www.crowdstrike.com Open in urlscan Pro
2606:4700::6812:9a09 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Submission: On October 16 via api (October 16th 2023, 7:49:33 am UTC) from RU — Scanned from DE

Summary HTTP 157 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 157 HTTP transactions. The main IP is 2606:4700::6812:9a09, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crowdstrike.com. The Cisco Umbrella rank of the primary domain is 142670.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 28th 2022. Valid for: a year.

This is the only time www.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 78	2606:4700::68... 2606:4700::6812:9a09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 22	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
4	93.184.221.26 93.184.221.26	15133 (EDGECAST) (EDGECAST)
7	2a02:26f0:480... 2a02:26f0:480:983::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:215... 2600:9000:2156:ac00:a:de52:1580:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.38.98.89 23.38.98.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:710... 2a02:26f0:7100::210:151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.157.171.95 35.157.171.95	16509 (AMAZON-02) (AMAZON-02)
4	184.73.67.37 184.73.67.37	14618 (AMAZON-AES) (AMAZON-AES)
157	19

78 2606:4700::6812:9a09 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.1.181 (United States) 3 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.221.26 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:983::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ac00:a:de52:1580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.38.98.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-89.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:151 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.171.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-171-95.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.73.67.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-67-37.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	crowdstrike.com 1 redirects www.crowdstrike.com — Cisco Umbrella Rank: 142670 go.crowdstrike.com — Cisco Umbrella Rank: 240319	7 MB
30	vidyard.com 3 redirects play.vidyard.com — Cisco Umbrella Rank: 13185 cdn.vidyard.com — Cisco Umbrella Rank: 22237 assets.vidyard.com — Cisco Umbrella Rank: 32004 raw.vidyard.com — Cisco Umbrella Rank: 32555	484 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	196 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 6581 c.6sc.co — Cisco Umbrella Rank: 9925 ipv6.6sc.co — Cisco Umbrella Rank: 6931 b.6sc.co — Cisco Umbrella Rank: 4494	20 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 468	108 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 560 p.typekit.net — Cisco Umbrella Rank: 722	73 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	281 KB
3	addsearch.com cdn.addsearch.com — Cisco Umbrella Rank: 222655	83 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	227 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10864	784 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	68 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	56 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	303 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 542	579 B
157	14

	Domain	Requested by
78	www.crowdstrike.com	1 redirects www.crowdstrike.com
12	cdn.cookielaw.org	www.crowdstrike.com cdn.cookielaw.org
11	assets.vidyard.com	play.vidyard.com assets.vidyard.com
11	play.vidyard.com	3 redirects www.crowdstrike.com play.vidyard.com assets.vidyard.com
7	b.6sc.co
7	assets.adobedtm.com	www.crowdstrike.com assets.adobedtm.com
4	raw.vidyard.com	assets.vidyard.com
4	use.typekit.net	www.crowdstrike.com use.typekit.net
4	cdn.vidyard.com	www.crowdstrike.com assets.vidyard.com
4	use.fontawesome.com	www.crowdstrike.com use.fontawesome.com
3	cdn.addsearch.com	www.crowdstrike.com cdn.addsearch.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	epsilon.6sense.com	j.6sc.co
2	www.youtube.com	assets.adobedtm.com www.youtube.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	go.crowdstrike.com	www.crowdstrike.com
1	j.6sc.co	assets.adobedtm.com
1	p.typekit.net	use.typekit.net
157	22

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
go.crowdstrike.com
www.reddit.com
falcon.crowdstrike.com
falcon.us-2.crowdstrike.com
falcon.laggar.gcw.crowdstrike.com
falcon.eu-1.crowdstrike.com
supportportal.crowdstrike.com
www.instagram.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
crowdstrike.com Cloudflare Inc ECC CA-3	`2022-12-28` - `2023-12-27`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
cdn.addsearch.com Amazon RSA 2048 M02	`2023-02-12` - `2024-03-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
go.crowdstrike.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Frame ID: 29F891042D57E3283388E9DC260DB5BE
Requests: 136 HTTP requests in this frame

Frame: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Frame ID: 3DC6B2F95DE4D00F15F5D44C4C37E37B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CrowdStrike Prevents 3CXDesktopApp Intrusion CampaignBack ButtonFilter Button

Page URL History Show full URLs

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3c... HTTP 302
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3c... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

157
Requests

98 %
HTTPS

63 %
IPv6

14
Domains

22
Subdomains

19
IPs

4
Countries

9066 kB
Transfer

13410 kB
Size

11
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crowdstrike

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent.html
Title: Start Free Trial

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
Title: r/CrowdStrike

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors'
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: U-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: U-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://supportportal.crowdstrike.com/s/article/Trending-Threats-Vulnerabilities-Intrusion-Campaign-Targeting-3CX-Customers
Title: Trending Threats & Vulnerabilities: Intrusion Campaign Targeting 3CX Customers

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent-threat-intel.html
Title: request a free trial of CrowdStrike Falcon® Pro today

Search URL Search Domain Scan URL

URL: https://supportportal.crowdstrike.com/s/article/Prevention-Policy-Best-Practice-Guidelines
Title: prevention policies

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27&_gl=1*167cbiq*_ga*MTg3OTExOTAyLjE2NzU4NzQzMDE.*_ga_ZKTET1D58V*MTY4MDIxNTcwOS4xNC4xLjE2ODAyMTYyNjIuNjAuMC4w
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/threat-intelligence-briefing.html?utm_campaign=threatintelligence&utm_content=us&utm_medium=sem&utm_source=goog&utm_term=cyber%20threat%20intelligence&_bt=465670942471&_bk=cyber%20threat%20intelligence&_bm=e&_bn=g&_bg=108022039334&gclid=EAIaIQobChMIqsSdwZ-j7AIV9R6tBh23rQErEAAYASAAEgKc8fD_BwE&_ga=2.145914102.359113952.1606756854-1198667695.1606243810
Title: CrowdStrike Intelligence threat briefing

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/product-demo-platform.html
Title: Watch this demo to see the Falcon platform in action

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=CrowdStrike+Falcon+Platform+Detects+and+Prevents+Active+Intrusion+Campaign+Targeting+3CXDesktopApp+Customers&url=https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/&title=CrowdStrike+Falcon+Platform+Detects+and+Prevents+Active+Intrusion+Campaign+Targeting+3CXDesktopApp+Customers
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crowdstrike/?hl=en

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers HTTP 302
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

