11:23:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 16E8 337 KB
100 KB 80ms
80ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5V5LPNC

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4bf39ecb1d2d8d04e00d2eb6ddfafb8201fe5f9634ccba5f8f4dd888718cea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102242
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 bee15b7c-b632-450e-9003-9c8b60b3b978.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ Frame 16E8 4 KB
2 KB 147ms
66ms XHR
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/bee15b7c-b632-450e-9003-9c8b60b3b978.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce875796d4d6e5681b090c6b31f2e89e76e39f853e4fe2dd00dcee0f0db35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17132
content-md5: kxITjUQMLWKvbMKn1ZxSlA==
content-length: 1689
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:21 GMT
server: cloudflare
etag: 0x8DAFE4ED810DB59
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e4da3f1c-001e-0091-6ee1-5a4c57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47ce8ad1c13-FRA
expires: Thu, 24 Aug 2023 10:23:51 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 16E8 993 B
520 B 59ms
58ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 16E8 453 KB
183 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69ba2bef028b6acd54b29b0e23ea6e1cb2ca8a553d1350f4b1ed2143850e937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/
Origin: https://go.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186847
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 09:59:04 GMT

GET
H2 200 RC6d6f42081a154a5d8562e114bceace58-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/ 376 B
505 B 50ms
50ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/RC6d6f42081a154a5d8562e114bceace58-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aca6f4a300cc95ccbc25d0f58a78322528373293311037eae0edff4ec53e27e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:01 GMT
server: AkamaiNetStorage
etag: "f0541a5771c3c005e0c75670db556fc8:1692712801.244579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 246
expires: Wed, 23 Aug 2023 11:23:51 GMT

GET
H2 200 RCc9e993aecb03421e94969c659f736031-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/ 2 KB
1 KB 44ms
44ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/RCc9e993aecb03421e94969c659f736031-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2691d7f18701228d86a01646cb1f3a2ded104e2d1a95776b78648bf3be636fd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:01 GMT
server: AkamaiNetStorage
etag: "f0541a5771c3c005e0c75670db556fc8:1692712801.244579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1071
expires: Wed, 23 Aug 2023 11:23:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 16E8 249 KB
83 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKTET1D58V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97e9e03b99777fdd22e610f5a04c0586923eeff678072b71487522fec6f9ef18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 16E8 203 KB
73 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-797629828&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01905de1d3dadd0f90761fd95f7955308aa7397ac52d5deae4e54a803e5be4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74504
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 10:23:51 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/ Frame 16E8 209 KB
65 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66086
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Aug 2024 09:20:18 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 16E8 59 B
304 B 149ms
64ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://go.crowdstrike.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7fb2a47defd318cb-FRA
access-control-allow-headers: Content-Type

GET
H2 200 6si.min.js Show response
j.6sc.co/ 48 KB
14 KB 200ms
40ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jul 2023 16:27:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64b9605e-bf6f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14190
expires: Wed, 23 Aug 2023 10:23:52 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ Frame 16E8 395 KB
94 KB 51ms
51ms Script
application/javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 59358
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2d40d1e3-301e-0137-62e1-5a321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47e59219a1b-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/ Frame 16E8 202 KB
36 KB 58ms
57ms Fetch
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1020f9ea3c68809ea44b991f0ac679b8e3bc1f650820ab789198a3ce393039d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 79625
content-md5: bHNz9OfnPqGWpV0XFiqpAw==
content-length: 36253
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:26 GMT
server: cloudflare
etag: 0x8DAFE4EDB0DC9B3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5c640566-c01e-016d-33e1-5a349d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47efbac1c13-FRA
expires: Thu, 24 Aug 2023 10:23:52 GMT

GET
H2 200 getForm Show response
281-obq-266.mktoweb.com/index.php/form/ Frame 16E8 40 KB
8 KB 112ms
112ms Script
application/javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://281-obq-266.mktoweb.com/index.php/form/getForm?munchkinId=281-OBQ-266&form=4551&url=https%3A%2F%2Fgo.crowdstrike.com%2FWF-Trial-to-Pay_LP-Registration-Footer.html&callback=jQuery11240940044679857206_1692786232156&_=1692786232157
Requested by: Host: 281-obq-266.mktoweb.com
URL: https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e5d234b08c174692b046c8f3db39d27a0c21d6b9c2ce9daaca11d83d6cbf72f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7fb2a47f3fae91e3-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 RCa126bb6d8fd0424eb3d412b88a33fef2-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 2 KB
1 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RCa126bb6d8fd0424eb3d412b88a33fef2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 966419b26d12fdcc699874f44237e43aa269bff4190a4800b45c132f861bb5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 930
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ Frame 16E8 13 KB
3 KB 51ms
50ms Fetch
application/json 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 12057
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5d4c9370-b01e-0162-3ce1-5ad96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47f9cbb1c13-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ Frame 16E8 62 KB
13 KB 51ms
50ms Fetch
application/json 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5x5OTvRos5JBKPa+Qbpqxg==
age: 17125
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148668308060
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58a84747-501e-012c-05e1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a47f9cbc1c13-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ Frame 16E8 21 KB
4 KB 50ms
49ms Fetch
text/css 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 11040
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ee38e6f9-a01e-003d-23e1-5a6dc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a47f9cbe1c13-FRA

GET
H2 200 RC0ca8c7a21a1645e49e1c4f578e0c73b7-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 2 KB
1 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RC0ca8c7a21a1645e49e1c4f578e0c73b7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c31f2d4bcd12d5631744d65b8574625b93da95966c645fc8f957dfa74ff5e10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1025
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 RC32f93dcf92ef4ac6b5ae994fc1d7ab21-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 376 B
503 B 40ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RC32f93dcf92ef4ac6b5ae994fc1d7ab21-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7e808c2a2579dcb3b0e4bf8886c855f349924aed9c25ec41ac271ad58483aa05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 245
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 RC6d305181dfc942e49631661fb2945f7e-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 756 B
624 B 40ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RC6d305181dfc942e49631661fb2945f7e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b41c2a47423bbc0e667c64f546f00bbbf8c362c27ffc1addca80892ea6f766ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 366
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ Frame 16E8 497 B
493 B 53ms
53ms Fetch
image/svg+xml 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 8513
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 66ee7e49-801e-007c-39db-d4177c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a4800d781c13-FRA

GET
H2 200 CS_Logos_2020_InlineRed_b.png
cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/ Frame 16E8 23 KB
24 KB 59ms
59ms Image
application/octet-stream 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/CS_Logos_2020_InlineRed_b.png

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QB/VUZMYBu/LYPsEI/xs+w==
age: 1666
content-length: 24007
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 19:10:59 GMT
server: cloudflare
etag: 0x8D82DA9CDE4D646
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 26f7a48a-f01e-0103-5ae1-5a9db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4801b679a1b-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ Frame 16E8 5 KB
2 KB 52ms
52ms Image
image/svg+xml 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 57047
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 051cfcad-a01e-0019-445a-d4b938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a4801b6b9a1b-FRA

GET
H2 200 forms2.css
281-obq-266.mktoweb.com/js/forms2/css/ Frame 16E8 13 KB
3 KB 62ms
62ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://281-obq-266.mktoweb.com/js/forms2/css/forms2.css

Requested by

Host: 281-obq-266.mktoweb.com
URL: https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 2232
etag: "4406f3-3437-60062cdee3780"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a480294791e3-FRA
content-length: 2623
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 forms2-theme-plain.css
281-obq-266.mktoweb.com/js/forms2/css/ Frame 16E8 828 B
334 B 63ms
63ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://281-obq-266.mktoweb.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: 281-obq-266.mktoweb.com
URL: https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 1339
etag: "611ed-33c-60062cdee3780"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a480294991e3-FRA
content-length: 246
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 RC5163c68c0c92416997c204443766b48e-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 578 B
597 B 40ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RC5163c68c0c92416997c204443766b48e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2c13993dd6eebb3796aecd272da298b0c6555d2b391bdf01e5dd3025344500c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 339
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 RC8de780f02ed7489ea63027c24b833a79-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/ 571 B
596 B 41ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/RC8de780f02ed7489ea63027c24b833a79-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c59cd9c9198a327ba2702f187a5045dd981a0c6b6601483058ecd1b4498337f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:01 GMT
server: AkamaiNetStorage
etag: "f0541a5771c3c005e0c75670db556fc8:1692712801.244579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 337
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 49ms
48ms Script
application/javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 64195
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:10:59 GMT
server: cloudflare
etag: 0x8DBA269973EC8AB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd67f6c-c01e-006d-2268-d48dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4808bfc9a1b-FRA