Request Chain 121

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

Request Chain 137

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

157 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Redirect Chain

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

71 KB
16 KB

30ms
30ms

Document
text/html

2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bd561963cd077bec553b3a2a68b1ea084d0327f76a311029238709d01ac5c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6189
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 816eb48f392735e4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
content-type: text/html
date: Mon, 16 Oct 2023 07:49:27 GMT
expires: Mon, 16 Oct 2023 11:49:27 GMT
last-modified: Wed, 20 Sep 2023 23:52:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-id: 1IxGi1QczZFhSoaawdvc_-Xuyf8DE6WriOz46sCrxhB2iK7vhuhLRw==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: lBtT9lz8tGC0jNOEomsfGtRi_sBumKe1
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
x-xss-protection: 1; mode=block

Redirect headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 816eb48e1ff035e4-FRA
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 07:49:27 GMT
expires: Mon, 16 Oct 2023 11:49:27 GMT
location: /blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-id: mZLBMclC--acRa1VG6Dk7eDQfPcgBjTxb5v-0rNNUYdzvxwGBX-tsg==
x-amz-cf-pop: FRA56-C2
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
x-xss-protection: 1; mode=block

GET
H2 200 single-post.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/ 41 KB
6 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a27f67646142dabf6aa023a556e5beda6ee2ffde499ffa43f4287e7db99827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: bAXyWwpm2DCzxQLLPyEXXRzJK05aa6aw
age: 536
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:47 GMT
server: cloudflare
etag: W/"fe8bd9df47f8a43373d012be1f279d38"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 816eb48f796535e4-FRA
x-amz-cf-id: JJ-3mDLrJxtDPjmlgaIIfnlIMR8diBSPwpUowd9j_0TnUJ1RjJMTWg==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 theme-styles.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/ 431 KB
74 KB 42ms
41ms Stylesheet
text/css 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a111d7ae871651ec4bc05e764a552b66bfac244cc85daff7913469defbf694d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 7a.1rAp82T5d2IFjS3kHOzDOwNWcw3al
age: 536
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:47 GMT
server: cloudflare
etag: W/"f38e0e1ada54a546557f93de79fa176e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 816eb48f796635e4-FRA
x-amz-cf-id: VeqZc15uLqcnHLCRH6f7SlNCIeg6vU-wACZ5alfUDK9WPX69EyhQMw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 tablepress-combined.min.css
www.crowdstrike.com/wp-content/ 6 KB
2 KB 32ms
30ms Stylesheet
text/css 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/tablepress-combined.min.css?ver=29

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: tsHm.4aglhivxJ6SfEs8YL4ACcBPHmEM
age: 741
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Tue, 30 Aug 2022 15:32:39 GMT
server: cloudflare
etag: W/"e246c6f72f6db9cc7c8a1061c6b8717b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 816eb48f796735e4-FRA
x-amz-cf-id: DpAXeK-iVtIKfUT3zTMA3B3_xtPJIr_qqY065Hglg19iivZ8wDHOxw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.2.0/css/ 99 KB
23 KB 47ms
20ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349

Request headers

Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JKCPF4KEJX219PY9
age: 2063097
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ine5iC42GRQ+qc7tTmh5E/D5dD6h4uBdz7t1kPMIwgV9uiQVhxK85OExZRYFt5Wd9edsNd/cIu4=
last-modified: Tue, 30 Aug 2022 16:39:37 GMT
server: cloudflare
etag: W/"6cb5a85b30082e3d59d7e371e002ce8d"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bloQpoI8kqbi8W1E6jfWjdWL%2BfurU10CSTBjQ05%2B3NxQt5rcJksas9Mcba36uNuIRp8FvLjZr64EhU4TZW5JsMjIusvdNIcB5qq6H3fAnJNz8%2BFRtAWS5wT15WeHWMWsIpCooGr%2FsGeCeVJyOaTb1je"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 816eb48f99f09b8c-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.2.0/css/ 27 KB
5 KB 43ms
15ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/css/v4-shims.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 302c63800f372511b5c5981ce65f09ddc9926619a28ab7c8ebd23d0b120236a2

Request headers

Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F82F098GMVRMZSAV
age: 2063097
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mZGG3eJgnVhzATtiTt36WFKDbwWg4sBYSYi0N2fy++MKSrn4FDyZbK/Pq/BDPOQC2NBTFGQu5wo=
last-modified: Tue, 30 Aug 2022 16:39:37 GMT
server: cloudflare
etag: W/"a0c6ae12659c0a469d1114415303f9da"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuFC1nMtPeniEy5%2FqNZkf13F9J7apaUgk8WqOJ0Pk1OmFSOkjuohCzAagBHMY%2BBHa0X1RsG0m5mBtq9rVJzx0%2Bc81so1%2BfgLn3k9W4ifE9KgMPT2HYZkYEp%2Bkwv94CZr1yQAjgAlskVCY6Leyk3PO2o0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 816eb48f99f29b8c-FRA

GET
H2 200 Generic_Blogs_Intel_Alert_Adversary_1.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 262 KB
263 KB 58ms
57ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Generic_Blogs_Intel_Alert_Adversary_1.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c13ffb83b6901a230087f2d6e2df300bc6281a8dc10e3b38bf5d43c7cea0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 9VIN0DiFxg6Hnq95c83fNVV1MDTvXOSW
age: 6187
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=286215
x-cache: RefreshHit from cloudfront
content-length: 268292
last-modified: Tue, 19 Sep 2023 17:46:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "12efdd368b94e3deb4e4363c2f52c608-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f796835e4-FRA
x-amz-cf-id: gc9rfSxFzCZZ8CJejg2oRuyuJbbnBOjhNgPjSxAifdKztcsL5C1C8A==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2

200

Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cdn.vidyard.com/thumbnails/35463232/
Redirect Chain

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

33 KB
33 KB

237ms
191ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (dcd/7D1F) /
Resource Hash: f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
x-amz-version-id: QGXgB9JdNTswT6IKoF.GZknfwb5se2Rd
x-cdn: edgecast
age: 52573
x-amz-request-id: 1Q6B6QTCGVWC87HZ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33683
x-amz-id-2: HEmyn0neNfPjZ009pMhenrEuhPZ3P/+nAlWwuszMABFdqk3KoQBFw1021m40DJ5omeRNciitlKM=
last-modified: Fri, 31 Mar 2023 12:15:17 GMT
server: ECAcc (dcd/7D1F)
etag: "0e24161b84477ff1a391dd5b79e03422"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
accept-ranges: bytes

Redirect headers

date: Mon, 16 Oct 2023 07:49:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 498794
x-cache: HIT
content-length: 102
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.628529,VS0,VE1
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 image1-1.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 104 KB
104 KB 50ms
49ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/image1-1.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e348c78c790de1bc1e2cb7480fb011717b1843f0a9bc1cb1a90fc45f542e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: v4.o5OXcau1h9fq4R31rQzT8i9oh9KuZ
age: 6187
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=110269
x-cache: Hit from cloudfront
content-length: 106389
last-modified: Thu, 13 Apr 2023 14:53:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a60032887d9fba8fbaea386a5fc5d619-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f796b35e4-FRA
x-amz-cf-id: 0cTn8TOXoaudxdv2jwDYj5X9iCnqMH4yV5quuCIlrdq3WEW3mJbmiw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 Screenshot-2023-03-29-at-1.41.47-PM.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 123 KB
123 KB 37ms
35ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-29-at-1.41.47-PM.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c409e947fcd9d3b08d4a4292a05908955e08e7673ed9be6271e5659a9d88b1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: mkf6v3_V0Eyjrzld5RdcFtVOKeXRffv3
age: 6187
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=128922
x-cache: Hit from cloudfront
content-length: 125552
last-modified: Thu, 13 Apr 2023 14:53:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "ba0d1f0e1e276704f270390f609afdc1-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f998b35e4-FRA
x-amz-cf-id: auw2ClHCs5Gu8blviY1zh-8rhibmKdDCiyINmkOfji4eJ07k7KzEEQ==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 0923_02_e-Crime_Impersonating-School-Staff_Stealing-Paychecks.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 333 KB
333 KB 38ms
36ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/0923_02_e-Crime_Impersonating-School-Staff_Stealing-Paychecks.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e3e4b8db90923d111e652b91ba5dd6c68defaa08ad0baa8c48ba07506b2cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ZTKAa9JUIHay_On5lpZXvEAy0kLu5cqb
age: 1641
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=1150733
x-cache: Hit from cloudfront
content-length: 340582
last-modified: Tue, 26 Sep 2023 17:52:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6838263b165ed01a97f919936cd27344-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f998d35e4-FRA
x-amz-cf-id: igTYOI6Y7oiRWtYzX4jGC3Up8LSGERIV6HY0IXW_zRQIEhNBkbvILw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 Generic_Blogs_Identity-2.png
www.crowdstrike.com/wp-content/uploads/2023/08/ 474 KB
475 KB 40ms
38ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/08/Generic_Blogs_Identity-2.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf1ddee318dfac492b600afebbf5b67edb7e8cf2898802907c5c6194040840ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Yet8.FFBY4JitZW.naRh1GkQt0efT2rT
age: 1641
x-amz-cf-pop: FRA56-C2
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 485653
last-modified: Tue, 26 Sep 2023 17:52:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "167cc40b0a122b68d25f56139ed2accf-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f999035e4-FRA
x-amz-cf-id: 4ivPwsRVdQOjg0UCym7eWA04g9jUk_-ZIqT8EapzsAlgIynrreP-3w==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 Blog_1060x698-10.jpeg
www.crowdstrike.com/wp-content/uploads/2021/10/ 300 KB
300 KB 41ms
40ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/10/Blog_1060x698-10.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21cf396be385b21e8311d96026d57f639323043d2f17f42f6864a615b5fca86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: AxBjUViHsc.tr5_pmH7wu9M.BGxyC9tY
age: 6187
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=1108311
x-cache: Hit from cloudfront
content-length: 307031
last-modified: Thu, 21 Sep 2023 16:40:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "87bc03c762a64cbae95fd154a1b82915-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb48f999335e4-FRA
x-amz-cf-id: sMS-ZOphhUin17bWmsP3p374bwzqgCAsTWaUReM7cBR4TCvailkXjA==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 exit-promoter.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/ 4 KB
1 KB 42ms
41ms Stylesheet
text/css 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/exit-promoter.min.css?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d918dfd178470f1be12242960742fd20f811cf84c1beb90695770308a92cf017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 3PHWigg3XBA4MMLtw88cSFTR4ITeGlrP
age: 536
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:43 GMT
server: cloudflare
etag: W/"37121aa112ff01e70805c21126a4ae89"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 816eb48f998e35e4-FRA
x-amz-cf-id: mJhZ61OssbC9-PpeXfTT_Dhw7r92uGjkBexMTX_3uQRk-mnx7ly06Q==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 rocket-loader.min.js Show response
www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6523afb0-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 816eb48f999435e4-FRA
expires: Wed, 18 Oct 2023 07:49:27 GMT

GET
H2 200 launch-6cccf53edc18.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/ 397 KB
103 KB 39ms
8ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 20a7bbc288f8920ac4851c59b16ff54e322027ebce3317d9b265b8129c94c594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:55 GMT
server: AkamaiNetStorage
etag: "af36327635154407e4abd88e3c0c1a7c:1697225095.107338"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 104652
expires: Mon, 16 Oct 2023 08:49:27 GMT

GET
H2 200 zya3koo.css
use.typekit.net/ 3 KB
915 B 42ms
8ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zya3koo.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a0f9ad349100e22fc0f804bf2cd7295202370354e8b5b519b2a03468b3c7e67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 16 Oct 2023 07:49:27 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 692

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Oct 2023 07:49:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: Az2Xn6+/abzxPYH0TAeZMp+9a+9Acgk+jlPZABFcvtXyiSfu+ihA0u7hMzG2QpVLlFADWIG3TmPZTF/6QsHBKw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 135ms
50ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fb3b1c8ff2e87f1fa4c43ea0d8a6dc3cc486cc772c854575c82fcd92dbf7cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66491
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Oct 2023 07:49:27 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 143ms
55ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bce50a6c3baaeb81c86f575125a959fdb1ffc5bb7a3bec2452503fda239ba4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 16 Oct 2023 07:49:27 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 64ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zya3koo&ht=tk&f=39496.39498.39500&a=30979937&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 950083805267950 Show response
connect.facebook.net/signals/config/ 6 KB
3 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/950083805267950?v=2.9.134&r=stable&domain=www.crowdstrike.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

69c9761403e2485e8ba4b18719eedc5190efed122125c5e0491288462b4fb56f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 16 Oct 2023 07:49:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2418
x-xss-protection: 0
pragma: public
x-fb-debug: 86qQIm0Nr2usS3/FHTTQUCAEZICLUEBRyi1UDJicaQg6MTtQfIZZU7iksraCzZ1Hge9yfredC6J4CchdITFxIA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/28f000/00000000000000003b9b2048/27/ 23 KB
23 KB 24ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28f000/00000000000000003b9b2048/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
server: nginx
etag: "5d5df1b25290dc82b22a668f0395604299f16750"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23176

GET
H2 200 l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ 24 KB
24 KB 26ms
11ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
server: nginx
etag: "98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24452

GET
H2 200 l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ 25 KB
25 KB 26ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc

Request headers

Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
server: nginx
etag: "79b73a8b60023503d1f34e07b81f37976902b3f9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25780

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v6.2.0/webfonts/ 105 KB
105 KB 15ms
13ms Font
font/woff2 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2T8N7VEMHZE58HNQ
age: 988857
alt-svc: h3=":443"; ma=86400
content-length: 107460
x-amz-id-2: ZTwngJAeQnESwoNaSfJGB2pZKSi9cNfCh6u7w/I8dkVO0z3vn/2XAVfyxzd/2e59xM/vIbG6zKs=
last-modified: Tue, 30 Aug 2022 16:40:00 GMT
server: cloudflare
etag: "f4bdd85a576812f553ec3cfea8b1a2b5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I76BXdsjDURsdaYs8w%2BlAjHH3aroaXl9Wk6y5J%2FQgSrPEWtTEDeaqMqYm%2F9BshyzahKdwlyz5CospJv0sKkms%2FWTHkamD92QSIb%2Fhd8lQaKDBaxfHYek9mgMOZHF%2FwHqv5kmEYTcNNAgfC4wn2dYi%2FlK"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 816eb490cb389b8c-FRA

GET
H2 200 Fatman-Light.woff2
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/Fatman/ 17 KB
18 KB 32ms
30ms Font
font/woff2 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/Fatman/Fatman-Light.woff2

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6addb827a2a39237154916d2a692464bceb44dc7bd73e7cdeb7150181615b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: AdBMiLIEv6oAf.7iifluYxIjjiDI7CNg
age: 4557
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 17736
last-modified: Thu, 12 Oct 2023 16:09:18 GMT
server: cloudflare
etag: "85db19d40add135904a6215a2a29ef38"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb490cab535e4-FRA
x-amz-cf-id: fONo9UGdI9Dx2ZSBW4apnkPJOipcuX9wyHjtbH0Cc2EsOBuRyn0V1A==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.2.0/webfonts/ 147 KB
148 KB 24ms
23ms Font
font/woff2 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P4JAYQBHVVJQB46J
age: 989198
alt-svc: h3=":443"; ma=86400
content-length: 150472
x-amz-id-2: odcmgXBvySp5qLPYMlqiOHTxWWwv1MNUcLJOTn7tI73kbgw+jcIBUuHLmFJ1rgHQT5ZoWgCiPu0=
last-modified: Tue, 30 Aug 2022 16:40:00 GMT
server: cloudflare
etag: "3e50e269ee627bb2279f91d18c085167"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4ol9WmMzD3BFMyIgmIeVapi1Ax0ehUvVtyaIa8qGAjHtK4H0M8r9wFN6%2BlKtxC8HMMxk76uz9K8EW%2F8A27%2F7sJkBKBtxXfGDy%2BCRFsG1SnUVIy%2BsYt24NHKI0Q3u9kY%2BP8r2Rw77LYSify8HKluP%2Flj"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 816eb490cb3a9b8c-FRA

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/ 82 KB
47 KB 31ms
29ms Font
font/ttf 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/crowdstrike.ttf?sfjo45

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: Bv742HwZ_SKaB7K_LLrsSS_NBS0GImZB
age: 1349
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:17 GMT
server: cloudflare
etag: W/"ad87bba53a140fc17152a36f87a03f2f"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=14400
cf-ray: 816eb490cab735e4-FRA
x-amz-cf-id: brIlTJDdpPzzx88llOnNqAPoIZ9bnJSQsiGwGs34_xCrWVC14UKHEg==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 exit-promoter.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/ 21 KB
7 KB 37ms
36ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/exit-promoter.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d6d13af8e9e1e3e2eb9649efd2ffdd3a9d1b25dcd3ea489052a30d427466e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: gP35SKZd5_Hhh.Tqh1aynm5J300iuVL1
age: 3419
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:42 GMT
server: cloudflare
etag: W/"36c7353af7af7b4966e7e97e450565a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910adf35e4-FRA
x-amz-cf-id: hrfvqbXJxk-cySYEjEk1KT4fVPFjclkBDZp_PK2sWQFkacv-QipWxw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 theme-scripts.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 201 KB
66 KB 33ms
32ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/theme-scripts.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb7c851c0fcce9ea166dc5062405ca56e561ba6a82a3daab0cade0f4818a12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: c5ZFqhIO7iMgmXtEqppSCdTmLNb0aHx.
age: 3419
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:43 GMT
server: cloudflare
etag: W/"c2ccf690a006c02a330532702f284513"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910ae335e4-FRA
x-amz-cf-id: qYGd7VLvxcWW1NTLHebdtJijF0pEfSIqOTy1bi7HTntRuXznoXV1-w==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 footer-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 22 KB
8 KB 31ms
29ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcaf3bfa5b565128f4a6052c3dacd8066a4bc0f9ce97cb6c6a71cfea9c2e11ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: bTR3IEs4CzSmQODbFWD76RbNVggqQ07V
age: 535
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"43a3206edbfcbc5020c1e413c6fcf8dc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910ae535e4-FRA
x-amz-cf-id: gZQzk96OF65ijtrFBqdexHfurPhWhbfKlh0OvfBRku5t8KURIze4Dw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 70 KB
23 KB 7ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e492e5bd630a86a679a9ead911fc5e1e155d75098344c375131c40470e97396d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits: 15
date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 20408
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 23031
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
last-modified: Mon, 28 Aug 2023 17:07:01 GMT
etag: "d22850d6ed493dad3ff1a51479d730cc"
vary: X-China, accept-language, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 addsearch-ui.min.js Show response
cdn.addsearch.com/v5/ 308 KB
75 KB 83ms
12ms Script
application/javascript 2600:9000:2156:ac00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85164c9ebf305039e4d7ef9bbe9902396f227b9da80e311f3adebc865e10fb27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 01:08:08 GMT
content-encoding: br
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 08:37:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 26146
x-amz-server-side-encryption: AES256
etag: W/"3ff9b07e4baaf6060e2605e29b8a01d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GqhCb3u7eU0k9l7SKSH7X_RRW2tVWQCHGaCIS13Opb6mCdadqcMCSA==