GET
H2 200 categories-all-info.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 1 KB
647 B 61ms
59ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/categories-all-info.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa549dd02b152d5ca58c6e4e788851598e4d0bb20cec101d2721473dd327dc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: oAPGdX_Gp_JOF2IDnlDi65F73VJqJlg4
age: 1328
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:19:00 GMT
server: cloudflare
etag: W/"b4c5879ccb3c4433133b6d045ca1ee59-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad0d8ff2-FRA
x-amz-cf-id: AQGqmCCoeOle1zyldpMlElFnZJkVqEhyXnMDQKqDpdJ14gam2E8YwA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 603 B
463 B 70ms
68ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: b1Vd0hbNbBnGeIrQ2mbNwib4_YjRVMQK
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:18:59 GMT
server: cloudflare
etag: W/"1ab362e649416281cf128a90f1d089b7-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad118ff2-FRA
x-amz-cf-id: F5pAL1nhbpgrVzqansyYoh-9TJM7gBsTiDm9L2r4iJpVfxhTxrr-eA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 sidebar-free-trail.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 159 B
474 B 62ms
60ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-free-trail.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: hzDYqqFJkcOKBoD.C6gLvkJJiA_9x6MW
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"df1b037e9cbf2d8045e53137b1055ebe"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad138ff2-FRA
x-amz-cf-id: CD_Y1R0VDc2rk0gjCZVwbc1MjomqHnWDkW3xWqJOJC9zw7kagvtvww==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 sidebar-featured-articles.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 4 KB
2 KB 64ms
62ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/sidebar-featured-articles.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e864fe72f22a60dfb70f80ad5a8343a56434d6474e7d686a122eac55cc0800df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: X035nqVsiPHEjnM3_lEz_Ch5dXO1Jp0t
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:19:01 GMT
server: cloudflare
etag: W/"edda2a474e0ccb8f755cdaae9d156eea-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad158ff2-FRA
x-amz-cf-id: N6gJEThMWktALQjVEFLfyLq-IVptfEF59WqIyQDIM1gYrlVyB90zaQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 sidebar-subscribe.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 178 B
366 B 66ms
64ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-subscribe.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: g7M05T77sXkcddW5scfYOAoWYMHXBw3O
age: 1371
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"1fbd7b14b1667df99fa1837a82639ee7"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad168ff2-FRA
x-amz-cf-id: REqmpzJvuWEcbzpm7GhHy6D0qDryeVK4aKtsJGNFfmpdS_uOwJefPg==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 sidebar-demo.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 345 B
477 B 68ms
66ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-demo.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 5RgePR21ERvNQpVTODl0SpsGYQmD9.U7
age: 1371
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"4d636d45eeb8585ade6681163017cc09"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480ad188ff2-FRA
x-amz-cf-id: uWlsPjKYotXAiUJ4ObtZ2c14IxQ-Q_7CMX2PJ7ghJPXk5tuKIJe7vg==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 addsearch-ui.min.css
cdn.addsearch.com/v5/ 41 KB
6 KB 41ms
41ms Stylesheet
text/css 2600:9000:2156:fc00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.css
Requested by: Host: cdn.addsearch.com
URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70a0e53ed134bb5f21cc03d8ca3f0256e9f20fd09261bce0202443138f1c5a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:27:28 GMT
content-encoding: gzip
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 07:43:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 64585
etag: W/"2cb0d1502777a8df0d7a0584080fa87d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: zKMQcXuVE-MdZut6Y_h26atYy_C7qWIk7b8NitdlMEND_fEbBYBtew==

GET
H2 200 logo-red.svg
cdn.addsearch.com/v4/assets/ 4 KB
2 KB 40ms
40ms Image
image/svg+xml 2600:9000:2156:fc00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.addsearch.com/v4/assets/logo-red.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fc00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:36:48 GMT
content-encoding: gzip
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 06:28:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 67625
etag: W/"8c2b9e4242eb4f2a16941b1de3656f64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: WU52rrrzR-6YIORgS7J6vPomgtRbMzoPb65zf1b6K2pLu_BM1TajBA==

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 603 B
279 B 59ms
58ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: b1Vd0hbNbBnGeIrQ2mbNwib4_YjRVMQK
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:18:59 GMT
server: cloudflare
etag: W/"1ab362e649416281cf128a90f1d089b7-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a480dd6a8ff2-FRA
x-amz-cf-id: F5pAL1nhbpgrVzqansyYoh-9TJM7gBsTiDm9L2r4iJpVfxhTxrr-eA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 forms2.min.js Show response
go.crowdstrike.com/js/forms2/js/ 208 KB
69 KB 61ms
60ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/js/forms2.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 1384
etag: "4406b3-34099-60062cdee3780"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a480d87e1e64-FRA
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 marketo-forms.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 19 KB
7 KB 63ms
62ms Script
application/javascript 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/marketo-forms.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05070def1eb6bb302eba00dfd234aa8be740b9bc40373734636a416a2693ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: Bdv0v2NDWtqy0fneNtdZOxnlHe8nsUvZ
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:21 GMT
server: cloudflare
etag: W/"41a3646f23a8f89398a74256684e8f79"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fb2a480dd6c8ff2-FRA
x-amz-cf-id: 5zGIoZIaE4ufnysybXE-1L2btBusO4DgFpMVgQnIVqbTr1FynHL8rQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 blog-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/ 70 KB
6 KB 81ms
81ms XHR
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/blog-nav.json?ts=1692786240000

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f624eeb930979fa53f020a06a5db96d85aa53d9fd3f0f272eb33877efdc6d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2bb98457c96f801517f8d0d98344cd3c.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-version-id: XhTycbLPEATLIM8SecPisU1e7y8W9uv7
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:18:59 GMT
server: cloudflare
etag: W/"c578f32da78f7dc44381bc83cf3f64fb-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a4810dfd8ff2-FRA
x-amz-cf-id: xGdk2jSH5n5qORb_QSmwjmHZMZ0Y93q2VksFMiLHlDX0CmKaOf3DCQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
575 B 128ms
38ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 10:23:52 GMT
an-x-request-uuid: 759d77ec-06f6-45e9-9b76-9735cba3e9e4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.crowdstrike.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 40ms
39ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
312 B 214ms
42ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8912320737e38147499c4a1e19c30ca5ba1bdc092378f86d6d18952ec1f61bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 10:23:52 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::3
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692786232575_388391911_437249663_25_1505_38_81_219";dur=1
content-length: 19
expires: Wed, 23 Aug 2023 10:23:52 GMT

GET
H2 200 XDFrame Show response
281-obq-266.mktoweb.com/index.php/form/ Frame F0D8 2 KB
878 B 157ms
157ms Document
text/html 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://281-obq-266.mktoweb.com/index.php/form/XDFrame

Requested by

Host: 281-obq-266.mktoweb.com
URL: https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52f72d755ffae57fde9a6fde7f42184f05c315887a57e592353d25acc83a569e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7fb2a4811aa191e3-FRA
content-encoding: gzip
content-length: 659
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 10:23:52 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 bee15b7c-b632-450e-9003-9c8b60b3b978.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 4 KB
2 KB 58ms
58ms XHR
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/bee15b7c-b632-450e-9003-9c8b60b3b978.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce875796d4d6e5681b090c6b31f2e89e76e39f853e4fe2dd00dcee0f0db35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 49927
content-md5: kxITjUQMLWKvbMKn1ZxSlA==
content-length: 1689
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:21 GMT
server: cloudflare
etag: 0x8DAFE4ED810DB59
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 391b886e-201e-014e-2ae1-5a5b56000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4812f561c13-FRA
expires: Thu, 24 Aug 2023 10:23:52 GMT