GET
H2 200 blog-category-sidebar.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 45ms
44ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea01987f1b76dfc2985483ac05bc1eaa38dc8e1e83fa23882a481d007c4ed11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: al5fbf7zfdOQ8Rs72t67uyxVrc20O.aL
age: 3419
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"e5d5ec756dbb81740a60d1f33f60e53d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910ae835e4-FRA
x-amz-cf-id: oFRqFVe5SGQNRTxEQ1vy8PCj2RokL647y96PPznAGJVLus6dTRWGlQ==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 blog-categories.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 42ms
41ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-categories.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b008ac68c17b1b9533d27849384bfb1c4899618e3c85113c235306979e289845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 2U1vE1B8C1ihWWA06rFL9rIpAzqGbh1k
age: 1641
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"2a5f5ddfda3f8e308d902c236534d8f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910ae935e4-FRA
x-amz-cf-id: FePy65BXMw__6alGlwMFxpa-M6YDhg7cF_ABJc8Zdmnj2UnJI9awTg==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 blog-free-trial.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 2 KB
1 KB 41ms
40ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-free-trial.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a3130477a6f2f745a9506410595c4c56ccea6746059817835d31bb505eb19af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: V8fSCNSjr8eTdbH7uiTMsyjtEYCdZo8k
age: 1641
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"2df8a8d3ee6605ba4c45e7d2c2be88bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910aed35e4-FRA
x-amz-cf-id: iOOAeWptzRhQy_k4TXXu12dU4GbBSQPdJeoDgDz7GNX1myBALi1FEg==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 blog-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 7 KB
3 KB 32ms
32ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd6f40785d0bd9b34adbd6985abb75a1bd3cbfaefec8d3443929d3ecd999d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: fXwnId8lDY5FCQw7c8UTwbhDs_uMr.lc
age: 535
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"8ba248e20b0108103a46cff172ef6f6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910af035e4-FRA
x-amz-cf-id: Pre5_WaOrOkDoN-EoRWPl4vRJtcAMPKWL1G7WkTu7AdGL5Gp6dwapw==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 fetch-inject.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 1 KB
911 B 43ms
43ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/fetch-inject.js?ver=1695129389

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 7a9Kdh8GEIvAVv_5bTLliq0lKaNV6e23
age: 3419
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=1343
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e80eef79b8a9c769c9fe24903f880fb5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4910af235e4-FRA
x-amz-cf-id: IAjATKYpBdACwOeoPp3Gs7NKw1eO14SJNpo9NUHc-h1AzGeQQm65ag==
expires: Mon, 16 Oct 2023 11:49:27 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 58 KB
10 KB 77ms
31ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/OtAutoBlock.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63bf01eb9c526436e112dac238827fe17a752fc80b34ba3934ec092778497876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17362
content-md5: ArpAkXa9oQKiejC8E9GJWg==
content-length: 9635
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:22 GMT
server: cloudflare
etag: 0x8DAFE4ED8DFCC04
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6651b140-201e-0005-35e1-5a2c99000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb49148fe194d-FRA
expires: Tue, 17 Oct 2023 07:49:27 GMT

GET
H2 200 RCd4a8da803122457eb6df6cf216d28fc4-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 2 KB
1 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RCd4a8da803122457eb6df6cf216d28fc4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b2283707e63fb53f2b24b4ea284661017f4028dd9f1062425ad9f44fff58b62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 878
expires: Mon, 16 Oct 2023 08:49:27 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/99faf012/www-widgetapi.vflset/ 213 KB
66 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/99faf012/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b0c564fb579679c627efd07eaabc7a9c59479b5b7798b4e6c29b3520030fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67184
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 01:50:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:35:48 GMT

GET
H2 200 RC6d6f42081a154a5d8562e114bceace58-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 376 B
505 B 38ms
38ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RC6d6f42081a154a5d8562e114bceace58-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fba0e6ec960786f7e28a4c7c2b9e385dfdc7f3a991e0fb394ffd13da53446f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 246
expires: Mon, 16 Oct 2023 08:49:27 GMT

GET
H2 200 RCc9e993aecb03421e94969c659f736031-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 2 KB
1 KB 39ms
39ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RCc9e993aecb03421e94969c659f736031-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 242698db9612aea97080689d97905652fa015ea74efbf70a516aef3852474d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1070
expires: Mon, 16 Oct 2023 08:49:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
87 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKTET1D58V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3b3b9845700ca10a5b4def83602cc7cc4ac726339a92441592dad7ac933a95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Oct 2023 07:49:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-797629828&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96b4ff4e6539bb610991fa9b313de9ce9490b83c10a04ebdc0efd27a2ab42c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76150
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Oct 2023 07:49:27 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 60 KB
16 KB 55ms
7ms Script
application/javascript 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a09fe9b9f8deb402e85425e864ed0d7bd28a382f8e4b5e5ad1a6bb3ad3030ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 17:32:21 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65243925-f02a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 16343
expires: Mon, 16 Oct 2023 07:49:28 GMT

GET
H2 200 RC8de780f02ed7489ea63027c24b833a79-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 571 B
596 B 8ms
7ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RC8de780f02ed7489ea63027c24b833a79-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 21df4fadab40e33ae5d4b3008d3b347c75c1e0aa0d2eaf045eba4a6ee97e3c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 337
expires: Mon, 16 Oct 2023 08:49:28 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 28ms
27ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VWm3jh650itzUl5lqfHWUg==
age: 38521
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 17:37:51 GMT
server: cloudflare
etag: 0x8DBCB49F5C6479E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 843e90a2-b01e-0005-5e45-fdeb58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb492aa9c194d-FRA

GET
H2 200 free-trial-content.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 334 B
544 B 30ms
30ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/free-trial-content.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-free-trial.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d871b6771dfa1a9115eee87e6dbb038d19387e11f27904622a56ff9bd4d2b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: ZT5jI4nSfnlTRaxyvF.9eZLHNa8VuKFy
age: 1642
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:23 GMT
server: cloudflare
etag: W/"d13c1d173c9555b867c53fc3779c2543-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcce35e4-FRA
x-amz-cf-id: zc0-26uGsR8cyZacz6neePdUIfXFi-E4q6KPKHoDmdZlA2TyD58O4A==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 categories-all-info.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 1 KB
625 B 37ms
36ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/categories-all-info.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3af610c33131a0b88a81ace4b6713c241ed607d85130158987dcc63a8cf684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: oSpBJbLH.c5s_E1PUpZfvJbRceMRK4sX
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:22 GMT
server: cloudflare
etag: W/"d6d63e486cd0c9afe86f1ce08e83e7c0-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd035e4-FRA
x-amz-cf-id: ljWMFYBy3oToJ_t_zONwgfZoEZtx4EsNk55VZClQwjZMp9UwStvZ0w==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 603 B
491 B 37ms
36ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: _2pMK9Ek4oHEwyQEbAMuHtqpOB7iHHZJ
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:20 GMT
server: cloudflare
etag: W/"1ab362e649416281cf128a90f1d089b7-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd235e4-FRA
x-amz-cf-id: SvPJ1wD-MnyeJ7P_VX6-uxV4lVUJVPw_SppTXZ7Pubkx_8X-plHOVg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 sidebar-free-trail.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 159 B
420 B 35ms
34ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-free-trail.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: hzDYqqFJkcOKBoD.C6gLvkJJiA_9x6MW
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"df1b037e9cbf2d8045e53137b1055ebe"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd335e4-FRA
x-amz-cf-id: qZK3PjxySmzF7vgiLj574XYb37eR3hY-dR0zjpXAmj6K0omzFn0XJA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 sidebar-featured-articles.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 4 KB
2 KB 31ms
31ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/sidebar-featured-articles.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970c0f7a95958b2eb75f05bfeae5fb619adeca6c0a7fcb538a4f59e342f8eea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 92ddeeCAqEXVaNMoziowDwOTrKY1xq2O
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:23 GMT
server: cloudflare
etag: W/"4f4579ed2ab281dd721aa1755eeb40c9-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd435e4-FRA
x-amz-cf-id: Pt2baAQK1VuzWgfRaafGpxAacjJtjC94FtP8U5g4X2pldii_T1rfMA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 sidebar-subscribe.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 178 B
366 B 32ms
31ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-subscribe.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: g7M05T77sXkcddW5scfYOAoWYMHXBw3O
age: 5088
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"1fbd7b14b1667df99fa1837a82639ee7"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd535e4-FRA
x-amz-cf-id: uLoTaawNuxDBJYamGkwu1ERTLFJvslUAyJ7BX_ERbFhw1S3FP_G5Mw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 sidebar-demo.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 345 B
495 B 30ms
29ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-demo.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 5RgePR21ERvNQpVTODl0SpsGYQmD9.U7
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Fri, 11 Aug 2023 20:45:17 GMT
server: cloudflare
etag: W/"4d636d45eeb8585ade6681163017cc09"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb492bcd635e4-FRA
x-amz-cf-id: hkqBmpIIwAep9X6K83ruX67Ta0lwPWVtwQBKNH-0qT4_pXZNVatkhg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 addsearch-ui.min.css
cdn.addsearch.com/v5/ 41 KB
6 KB 11ms
11ms Stylesheet
text/css 2600:9000:2156:ac00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.css
Requested by: Host: cdn.addsearch.com
URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9af6e0a0313027a162e74d5d3d66046341fa4203730f6a1ce3b5889af5235ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 00:34:06 GMT
content-encoding: gzip
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 08:37:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 26123
x-amz-server-side-encryption: AES256
etag: W/"b6eb76384aa0f7770313a64a0e2457da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: gXReXIZFd7aN-jxR15ZQp-crK_QvDIOXNbmMZ2k1E-S709uCzW0IqQ==

GET
H2 200 logo-red.svg
cdn.addsearch.com/v4/assets/ 4 KB
2 KB 11ms
11ms Image
image/svg+xml 2600:9000:2156:ac00:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.addsearch.com/v4/assets/logo-red.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 00:33:23 GMT
content-encoding: br
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 06:28:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 26166
etag: W/"8c2b9e4242eb4f2a16941b1de3656f64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ThWvQGK-AwGm50mtt5lIjacCExxBrH2xwlhWKKjsNQ2fjBqdHcnsIA==

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 603 B
304 B 26ms
26ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: _2pMK9Ek4oHEwyQEbAMuHtqpOB7iHHZJ
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:20 GMT
server: cloudflare
etag: W/"1ab362e649416281cf128a90f1d089b7-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb4931d4035e4-FRA
x-amz-cf-id: SvPJ1wD-MnyeJ7P_VX6-uxV4lVUJVPw_SppTXZ7Pubkx_8X-plHOVg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 forms2.min.js Show response
go.crowdstrike.com/js/forms2/js/ 208 KB
70 KB 178ms
31ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/js/forms2.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 22:55:04 GMT
server: cloudflare
age: 752
etag: "1a3581-34099-6064af724e200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 816eb4940f4f18df-FRA
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 marketo-forms.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 20 KB
7 KB 30ms
30ms Script
application/javascript 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/marketo-forms.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9d38c1f093684d41a7b08eaad9de6256e4d277c7d782b5411c6d1179f2819a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: CIBcJiqMTijS7Ym4LeHhjwF9dxEGB5tD
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:41 GMT
server: cloudflare
etag: W/"ac466cf91dba41d6bbe0ac70f7380f2a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 816eb4931d4235e4-FRA
x-amz-cf-id: 0e_b4kWZcJw2aUEoZ-iEYmRmeG6AJILlVytFOrAJOwsWf1p6GHk3ow==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 blog-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/ 70 KB
6 KB 43ms
43ms XHR
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/blog-nav.json?ts=1697442540000

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

956347b596554a858253974b2e43bcd6c28dbe2e01f13d52984f7a6c1057fd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-version-id: XCwZoRUos1evqgXG6eNAr9L7GXPK9NAl
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:21 GMT
server: cloudflare
etag: W/"eee1ef9ee6e7fc3911c11e8d0ca60fa4-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb4932d5935e4-FRA
x-amz-cf-id: PJWZvqnfobidzgzmarCiEHx09h_O-2hEHHBJt-9I4BxjYPQmRQyJQQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
579 B 51ms
15ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:49:28 GMT
an-x-request-uuid: c166544d-1164-43bc-bbca-f7a89b33b91d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.crowdstrike.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.164; 185.213.155.164; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 43ms
7ms XHR
text/html 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
311 B 55ms
7ms XHR
text/html 2a02:26f0:7100::210:151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d8f4f7589e5ecac8f3938b7c06d4496f218a7e0c6ab4eb15596d9c6a3c351367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 07:49:28 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::4e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697442568224_34603341_10025330_17_786_6_15_219";dur=1
content-length: 20
expires: Mon, 16 Oct 2023 07:49:28 GMT

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU
play.vidyard.com/ 0
2 KB 21ms
8ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 261300
x-cache: HIT
content-length: 1481
x-served-by: cache-fra-eddf8230081-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.207923,VS0,VE1
etag: W/"df1-QkvhNEWwCpXovlGeHxM/yl6He1c"
vary: X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU Show response
play.vidyard.com/ Frame 3DC6 3 KB
2 KB 7ms
7ms Document
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45034c0ac4d6bf521f49c8062e0973da9332e668ca630b1095ad862be55d568a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 261300
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1481
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 07:49:28 GMT
etag: W/"df1-QkvhNEWwCpXovlGeHxM/yl6He1c"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600
vary: X-China, accept-language, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-china: 0
x-served-by: cache-fra-eddf8230105-FRA
x-timer: S1697442568.197096,VS0,VE1