GET
H2 200 CS_Free_Trial_blog_300x600_final.jpg
www.crowdstrike.com/wp-content/uploads/2021/07/ 34 KB
34 KB 59ms
59ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/CS_Free_Trial_blog_300x600_final.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04466026773f10391f6d0d84d702b9eef45db6438822b4edcd931cf5cc89d2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: rk8xNE1FWbyr1A9HtsMvLXXQLX8pmct.
age: 5745
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=105065
x-cache: Hit from cloudfront
content-length: 34443
last-modified: Wed, 26 Jul 2023 16:05:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "11edcc35473c47fabaa1e19b2f186d08-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a4812e528ff2-FRA
x-amz-cf-id: 1bQTwZrnO6-KWwkK-mHgqSJM3BhESYfI1B5wnKQtm1DoObybwD2iIw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 red-falcon.svg
www.crowdstrike.com/wp-content/uploads/2021/07/ 4 KB
2 KB 61ms
60ms Image
image/svg+xml 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/red-falcon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: TcFqfoqw60gqGStaXtVlISxjk.DdUyRi
age: 5745
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jul 2023 19:37:50 GMT
server: cloudflare
etag: W/"2c1e9eeb3990af43e758701889df354a-1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7fb2a4813e698ff2-FRA
x-amz-cf-id: eaea0OlOgmw17G471gao2bSzYY-3NfRn30A1RRw75BIktEI5iMyaUw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 itcavantgardepro-xlt-webfont.woff
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/ 26 KB
26 KB 61ms
60ms Font
font/woff 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/itcavantgardepro-xlt-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1691092551
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: GQCCfEgwheoIVhGGmrcwwoe8f.C.WAw1
age: 2939
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
content-length: 26532
last-modified: Tue, 22 Aug 2023 20:26:55 GMT
server: cloudflare
etag: "97e5d80225ecf45f6488b9f660ecfd8c"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a4813e6c8ff2-FRA
x-amz-cf-id: Xoenp_ssGrV3LhxqniEKiuJa20OG4swwlPXfFQBN72_xjA3tmmE47w==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 footer-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 3 KB
806 B 59ms
59ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0ac6217c9cdd6234748c0b9e44972526ba2edbab6c878c3d09501fda0d9881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: Y6omyndMKyLUR6B4R5AcppKNBAUNOZnw
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:18:58 GMT
server: cloudflare
etag: W/"a5137e8d7a83da2cd3be8195d319dede-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a4813e798ff2-FRA
x-amz-cf-id: UJBKGxS2jSH9ahnyNAao4rGKVSxjQTnnnOATLlLbEZZQcjKLpPwiIQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
138 B 70ms
69ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.crowdstrike.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7fb2a4819e4818cb-FRA
access-control-allow-headers: Content-Type