GET
H2 200 style.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 176 B
367 B 8ms
8ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/style.js?callback=window.VidyardV4.jsonp.style_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8075e644b252872397824d6163fb27e99f9e043afa435c458bf67226b612ca23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 202886
x-cache: HIT
content-length: 137
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.197169,VS0,VE1
etag: W/"b0-dZejGerreyt0E0R/Sr0sCp67hFE"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 177 B
228 B 8ms
8ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/integrations.js?callback=window.VidyardV4.jsonp.integrations_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

875a394bacf884023e57246e4377055ffb403bc95d5e995dd26a5e49994d00e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 202886
x-cache: HIT
content-length: 133
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.197541,VS0,VE1
etag: W/"b1-cH1eIjmMHFCZ08oyVbC4CjNIjpw"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 1 KB
781 B 6ms
6ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/details.js?callback=window.VidyardV4.jsonp.details_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb61f3185f67175c4ae4647c4fe804fb2623791dd295589adc4c2771248cfde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 202886
x-cache: HIT
content-length: 631
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.197987,VS0,VE0
etag: W/"440-Gchzg8CQjwTgnSC+uC3/teR6cQs"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 breaches-stop-here-post-cta.jpeg
www.crowdstrike.com/wp-content/uploads/2021/07/ 17 KB
18 KB 26ms
26ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/breaches-stop-here-post-cta.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0c9ad71fdf2b8553461659e37cfbb453a5a569c5f8c67273cded5fc9e0d2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: aPnhXcSd19qyXFMnDtLV9aa66s2nMfzf
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=17921
x-cache: Hit from cloudfront
content-length: 17580
last-modified: Mon, 21 Aug 2023 21:48:07 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d954c6a287707fc4afac139378aae270"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb4933d6d35e4-FRA
x-amz-cf-id: pcc1TKwI_uSkJj5T6RZnbcdZcuUJLd8aV--83pCm2xrOu_UI-ERmHA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 red-falcon.svg
www.crowdstrike.com/wp-content/uploads/2021/07/ 4 KB
2 KB 33ms
33ms Image
image/svg+xml 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/red-falcon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: TcFqfoqw60gqGStaXtVlISxjk.DdUyRi
age: 742
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jul 2023 19:37:50 GMT
server: cloudflare
etag: W/"2c1e9eeb3990af43e758701889df354a-1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 816eb4933d6e35e4-FRA
x-amz-cf-id: tAA3YsjVQZAJTfT5q_mkcYyS43kZ8CiLQf-2HWESTMnRTrZzZLoagA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 bee15b7c-b632-450e-9003-9c8b60b3b978.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 4 KB
2 KB 40ms
25ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/bee15b7c-b632-450e-9003-9c8b60b3b978.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce875796d4d6e5681b090c6b31f2e89e76e39f853e4fe2dd00dcee0f0db35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11668
content-md5: kxITjUQMLWKvbMKn1ZxSlA==
content-length: 1689
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:21 GMT
server: cloudflare
etag: 0x8DAFE4ED810DB59
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 391b886e-201e-014e-2ae1-5a5b56000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb4935d5e1d84-FRA
expires: Tue, 17 Oct 2023 07:49:28 GMT

GET
H2 200 CS_Free_Trial_blog_300x600_final.jpg
www.crowdstrike.com/wp-content/uploads/2021/07/ 34 KB
34 KB 34ms
33ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/CS_Free_Trial_blog_300x600_final.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04466026773f10391f6d0d84d702b9eef45db6438822b4edcd931cf5cc89d2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: _A.Ry.LGgr.M9ELPeTTp6vch4cC_H3vT
age: 537
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=105065
x-cache: Hit from cloudfront
content-length: 34443
last-modified: Wed, 11 Oct 2023 16:24:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "11edcc35473c47fabaa1e19b2f186d08-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb4935d8735e4-FRA
x-amz-cf-id: fWf24oTwUGTuLyP3t2qDyvGkmQEHGwuJciKqcCuwBrddS9IxMtsABg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 itcavantgardepro-xlt-webfont.woff
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/ 26 KB
26 KB 36ms
35ms Font
font/woff 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/itcavantgardepro-xlt-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1695129389
Origin: https://www.crowdstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: Ab0ng_04sKNEKy8FCYVFEmLywbhjw3XL
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 26532
last-modified: Thu, 12 Oct 2023 16:09:20 GMT
server: cloudflare
etag: "97e5d80225ecf45f6488b9f660ecfd8c"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb4935d8e35e4-FRA
x-amz-cf-id: 6tfw41ph1uSd-eKDPAoftxh_N3n-I1nQ7TO9KaKZZGFn36nVGMSemQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 runtime~main-e328308b819e5df137639b5f21c9ce69.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 7 KB
2 KB 14ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 732735dc86bf7593921ca6ad5818eb7f67e37e6cdef0bc2ddc862276e11618a7

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 221486
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2268
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 12 Oct 2023 17:31:14 GMT
x-timer: S1697442568.238829,VS0,VE0
etag: "6a4c8b4c5acc7fba9b528fb41c816007"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 121

GET
H2 200 main-0848513ab96834b7b8adae23e7926ac3.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 105 KB
14 KB 15ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 463274
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 14298
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Fri, 06 Oct 2023 15:46:54 GMT
x-timer: S1697442568.238952,VS0,VE0
etag: "2ce8f04d821e84645ad08091b9f7ea27"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 115