GET
H2 200 AU-Podcast_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/07/ 212 KB
212 KB 69ms
68ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/07/AU-Podcast_Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5350ff07a73190d995c9851a8ff2bde8694463918618c8b001127053e92ca5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: r1scemVNyXZ19iRmK17rFq_zv4EEf9mC
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=634812
x-cache: Hit from cloudfront
content-length: 216917
last-modified: Mon, 14 Aug 2023 18:03:53 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "eb697339b53801c202d24f9e7f30b6ac-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a4819f408ff2-FRA
x-amz-cf-id: 4Ql5DODvGn-3jkH8KnqmcZKtv3tGXI8cU10e5LlljAGXpu2NB-JzhA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 mapping-it-out-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/02/ 109 KB
110 KB 66ms
65ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/02/mapping-it-out-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057cf64e13a70d98b7ad8f18487273135e4bb1f5083088f3f58bdf345c197620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: CF06vRsCBQFECURRG._anuJduA.h7mdg
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=321647
x-cache: Hit from cloudfront
content-length: 111753
last-modified: Wed, 09 Aug 2023 21:11:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a1c9f1bfd248a5bf73316d1c50cf3cfe-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a4819f428ff2-FRA
x-amz-cf-id: Qy39R3ychrtmYIex1bjsblgFusSsvQRjlNxOfAEyme2MQ_DbWAXtgA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 RedLogoCS.svg
www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/ 6 KB
2 KB 71ms
65ms Image
image/svg+xml 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/RedLogoCS.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: _9V5z7bzTR.oSPCDTZnulkBi6tSXCABM
age: 6688
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 20:27:10 GMT
server: cloudflare
etag: W/"81ee08b1302889572e1a229ba2a2029b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7fb2a481af518ff2-FRA
x-amz-cf-id: UQlSy66mX_ltHXgy1n3yiwsi0neReEflcVPJhVHuGZcESZ9X73tlJQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog_1060x698-3.jpeg
www.crowdstrike.com/wp-content/uploads/2022/12/ 193 KB
194 KB 76ms
70ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/12/Blog_1060x698-3.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b753594ff7e815b6bef74092861f26eb873ce93687e6f5f6253214b63da67ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: CATfCOz.xKHYphb.H.G9u9eSSSrClo.z
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=604748
x-cache: Hit from cloudfront
content-length: 197885
last-modified: Thu, 20 Jul 2023 15:39:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "42320077f55efadcbcfcbc46e7069e62-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af548ff2-FRA
x-amz-cf-id: rPAZ5nwsQrO0P_mWQ36dGFU5Ib12gzsFHdmUDI2g2GZ1X9nmnOii_w==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0622_02_RSA-Day3_MikeS_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/08/ 32 KB
33 KB 71ms
65ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/08/0622_02_RSA-Day3_MikeS_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7494acacc3ef4407e7d32c274672253a455eba290e1e6ae2ceb7aa9c305da292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: xDv5UFeRGAt0dMUeEDdLEwNn8ssi3UTm
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=39227
x-cache: Hit from cloudfront
content-length: 33256
last-modified: Mon, 07 Aug 2023 23:57:19 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3aff7b67d31134321caa5cca8b8a49ed-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af568ff2-FRA
x-amz-cf-id: IM-nw-FieHgJt05LhWavA9Wnjzz141ellG8pQM1rDOVX_0tdsOXmIw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 patch-tuesday-blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 140 KB
141 KB 71ms
64ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/patch-tuesday-blog-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881496d42cddfd02cec1c1e080f9033abe22410c2861f8214e9ce48d9efeef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: bwNgTMU3eskOH8FlcJvRrrQVpZwnB8Ag
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=495754
x-cache: Hit from cloudfront
content-length: 143500
last-modified: Tue, 22 Aug 2023 21:18:27 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "df577bf5632bbf7292f6d8566acc8c38-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af588ff2-FRA
x-amz-cf-id: G7EvK0-XgTd-rfynKnN83PlEbMSCMjKi8c78xOANMhhoBJwNszZ_eA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 IR-Video-Blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2019/12/ 14 KB
14 KB 75ms
69ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/12/IR-Video-Blog-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: FSNIdF8CVVHTE6acQqnEZJh8Pm4UlDXN
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=60108
x-cache: Hit from cloudfront
content-length: 14351
last-modified: Tue, 11 Jul 2023 13:42:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "96e7d13e7744d7a668c204a2d141f878-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af5a8ff2-FRA
x-amz-cf-id: lpyv_gjArZyhYD7dwIwQAmQI33y0K5Qv5NsD52B3PNdfI0iL63eYYw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog-Image-CredTheft-Demo-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 96 KB
96 KB 75ms
70ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-CredTheft-Demo-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d220e0244517475dfe10f437bf2226a28eca7378c4b8fafa914a01174776cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: iMGtZ12dDgxsJhlmM046vdcng70ZbGf_
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 98080
last-modified: Tue, 11 Jul 2023 13:42:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f73ac3e06cb6538eadd78182243a04b7-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af5c8ff2-FRA
x-amz-cf-id: Z1weg8EvXt4kdanDl8MDlvsjej3JKJTmilpwjIJQZfjapi6pPXtSYA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog-Image-Priv-Esca-Demo2-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 73 KB
74 KB 83ms
77ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-Priv-Esca-Demo2-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35507d68c9460b1bc5526d5a64fa382b04ea0c9da24b87a9bec7c6fd30bc55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Iw15lE9OpS4V8Nkf7rEUZp2uHTTfTWMy
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 75011
last-modified: Tue, 11 Jul 2023 13:42:33 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0e7785cd57282d63d5e8212ec20d14ee-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af5d8ff2-FRA
x-amz-cf-id: SMUDbDVC3xOgrSTZYssAkkfTNqnl45T8ASQtxHJQPotjUuR5p5wEww==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog-Image-Delivery-Demo2-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 75 KB
75 KB 69ms
64ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-Delivery-Demo2-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c572f7e6cda5feec58f66e79f96df91cfd83f6981d7d1f2958137b98ebf499cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: gIsCw5sgE7fxh0dDhUuCzSEo7IP81XF8
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 76455
last-modified: Thu, 20 Oct 2022 18:02:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "4e65fb1433a46d01ecf24e6e633cc562-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af608ff2-FRA
x-amz-cf-id: 3XIFOcCmXsDemkWLhnz7yKmWdS-EnqIOusX8JN0PRVDKRPyoZNwjNw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0222_03_Falcon_Platform_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/02/ 23 KB
23 KB 74ms
69ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/02/0222_03_Falcon_Platform_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4909664b2cd227fc85ce6fd9d530ec41bef8528f31af916ba9ed95a2cb230823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Zh7a81jTF.nZCNIDcSEfVyerdYygeDmP
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=96931
x-cache: Hit from cloudfront
content-length: 23201
last-modified: Wed, 16 Aug 2023 19:07:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a8826c5d8fe6f92d156adfc33de6387d-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af618ff2-FRA
x-amz-cf-id: yb5f2bZhT9dDl5jtqBnG4Eel3IHRN12WQO3EnrTE9Mi46aNPeaEjYA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 SHAP-main-image.jpeg
www.crowdstrike.com/wp-content/uploads/2023/06/ 131 KB
131 KB 70ms
65ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/06/SHAP-main-image.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba6ab0c793b331bc39382078cbab7e880e9870081944e737f43f98f1620c8ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: V9wfLseANDTDActDIUiWZ14xC1YxY9Bq
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=383240
x-cache: Hit from cloudfront
content-length: 133731
last-modified: Thu, 20 Jul 2023 12:13:18 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7bdc1901e4afee70861b5dad8e58c104-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af628ff2-FRA
x-amz-cf-id: f_KKb_yRK6BIEbCmQgpc4zlWgb04uX_H8iyl7fJsmBGTjvttxJgkBQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 238 KB
238 KB 91ms
86ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f29a07393362e137bff04b09a37e147516c3fdf02b91707ba58e089a1bdd5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Lv3knnqGvcSEz8KMgWpYnoOjlOfy12.B
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=785736
x-cache: Hit from cloudfront
content-length: 243431
last-modified: Thu, 20 Jul 2023 12:13:20 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "835c2cdbf761438317f301267751fdc6-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af648ff2-FRA
x-amz-cf-id: pWYxELHhCvXh9Gg-CEngbkzNa3azHuEmdEr5-3jn1kwi8781xf1T9Q==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog_1060x698-1.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 131 KB
131 KB 75ms
70ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Blog_1060x698-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba6ab0c793b331bc39382078cbab7e880e9870081944e737f43f98f1620c8ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: vgaOcKg4GvdeQoXnemjUDzTLII.dl9H.
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=402309
x-cache: Hit from cloudfront
content-length: 133731
last-modified: Wed, 28 Jun 2023 16:28:04 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "aebd697880bd62df9665683ef166e6f4-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af658ff2-FRA
x-amz-cf-id: CkDvkiSgVA0IetOSyjvxs1pKr5AQx0USGQZekCt2NVWCM1KP2sTTcw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 23-SRV-013_Forrester-Wave_MDR_2023_Blog_1060x698_V1.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 52 KB
53 KB 82ms
77ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/23-SRV-013_Forrester-Wave_MDR_2023_Blog_1060x698_V1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fd61035104aaa35fe90d9fe8cb52aa5bff1c8685b5825862b3a75bc89a5470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: HqnocjCpllnk1AGF.7xrWnbtU03EY7Nu
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=159117
x-cache: Hit from cloudfront
content-length: 53445
last-modified: Tue, 15 Aug 2023 16:48:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "eab16fd8ba31c8b16cf6d42c7972d73c-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af678ff2-FRA
x-amz-cf-id: Z3JzxkYadNstmdeMai7GsLvqSxkmW_i7PQJRJoXTFFND5CKy2OuXjw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0323_08_Dell-CS-Announcement_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 62 KB
62 KB 94ms
90ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0323_08_Dell-CS-Announcement_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a55815dc047be3f82b6252009e55eff62081648e70caa6d8f74be56fcc0840e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: El6ZnqaPmdVR60QBqv6S0ZNKBjaDt748
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=261575
x-cache: Hit from cloudfront
content-length: 63323
last-modified: Fri, 04 Aug 2023 16:33:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "099afc3023f043e48e733a43d75c3fe1-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481af6a8ff2-FRA
x-amz-cf-id: hCjZjoEaYyWllcQQK-WqigaQooLhbQ71PD6cl-u3kmYh0SbEEsiQdA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 1122_12_GartnerMQ_3X_3-Years-Running_Blog_1060x698_Graph.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 86 KB
86 KB 115ms
110ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/1122_12_GartnerMQ_3X_3-Years-Running_Blog_1060x698_Graph.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed9223b2b3e3cf8c95cfc48a2be14a8a15a22b1d95e995af0606b4bb3419fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y9ZSxeHkq85p6ApyDKej3FoPqL9FZmvz
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=412828
x-cache: Hit from cloudfront
content-length: 88144
last-modified: Fri, 04 Aug 2023 16:33:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3947e0b00208421ec0a6cf803e641c64-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfd38ff2-FRA
x-amz-cf-id: ma2AsO0mgxO1xtPwp5bDr9HNKfTRIkogoJagNN0kmM1RnrC09_Vk4Q==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0223_04_GTR-2023_Blog_1060x698_ALT.jpg
www.crowdstrike.com/wp-content/uploads/2023/02/ 92 KB
92 KB 107ms
102ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0223_04_GTR-2023_Blog_1060x698_ALT.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d896c021c0a180ac06e8776a228d3f0e766061404f9990261fa04ac3fff1c91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: bbTO0TeDk8Wg4P2RMBltOlhkdYVhY2Dh
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=286402
x-cache: Hit from cloudfront
content-length: 94021
last-modified: Thu, 18 May 2023 14:10:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "02d222f86fa2971c296aaf34b061fb34-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfd48ff2-FRA
x-amz-cf-id: zS-xkqcON7FMPgNSxzGyRgqcSCB7TAz46KXjGv8bnocL0Mg6qvZBaQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 23-OTH-060_adversary-5-panda-china.png
www.crowdstrike.com/wp-content/uploads/2023/06/ 410 KB
411 KB 115ms
110ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/06/23-OTH-060_adversary-5-panda-china.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6f07e26ae7e95df3b138d21eb6ef322beda975eddf7d5dd88156c48004e6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y.g0BnHsrd2mx.JBT8pUFNBOdL5X8HhU
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: origSize=429520
x-cache: Hit from cloudfront
content-length: 420334
last-modified: Thu, 10 Aug 2023 11:34:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "595d23ef3dcb777f3f92bd3dc5ceb7f6-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfd68ff2-FRA
x-amz-cf-id: 0tnJgDYU-g9XdCv6RygUZXdRdU5iqeREoiSB1lv71QA1HQJY0A-16w==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog_1060x698-8.jpeg
www.crowdstrike.com/wp-content/uploads/2022/01/ 204 KB
204 KB 100ms
96ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/01/Blog_1060x698-8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d248cadd7c9d133a66cd2126b103fba268494b449dc54f486225e400a0453478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 52e9xSE30llqjjk5Zvv4aps0Q26_wfIQ
age: 1541
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=563870
x-cache: Hit from cloudfront
content-length: 208396
last-modified: Thu, 10 Aug 2023 11:34:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b805ca115d732c3d04ec3c6240312f93-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfd78ff2-FRA
x-amz-cf-id: z8fJTaYNa30v-18Jh68fxtYTiL6djd84ducD2qIKAsqEUECPnzICXw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0523_01_APAC-Cross-Boarder-Transfer-Systems_03.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 90 KB
90 KB 108ms
104ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/0523_01_APAC-Cross-Boarder-Transfer-Systems_03.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04727f699b52a1d71fb08c642b35b5352b4df1d961f1e06a84ade494c73c08b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: aTWrZkscLBaiwjwvx7V7B_CYxy.OL7IO
age: 1541
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=359254
x-cache: Hit from cloudfront
content-length: 92030
last-modified: Thu, 10 Aug 2023 11:34:54 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9f2548af0c4b0574886c5902cee76461-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfd88ff2-FRA
x-amz-cf-id: tZk8KeTP1gHnIDUvav4Cork3gu10jU8MkepOtPZ0bER7WwwStUyXRw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0423_01_ID-in-the-crosshairs_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 149 KB
150 KB 114ms
111ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/0423_01_ID-in-the-crosshairs_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19835b05e2879bafd44387fcd421b0b4611dc85899328260b363af1c4e3ac02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: JZkt6xqOkv40eohME3ckk5F9epJ_97ux
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=579266
x-cache: Hit from cloudfront
content-length: 153017
last-modified: Thu, 20 Jul 2023 15:39:44 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "abf6ec08db430ec56b34e7a10539988e-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfdc8ff2-FRA
x-amz-cf-id: Xlb4IByW_MKkQ57NbHujua0rET3gU_aoOiLoHLy14hjO4KeN7djyHA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/03/ 74 KB
75 KB 114ms
110ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: IG4K9tATmi_rKYaO2qqNpSHDC0UAwqmt
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=297157
x-cache: Hit from cloudfront
content-length: 76202
last-modified: Tue, 15 Aug 2023 16:48:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5b883786664d9e0c17f1d61bef867c0f-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfde8ff2-FRA
x-amz-cf-id: DM6EglC0qf1ilUoxc-6AfFXrFYrHbOtuXm3zWRmEz8023MWWtHCLLg==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/11/ 265 KB
265 KB 119ms
115ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/11/XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5a20aea350274cc88cc79a153797c6b253aec6a77259467378f0ca2dc29203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: RXB56lJQQ6S_MwgVjOGMopQ7xruq6wi2
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=810899
x-cache: Hit from cloudfront
content-length: 270962
last-modified: Tue, 22 Aug 2023 14:32:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "566134bd7bd51455c57a56f0e2931258-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfdf8ff2-FRA
x-amz-cf-id: oPw-GrpwvN8XkPY5NW93R66EIbE5dLrc1hFspe6_kTEb6XC2SaVnVw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 CrowdStream_blog_revised.jpg
www.crowdstrike.com/wp-content/uploads/2023/04/ 69 KB
69 KB 114ms
111ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/04/CrowdStream_blog_revised.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3773ea74cc5f1470a837c7daa928ce5af1238b8ddc6f69b18f8b438ee32f254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: x758v.j2pevp8rlJdVdrgGfIbxMpQB_u
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=310636
x-cache: Hit from cloudfront
content-length: 70350
last-modified: Wed, 12 Jul 2023 18:10:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "205582dc663911cbc9a1840c19dd5695-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfe08ff2-FRA
x-amz-cf-id: fiBNeov1qxLoFCdp9VGzqQ54KbV6JhXJs1fYB7CPL0JgNP3tCWiSnQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/02/ 204 KB
204 KB 113ms
110ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: CRAFpkBoieUcMs4Dcd5_IYjvMnXZP3Z9
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=669828
x-cache: Hit from cloudfront
content-length: 208419
last-modified: Wed, 09 Aug 2023 18:19:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9d717ae48ec87b8cd6569613c6e3b3a0-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfe48ff2-FRA
x-amz-cf-id: Baa20AJPH_Ytr0b1ukBJ_NmJ59ZZNTuBuUfFs66caQj5CC6Vo2SMxA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 mentorships-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 242 KB
243 KB 119ms
116ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/mentorships-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b527f88908eeebbb1870931f8d3c110e7678486424d50343667336a335f33e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: PRN3t3ti5_uBio4uj8avo3RK8hccbWNR
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=958952
x-cache: Hit from cloudfront
content-length: 247770
last-modified: Tue, 06 Jun 2023 21:09:35 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e881929de4def2a5579a84a9e4f944ed-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfe88ff2-FRA
x-amz-cf-id: CdqFSLI3sDPn40tXwpBrgMCNFlJDaP2w6OTNgURzNel60q5mhOFsVQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog_FB_1200x630-1.jpg
www.crowdstrike.com/wp-content/uploads/2020/10/ 33 KB
33 KB 123ms
120ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2020/10/Blog_FB_1200x630-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205dcb7bbc168099a95944b3670fcaec5407412da2d2f6e129ea3faec0731ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: VyqPNgo5HN007h6kSHWDDopZgBnP6ecg
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=83414
x-cache: Hit from cloudfront
content-length: 33765
last-modified: Tue, 06 Jun 2023 21:09:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b1757e1dec848cde3ad547969daac9ae-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfeb8ff2-FRA
x-amz-cf-id: y5LNsoOtm8ynqaUuPpyNf4ezaib98mGPdHArrZtwXV_KoeO9n2jwIQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 womens-history-month-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 209 KB
209 KB 119ms
116ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/womens-history-month-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f094e6666e540aaa55a90812a019ea5ea34bd173ad2dc8ed1b4538b53fd68b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 14WVF2.OwbOH7EGNQhXNQWcZSxgHzaRv
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=736516
x-cache: Hit from cloudfront
content-length: 213646
last-modified: Tue, 06 Jun 2023 21:09:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b949171b18f4ba9e01b5204bdfd486ec-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfec8ff2-FRA
x-amz-cf-id: 1ttxqthE4di6KONPpKcMD-U5WEoz7W6wZzje0bhWZUcj47fLuotN3g==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0123_03_MLK-Day-2023_Blog_1060x698_V1.jpg
www.crowdstrike.com/wp-content/uploads/2023/01/ 62 KB
63 KB 118ms
116ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/01/0123_03_MLK-Day-2023_Blog_1060x698_V1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6925696138e919bcfc54d241d2e51017d3383293ea4cf5bd0b7b3932ada195ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: HfWvl5qeksh_QrIwbWyKt1oRM8SQYUy7
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=228171
x-cache: Hit from cloudfront
content-length: 63908
last-modified: Tue, 06 Jun 2023 21:09:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e00038a2fed4ae2e3bd05f8799efccd3-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfed8ff2-FRA
x-amz-cf-id: wBS-M5gU-Ryn3sP5pMLFjN1bnFoBLnnu3KcLHl7Bs5mYTv_0ev6tWQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Blog-1.jpeg
www.crowdstrike.com/wp-content/uploads/2021/12/ 27 KB
27 KB 118ms
115ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/12/Blog-1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6c1ed511a6160b35044d7c49e35e9b85da14be0164b3c40d5aa23c8ab027b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: _N14FJByGO7nrqMqmVysNFhK.hYE7BVW
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=100740
x-cache: Hit from cloudfront
content-length: 27622
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2d26935459e4c57e3485d38f612d2aa3-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfee8ff2-FRA
x-amz-cf-id: HHfl0g26q71nWAt54or7uqNAp-2bWk9GWzcnLVUu68GAvfe9EyjKrQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 CS_EY_Blog_1060x698_v2-1.jpeg
www.crowdstrike.com/wp-content/uploads/2021/05/ 85 KB
86 KB 113ms
111ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/05/CS_EY_Blog_1060x698_v2-1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58861e85bd3a7fd0aa7dd3b60eaf71ac79324dc48d6ec4bda8cd561eecc2234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Ko50gL_d99TA5H0.5K5BGipCvbIohHc9
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=375867
x-cache: Hit from cloudfront
content-length: 87525
last-modified: Thu, 29 Sep 2022 17:10:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2cac6448dd2f54f3691a5c9c58dcad10-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dfef8ff2-FRA
x-amz-cf-id: neSo834G5myXH5lI0IKkAtFPbCyfUqp77xjwuEFrKpK2RU465COSmw==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Go-Beyond-the-Perimeter-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 405 KB
406 KB 119ms
116ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/Go-Beyond-the-Perimeter-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e188efafb2df40e1f4bd4973d31d37ae32a41676bc9c43d008388ec1ea72e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 06E88jVhse7R5o7Y5ABM3Wm4oNqLJfPv
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=1167150
x-cache: Hit from cloudfront
content-length: 415208
last-modified: Mon, 30 Jan 2023 19:50:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5f2005763f57c0c0bc2719131824a0ad-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff08ff2-FRA
x-amz-cf-id: ReukP90ThTY98USVijHOzBfndyZfqRbCiY8Qx7-8tjiioxTPJmZt6A==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 TechCenter-2.jpg
www.crowdstrike.com/wp-content/uploads/2016/07/ 28 KB
28 KB 103ms
101ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2016/07/TechCenter-2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d7247f9a18889ae8a68fd56edaa202264826e284c725ce09964a71d1ee663e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: FCxkDzN5JNFcfoF_izA04IPV3GUHiXSw
age: 5744
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=111775
x-cache: Hit from cloudfront
content-length: 28432
last-modified: Wed, 26 Jul 2023 16:05:21 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3fb44700e9a9760adce14063cd8304dc-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff18ff2-FRA
x-amz-cf-id: HWYLwKm_n1DM6IvRruYBu9OHxAZlzFJ2BbOiUcn6Jj_vbEhZC-_zKQ==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Falcon-X-Recon-featured-image-1.jpg
www.crowdstrike.com/wp-content/uploads/2023/06/ 280 KB
281 KB 108ms
106ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/06/Falcon-X-Recon-featured-image-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77b68e97c7c808e6662e4dda77dd798831e80a592f9e175c68314cd9b74d704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: fuNXNJBynLFywgtM0UYHV9VzyeBoXU_D
age: 1541
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=922540
x-cache: Hit from cloudfront
content-length: 286658
last-modified: Thu, 10 Aug 2023 14:17:16 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5c526708a6ceb5e32f706df43adc4690-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff28ff2-FRA
x-amz-cf-id: TjyPwIjbkPm-csAcbYqkebh8p3aJJVyPI1hPyc75BPvyi6Rs6B32_w==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 hypervisor-blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/02/ 256 KB
256 KB 117ms
115ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/02/hypervisor-blog-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80160839d2be07e58711bb51ac2bdda7587c69659156f03beb2a030848f58239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: xQqY9QphEDelcs5toUEPDfGXm.6WuxaL
age: 1541
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=754753
x-cache: Hit from cloudfront
content-length: 261795
last-modified: Tue, 08 Aug 2023 13:24:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "91ccd691a6504382af7125725ace6c43-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff58ff2-FRA
x-amz-cf-id: MYpmNEMCAl-BgIPxx0dV79F_9PfkSCWb99DcPRWIVpb3IfnZKXCMug==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 Generic_Blogs_Intel_Alert_Adversary_1.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 262 KB
263 KB 136ms
134ms Image
image/png 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Generic_Blogs_Intel_Alert_Adversary_1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c13ffb83b6901a230087f2d6e2df300bc6281a8dc10e3b38bf5d43c7cea0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: NFL8yoAq6zOUjqahiANw03cjRL7tlAGX
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: origSize=286215
x-cache: Hit from cloudfront
content-length: 268292
last-modified: Wed, 09 Aug 2023 18:19:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "12efdd368b94e3deb4e4363c2f52c608-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff68ff2-FRA
x-amz-cf-id: W9o4Ww5-TPYIZFasMys0JGGAfy2_AK97PeHwh6JLZc1LV6AnqXHEsA==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 0323_06_Qakbot-Microsoft-One-Note_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/03/ 139 KB
139 KB 121ms
120ms Image
image/jpeg 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0323_06_Qakbot-Microsoft-One-Note_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf054374a9f4493435891f4b27dec42646853003bd0b3d3219fbc5862a59cc7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Bv32DNRy4oMQt0DuEYO3TA3gtLWp0bMQ
age: 6688
x-amz-cf-pop: FRA56-P3
cf-polished: degrade=85, origSize=623812
x-cache: Hit from cloudfront
content-length: 142314
last-modified: Tue, 27 Jun 2023 21:50:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5254cf2393c0729cba3f5072b50a45ea-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fb2a481dff78ff2-FRA
x-amz-cf-id: KzIE4i_VYEq3kbWiTjfPcCeu_3KG0YKkeTwMU-oa6wFqd-HvkrYS0g==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 footer-privacy-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 573 B
489 B 94ms
94ms Fetch
application/json 2606:4700::6810:f3e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-privacy-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1691092551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f3e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c31ebb91b4eaae6fd4c16d9abfc1982d35d119a3cee94f0856325ccbe2c6129d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/?utm_source=ref&utm_medium=ha_overview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: QS2FIgoAFJNhY_TjaC3mSEp2.HN11bVx
age: 1004
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
last-modified: Tue, 22 Aug 2023 21:18:58 GMT
server: cloudflare
etag: W/"0dafdafb9d7356baed7c5f1a577dc8c2-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 7fb2a481dff88ff2-FRA
x-amz-cf-id: Rbo51FWadaxcuxG5fJT5-Tjre2FxqiSdcDHEI-yzv9tg0dWuPYfGCg==
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 227ms
226ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=3becde98-3a70-4d80-8106-8adcb54b377f&session=1c817d09-ad00-4a6f-8a47-df4f91accb49&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2212b151d5b8d6b92a46cc0179565c5a619e148092%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22840a4ffa1a26e59267b6b28298d972e1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2023%20Aug%202023%2010%3A23%3A52%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CrowdStrike%20recently%20observed%20the%20use%20of%20a%20seemingly%20empty%20SFX%20archive%20as%20part%20of%20an%20interactive%20intrusion%20that%20has%20the%20potential%20to%20provide%20a%20persistent%20backdoor.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Self-Extracting%20Archives%2C%20Decoy%20Files%20and%20Their%20Hidden%20Payloads%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fself-extracting-archives-decoy-files-and-their-hidden-payloads%2F%3Futm_source%3Dref%26utm_medium%3Dha_overview&pageViewId=da164f07-d98b-4876-8ae2-46e50a18015a&an_uid=0&v=1.1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 726 B
575 B 355ms
121ms XHR
application/json 54.82.91.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.91.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-91-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e4467e5e450f09b28e5f90e57af82e92968e748e34cb0542a123035fa280cca5

Request headers

Referer: https://www.crowdstrike.com/
accept-language: de-DE,de;q=0.9
Authorization: Token 12b151d5b8d6b92a46cc0179565c5a619e148092
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-6s-CustomID: WebTag1.0 840a4ffa1a26e59267b6b28298d972e1

Response headers

date: Wed, 23 Aug 2023 10:23:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.crowdstrike.com
access-control-allow-credentials: true
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 375ms
118ms Preflight 54.82.91.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.91.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-91-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.crowdstrike.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.crowdstrike.com
access-control-max-age: 1800
date: Wed, 23 Aug 2023 10:23:52 GMT
server: nginx

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 51ms
50ms Script
application/javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 59358
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2d40d1e3-301e-0137-62e1-5a321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4820e679a1b-FRA

GET
H2 200 forms2.min.js Show response
281-obq-266.mktoweb.com/js/forms2/js/ Frame F0D8 208 KB
69 KB 63ms
62ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://281-obq-266.mktoweb.com/js/forms2/js/forms2.min.js

Requested by

Host: 281-obq-266.mktoweb.com
URL: https://281-obq-266.mktoweb.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://281-obq-266.mktoweb.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 18:50:22 GMT
server: cloudflare
age: 5295
etag: "417fb-34099-60062cdee3780"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7fb2a4822c4891e3-FRA
expires: Wed, 23 Aug 2023 14:23:52 GMT

GET
H2 200 RC2324354d8e6f497a8c4eb932bfd8bd57-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/ Frame 16E8 2 KB
1000 B 41ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/8afece08eca8/RC2324354d8e6f497a8c4eb932bfd8bd57-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/ab8a4467ef4c/launch-720e977888ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0eef5c8914238b57081195c9e24659e52cb30e0b4a5ee3893d0d35e3c94b1266

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 16:14:54 GMT
server: AkamaiNetStorage
etag: "5ea67c233ded07fe22ec28837e004fea:1692634494.210248"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://go.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 742
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 233ms
233ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=3becde98-3a70-4d80-8106-8adcb54b377f&session=1c817d09-ad00-4a6f-8a47-df4f91accb49&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A3%22%7D&isIframe=false&m=%7B%22description%22%3A%22CrowdStrike%20recently%20observed%20the%20use%20of%20a%20seemingly%20empty%20SFX%20archive%20as%20part%20of%20an%20interactive%20intrusion%20that%20has%20the%20potential%20to%20provide%20a%20persistent%20backdoor.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Self-Extracting%20Archives%2C%20Decoy%20Files%20and%20Their%20Hidden%20Payloads%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fself-extracting-archives-decoy-files-and-their-hidden-payloads%2F%3Futm_source%3Dref%26utm_medium%3Dha_overview&pageViewId=da164f07-d98b-4876-8ae2-46e50a18015a&an_uid=0&v=1.1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/ 202 KB
36 KB 64ms
63ms Fetch
application/x-javascript 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1020f9ea3c68809ea44b991f0ac679b8e3bc1f650820ab789198a3ce393039d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 70278
content-md5: bHNz9OfnPqGWpV0XFiqpAw==
content-length: 36253
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:26 GMT
server: cloudflare
etag: 0x8DAFE4EDB0DC9B3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 58a8502d-501e-012c-1ae1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a482893a1c13-FRA
expires: Thu, 24 Aug 2023 10:23:52 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 55ms
54ms Fetch
application/json 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 22928
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 522c887a-a01e-015f-1be1-5a6c4d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4832a421c13-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 62 KB
13 KB 50ms
50ms Fetch
application/json 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5x5OTvRos5JBKPa+Qbpqxg==
age: 1457
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148668308060
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58a84701-501e-012c-48e1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a4832a441c13-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 52ms
52ms Fetch
text/css 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 1109
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 37e42e60-201e-0145-4ee1-5a4322000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a4832a451c13-FRA

GET
H2 200 RC698dc8385de1411c824b73d0b3be0648-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/ 626 B
580 B 42ms
42ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/435f816e4f07/RC698dc8385de1411c824b73d0b3be0648-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f11359ef3439952412ce781365dc85df99321b879df93accec989a250e51c3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:52 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 14:00:01 GMT
server: AkamaiNetStorage
etag: "f0541a5771c3c005e0c75670db556fc8:1692712801.244579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 322
expires: Wed, 23 Aug 2023 11:23:52 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
478 B 52ms
52ms Image
image/svg+xml 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 714
x-ms-lease-status: unlocked
last-modified: Wed, 23 Aug 2023 03:26:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fd3c5e2c-001e-00a9-2d8f-d5f8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a48398519a1b-FRA

GET
H2 200 CS_Logos_2020_InlineRed_b.png
cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/ 23 KB
24 KB 51ms
51ms Image
application/octet-stream 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/CS_Logos_2020_InlineRed_b.png

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QB/VUZMYBu/LYPsEI/xs+w==
age: 1666
content-length: 24007
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 19:10:59 GMT
server: cloudflare
etag: 0x8D82DA9CDE4D646
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 26f7a48a-f01e-0103-5ae1-5a9db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb2a483a8609a1b-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 53ms
52ms Image
image/svg+xml 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 57047
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 051cfcad-a01e-0019-445a-d4b938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a483a8639a1b-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
437 B 49ms
49ms Fetch
image/svg+xml 2606:4700::6812:bada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bada , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 10:23:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 79160
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 004ffd90-b01e-0058-2adb-d4e1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb2a483aaed1c13-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 234ms
234ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:53 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 234ms
234ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:54 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 266ms
266ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:55 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 227ms
226ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:23:56 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.crowdstrike.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !SDAodYj8sESwQZKkCIQPm+cqSAXSEf4/f3ZZ0K93k0Y4KX2zHJbuSsDr9M6dqDEBsLN8HpYjXQrjKb4=
.go.crowdstrike.com/	1970-01-20 14:13:08	Name: __cf_bm Value: kseCpXCcJDu0JCZ8F_rMorBpNW.w5yYPuBzh8eGDVmQ-1692786231-0-ASHkAHVZq2w8Jx9kENbBi04PkKQvqxqOyGmKv+kGiBOAU4Uj3o18j2GTZJNZIMztezK/jtGrLjzPBnt+vLN4V7U=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XOBFgOCrC_M
.youtube.com/	1970-01-20 18:32:18	Name: VISITOR_INFO1_LIVE Value: pAmtUdiBuus
.crowdstrike.com/	1969-12-31 23:59:59	Name: _csUtms3 Value: %7B%22utm_source%22%3A%22ref%22%2C%22utm_medium%22%3A%22ha_overview%22%7D
.crowdstrike.com/	1970-01-20 16:22:42	Name: _gcl_au Value: 1.1.1694878556.1692786232
.281-obq-266.mktoweb.com/	1970-01-20 14:13:08	Name: __cf_bm Value: iSyUVXMQ7JdUmuNtwkP6AydKkZsHtatKtWIXQtuh7hc-1692786232-0-AUEGiJqNbPu/Ca1v8qCTHXQLvvI92ZhF6WPBj4n8XiUnRTAzcMBV9r7T993wSksWOrlPnMN5oo8VZdDMyFc1dWc=
www.crowdstrike.com/	1970-01-20 14:23:11	Name: _an_uid Value: 0
www.crowdstrike.com/	1970-01-20 23:49:06	Name: _gd_visitor Value: 3becde98-3a70-4d80-8106-8adcb54b377f
www.crowdstrike.com/	1970-01-20 14:13:20	Name: _gd_session Value: 1c817d09-ad00-4a6f-8a47-df4f91accb49
.crowdstrike.com/	1970-01-20 22:58:42	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Aug+23+2023+12%3A23%3A52+GMT%2B0200+(Central+European+Summer+Time)&version=202301.1.0&isIABGlobal=false&hosts=&consentId=5f6c5a01-6d06-466d-af59-0e10169dc7ab&interactionCount=0&landingPath=NotLandingPage&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&AwaitingReconsent=false
.6sc.co/	1970-01-20 23:49:06	Name: 6suuid Value: b8d017027558020038dee5647f030000f7182a00
www.crowdstrike.com/	1970-01-20 14:13:08	Name: _csRef Value: www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
go.crowdstrike.com/	1970-01-20 14:13:08	Name: _csRef Value: go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

281-obq-266.mktoweb.com
ajax.googleapis.com
assets.adobedtm.com
b.6sc.co
c.6sc.co
cdn.addsearch.com
cdn.cookielaw.org
epsilon.6sense.com
geolocation.onetrust.com
go.crowdstrike.com
ipv6.6sc.co
j.6sc.co
munchkin.marketo.net
p.typekit.net
secure.adnxs.com
use.fontawesome.com
use.typekit.net
www.crowdstrike.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.102.38.132
104.16.95.80
104.17.74.206
2600:9000:2156:fc00:a:de52:1580:93a1
2606:4700:4400::6812:2089
2606:4700::6810:f3e7
2606:4700::6812:bada
2606:4700:e0::ac40:670b
2a00:1450:4001:801::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a02:26f0:3500:16::215:148b
2a02:26f0:480:23::1726:62a7
2a02:26f0:480:99e::1e80
2a02:26f0:480:f::213:7ec6
37.252.171.85
54.82.91.175
95.101.111.184
011288ca9bc229a6ab4e57c010e04373efcb1c49e57e0edbcba9ef2723fcbfda
01905de1d3dadd0f90761fd95f7955308aa7397ac52d5deae4e54a803e5be4af
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
04466026773f10391f6d0d84d702b9eef45db6438822b4edcd931cf5cc89d2d2
04727f699b52a1d71fb08c642b35b5352b4df1d961f1e06a84ade494c73c08b0
04ed8e8eff616f08c8b425150bf1f1b0b12482a9806f97c8f27deffeb844b27d
05070def1eb6bb302eba00dfd234aa8be740b9bc40373734636a416a2693ecc8
057cf64e13a70d98b7ad8f18487273135e4bb1f5083088f3f58bdf345c197620
07c4140bcd77a711c9e67268dcfdb62ff8405ebd540f26a3a06c23485f6eab61
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1
0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6
0eef5c8914238b57081195c9e24659e52cb30e0b4a5ee3893d0d35e3c94b1266
0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38
0f5a20aea350274cc88cc79a153797c6b253aec6a77259467378f0ca2dc29203
0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b
1020f9ea3c68809ea44b991f0ac679b8e3bc1f650820ab789198a3ce393039d7
1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95
19835b05e2879bafd44387fcd421b0b4611dc85899328260b363af1c4e3ac02c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e2b7ac1455764bddeff044a40d8828b3f96b6c57e5240836f536e5911ee866a
1e5d234b08c174692b046c8f3db39d27a0c21d6b9c2ce9daaca11d83d6cbf72f
205dcb7bbc168099a95944b3670fcaec5407412da2d2f6e129ea3faec0731ee1
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2691d7f18701228d86a01646cb1f3a2ded104e2d1a95776b78648bf3be636fd5
2c13993dd6eebb3796aecd272da298b0c6555d2b391bdf01e5dd3025344500c8
2ed9223b2b3e3cf8c95cfc48a2be14a8a15a22b1d95e995af0606b4bb3419fb9
302c63800f372511b5c5981ce65f09ddc9926619a28ab7c8ebd23d0b120236a2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32242ae8477b7217f73c423cbabc02a727c281ebb219c67edd36c96a1695200b
35e5a3aaa72ef5e9c6fd17a1be42cf0ae714d1886111e9203bd9469425f0f3ab
36d220e0244517475dfe10f437bf2226a28eca7378c4b8fafa914a01174776cc
3e02470942d07648cc92bf3d0485bddd19d8ea9e6849b2b251bc2260956a17ed
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
47f5da88dcb49a135b8a6bf78740734b74bc6a8ac3df612c9141eafc9dc52ac1
4909664b2cd227fc85ce6fd9d530ec41bef8528f31af916ba9ed95a2cb230823
4f624eeb930979fa53f020a06a5db96d85aa53d9fd3f0f272eb33877efdc6d23
4f6f07e26ae7e95df3b138d21eb6ef322beda975eddf7d5dd88156c48004e6c3
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5
52c13ffb83b6901a230087f2d6e2df300bc6281a8dc10e3b38bf5d43c7cea0a6
52f72d755ffae57fde9a6fde7f42184f05c315887a57e592353d25acc83a569e
5350ff07a73190d995c9851a8ff2bde8694463918618c8b001127053e92ca5b4
54c6911feba6e3f29209aaa82a942ea38e8687be61bc2f1a564a676dcbc4ea36
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37
5f29a07393362e137bff04b09a37e147516c3fdf02b91707ba58e089a1bdd5b2
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62fd61035104aaa35fe90d9fe8cb52aa5bff1c8685b5825862b3a75bc89a5470
63bf01eb9c526436e112dac238827fe17a752fc80b34ba3934ec092778497876
67526852b622581af6d73b3990538facaf3a49c7e7ab24b6af1c696fb1463767
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6925696138e919bcfc54d241d2e51017d3383293ea4cf5bd0b7b3932ada195ea
6c0ac6217c9cdd6234748c0b9e44972526ba2edbab6c878c3d09501fda0d9881
6e188efafb2df40e1f4bd4973d31d37ae32a41676bc9c43d008388ec1ea72e1b
70a0e53ed134bb5f21cc03d8ca3f0256e9f20fd09261bce0202443138f1c5a7d
7494acacc3ef4407e7d32c274672253a455eba290e1e6ae2ceb7aa9c305da292
74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7
79a0d1ee23ff89e1e03b431fd6ed36fbf587939fe4b67434bf2a0d223ba90dde
7e808c2a2579dcb3b0e4bf8886c855f349924aed9c25ec41ac271ad58483aa05
7f094e6666e540aaa55a90812a019ea5ea34bd173ad2dc8ed1b4538b53fd68b3
80160839d2be07e58711bb51ac2bdda7587c69659156f03beb2a030848f58239
811aeff0824c021896e77ddff5450e44f8da8182ab100f2c3604ef25662d336c
881496d42cddfd02cec1c1e080f9033abe22410c2861f8214e9ce48d9efeef44
8912320737e38147499c4a1e19c30ca5ba1bdc092378f86d6d18952ec1f61bd7
8ce875796d4d6e5681b090c6b31f2e89e76e39f853e4fe2dd00dcee0f0db35cf
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
966419b26d12fdcc699874f44237e43aa269bff4190a4800b45c132f861bb5be
97e9e03b99777fdd22e610f5a04c0586923eeff678072b71487522fec6f9ef18
9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb
a0f9ad349100e22fc0f804bf2cd7295202370354e8b5b519b2a03468b3c7e67d
a293b52c1398944f36b9c3d1af9c735c333f37474bf669937e1f99dd3ab9d1c9
a55815dc047be3f82b6252009e55eff62081648e70caa6d8f74be56fcc0840e1
a69ba2bef028b6acd54b29b0e23ea6e1cb2ca8a553d1350f4b1ed2143850e937
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
aaf173c00687da3d4328c0a1593d764175af1cb6708fa79ca5febcdc5f7de161
aca6f4a300cc95ccbc25d0f58a78322528373293311037eae0edff4ec53e27e8
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24
b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db
b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730
b41c2a47423bbc0e667c64f546f00bbbf8c362c27ffc1addca80892ea6f766ce
b527f88908eeebbb1870931f8d3c110e7678486424d50343667336a335f33e28
b753594ff7e815b6bef74092861f26eb873ce93687e6f5f6253214b63da67ede
b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
ba6ab0c793b331bc39382078cbab7e880e9870081944e737f43f98f1620c8ffc
bbd5161d2c093bb6a9af95b7144ef620ce78622ea235eb3df1f6587a41ea3dc3
bdb62033bfafd3a7231992ba900f922549ec78f474defd5088b808730c39ce21
bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc
bf054374a9f4493435891f4b27dec42646853003bd0b3d3219fbc5862a59cc7d
c2a27f67646142dabf6aa023a556e5beda6ee2ffde499ffa43f4287e7db99827
c31ebb91b4eaae6fd4c16d9abfc1982d35d119a3cee94f0856325ccbe2c6129d
c31f2d4bcd12d5631744d65b8574625b93da95966c645fc8f957dfa74ff5e10e
c4bf39ecb1d2d8d04e00d2eb6ddfafb8201fe5f9634ccba5f8f4dd888718cea4
c572f7e6cda5feec58f66e79f96df91cfd83f6981d7d1f2958137b98ebf499cb
c59cd9c9198a327ba2702f187a5045dd981a0c6b6601483058ecd1b4498337f8
c77b68e97c7c808e6662e4dda77dd798831e80a592f9e175c68314cd9b74d704
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
cc6addb827a2a39237154916d2a692464bceb44dc7bd73e7cdeb7150181615b5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d248cadd7c9d133a66cd2126b103fba268494b449dc54f486225e400a0453478
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609
d896c021c0a180ac06e8776a228d3f0e766061404f9990261fa04ac3fff1c91d
d918dfd178470f1be12242960742fd20f811cf84c1beb90695770308a92cf017
db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0d7247f9a18889ae8a68fd56edaa202264826e284c725ce09964a71d1ee663e
e35507d68c9460b1bc5526d5a64fa382b04ea0c9da24b87a9bec7c6fd30bc55e
e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b
e3cb045c72b63d20fd9cdbff038a26d02e4829ca2196544c1439defd5118a27c
e4467e5e450f09b28e5f90e57af82e92968e748e34cb0542a123035fa280cca5
e5bb911d804e4d1f86f3ba3c7c91679115a598c6131b48d535e62d5fb4546b8e
e864fe72f22a60dfb70f80ad5a8343a56434d6474e7d686a122eac55cc0800df
e8e697ef2b43407b9149ac0a3fc681669cd26b35dadcba28005da205ba2255db
ea01987f1b76dfc2985483ac05bc1eaa38dc8e1e83fa23882a481d007c4ed11d
ed6c1ed511a6160b35044d7c49e35e9b85da14be0164b3c40d5aa23c8ab027b0
edb3e8a320b29a8fb84f12843eab8195826c4a74036b703d6d8972a7bbabed3c
eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0
f11359ef3439952412ce781365dc85df99321b879df93accec989a250e51c3db
f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424
f2680f84a70dbda78935d04211a3909efeb0514c9556bca7e02da51f2a8cccb9
f3773ea74cc5f1470a837c7daa928ce5af1238b8ddc6f69b18f8b438ee32f254
f58861e85bd3a7fd0aa7dd3b60eaf71ac79324dc48d6ec4bda8cd561eecc2234
f626a497cc987702885d0c7f95a969d5a44ff8011a5ad827120ab57dda53f4c2
f65ed8b79dbab445487a2a2a23eccf6e96da66d63cbc87b1ec79b8aaeca43da5
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c
fa549dd02b152d5ca58c6e4e788851598e4d0bb20cec101d2721473dd327dc42
fcc256d3c85d0761c5c792e4ac3c94644c5ee16fe5ceca1ef6cba132b937e83f
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.crowdstrike.com Open in urlscan Pro 2606:4700::6810:f3e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

100 %HTTPS

70 %IPv6

17 Domains

22 Subdomains

20 IPs

3 Countries

9303 kBTransfer

14083 kBSize

14 Cookies

15 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crowdstrike.com Open in urlscan Pro
2606:4700::6810:f3e7 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

22
Subdomains

20
IPs

3
Countries

9303 kB
Transfer

14083 kB
Size

14
Cookies

165 HTTP transactions
0 data transactions