GET
H2 200 0923_02_e-Crime_Impersonating-School-Staff_Stealing-Paychecks.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 333 KB
333 KB 43ms
42ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/0923_02_e-Crime_Impersonating-School-Staff_Stealing-Paychecks.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e3e4b8db90923d111e652b91ba5dd6c68defaa08ad0baa8c48ba07506b2cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ZTKAa9JUIHay_On5lpZXvEAy0kLu5cqb
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=1150733
x-cache: Hit from cloudfront
content-length: 340582
last-modified: Tue, 26 Sep 2023 17:52:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6838263b165ed01a97f919936cd27344-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb4939dc635e4-FRA
x-amz-cf-id: igTYOI6Y7oiRWtYzX4jGC3Up8LSGERIV6HY0IXW_zRQIEhNBkbvILw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Generic_Blogs_Identity-2.png
www.crowdstrike.com/wp-content/uploads/2023/08/ 474 KB
475 KB 31ms
31ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/08/Generic_Blogs_Identity-2.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf1ddee318dfac492b600afebbf5b67edb7e8cf2898802907c5c6194040840ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Yet8.FFBY4JitZW.naRh1GkQt0efT2rT
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 485653
last-modified: Tue, 26 Sep 2023 17:52:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "167cc40b0a122b68d25f56139ed2accf-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb4939dc835e4-FRA
x-amz-cf-id: 4ivPwsRVdQOjg0UCym7eWA04g9jUk_-ZIqT8EapzsAlgIynrreP-3w==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 RedLogoCS.svg
www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/ 6 KB
2 KB 70ms
61ms Image
image/svg+xml 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/RedLogoCS.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: s95SzFWybGBmH5Aj630nvKiQ8ven4zRm
age: 1642
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 16:09:33 GMT
server: cloudflare
etag: W/"81ee08b1302889572e1a229ba2a2029b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 816eb493adda35e4-FRA
x-amz-cf-id: rlqDu6elH6P1iGynHh-8kFPlJwfsyxkM2JIXYVPmzONZrFoDifaZuw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 MITRE-100_Blog_02.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 79 KB
79 KB 56ms
47ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/MITRE-100_Blog_02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca48ecff4b0eaca4ca4a70090a2a1fe3037a2972b2345971d63caacb0e1c2dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ibivzdofwsvtQ8S.dzRdjKf_Gt9GqSov
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=225843
x-cache: Hit from cloudfront
content-length: 80787
last-modified: Mon, 09 Oct 2023 18:39:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "36bfa878bf6d0673b8067e60150712b9-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493adde35e4-FRA
x-amz-cf-id: Nw8nVKLJFkhDJnh4CYTT4mSgq9x4qdzarR2CbJWr_yW1Gzbe4K7hdA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0222_03_Falcon_Platform_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/09/ 23 KB
23 KB 112ms
102ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/0222_03_Falcon_Platform_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4909664b2cd227fc85ce6fd9d530ec41bef8528f31af916ba9ed95a2cb230823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 7cootdGFz36N2T4YjwBmXRXsYg9xPS3Q
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=90387
x-cache: Hit from cloudfront
content-length: 23201
last-modified: Wed, 11 Oct 2023 00:10:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8748ae72673e5e2a5483a9b02ddcd227-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493addf35e4-FRA
x-amz-cf-id: vSyknrI4UPM8bQIsXHou4qWwjRbywZSVrnCfsWSunUxe9009lJV4Yw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 patch-tuesday-blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 140 KB
141 KB 45ms
36ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/patch-tuesday-blog-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881496d42cddfd02cec1c1e080f9033abe22410c2861f8214e9ce48d9efeef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 8pNOpF0NgIgXykvgZb9SG2nS_5ePwP5p
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=495754
x-cache: Hit from cloudfront
content-length: 143500
last-modified: Thu, 12 Oct 2023 22:04:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "df577bf5632bbf7292f6d8566acc8c38-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade235e4-FRA
x-amz-cf-id: XJgpAhAmgg_EqfP1x4fyMil4hIkAjrDk0LCCKT74XwLB8y8IZiJ_Fg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog_1060x698-4.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 145 KB
146 KB 85ms
76ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/Blog_1060x698-4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e518d176577de2a43a469289812d0585bc739bd66694606c5f1be6a701db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 2qQ.nOCyvAHysUD_MJqn9BJk7AYAidMG
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=563276
x-cache: Hit from cloudfront
content-length: 148767
last-modified: Wed, 04 Oct 2023 15:52:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "28e98ab61135093d78b3bccec4b1d341-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade335e4-FRA
x-amz-cf-id: NoW2N6f9E0ii2Gy6nuP2aTeaMkSTpL2jcaU1ilOyJMm2aNGmNt96hQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0521_01_Attack_Surface.jpg
www.crowdstrike.com/wp-content/uploads/2023/10/ 278 KB
278 KB 69ms
60ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/10/0521_01_Attack_Surface.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5203c768a6b538b2dc84abba2c89c87c68d917f1488f2a18f299faceabbce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: LXr60FjmhHt51fLqjCrJiJF8jD7v_o2I
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=939646
x-cache: Hit from cloudfront
content-length: 284298
last-modified: Thu, 12 Oct 2023 22:04:21 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6f9b65647bc71cf67c71f3a246236bd3-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade435e4-FRA
x-amz-cf-id: 8Qq14tbGXFlwYznUdIsNBTb7UnVhay2jDeqGMEw2-X4PM5xSPVBUcw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 1023_01_CS-Box-Partnership_02.jpg
www.crowdstrike.com/wp-content/uploads/2023/10/ 13 KB
13 KB 47ms
38ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/10/1023_01_CS-Box-Partnership_02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e7d29c1548aebe6deb68bb5322403af16353df4ae5243800dcf58f9f643232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: gorozGLOwlDvDy.aKxqf88liI7FNAI.h
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=40632
x-cache: Hit from cloudfront
content-length: 12806
last-modified: Thu, 12 Oct 2023 22:04:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "89e09c83c15078f2813b74643a948aac-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade535e4-FRA
x-amz-cf-id: BUyvguO77Xk6LaWsZo-iBrKIDgp9VPP8uJZI8bz-3u6mIntEzZunjQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 TechCenter-2.jpg
www.crowdstrike.com/wp-content/uploads/2016/07/ 28 KB
28 KB 45ms
36ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2016/07/TechCenter-2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d7247f9a18889ae8a68fd56edaa202264826e284c725ce09964a71d1ee663e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: L97AI9u2PSi0jBG_PiglLw9MWeD6ZbvT
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=111775
x-cache: Hit from cloudfront
content-length: 28432
last-modified: Thu, 12 Oct 2023 21:08:44 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3fb44700e9a9760adce14063cd8304dc-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade635e4-FRA
x-amz-cf-id: ThECWm-wN3ljd694mV6OnxAL2S5mfHKPGKL0sf6QNRnk0Z2CpN3gyw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 IR-Video-Blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2019/12/ 14 KB
14 KB 52ms
43ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/12/IR-Video-Blog-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: FSNIdF8CVVHTE6acQqnEZJh8Pm4UlDXN
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=60108
x-cache: Hit from cloudfront
content-length: 14351
last-modified: Tue, 11 Jul 2023 13:42:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "96e7d13e7744d7a668c204a2d141f878-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade735e4-FRA
x-amz-cf-id: mUQlK2-o2jeqZvOJ6k1GC9EZ77cXCmk3MqxaIMLr4ixHVQ6Yl63xfg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog-Image-CredTheft-Demo-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 96 KB
96 KB 53ms
45ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-CredTheft-Demo-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d220e0244517475dfe10f437bf2226a28eca7378c4b8fafa914a01174776cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: iMGtZ12dDgxsJhlmM046vdcng70ZbGf_
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 98080
last-modified: Tue, 11 Jul 2023 13:42:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f73ac3e06cb6538eadd78182243a04b7-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade835e4-FRA
x-amz-cf-id: qJ0tGD2qjAsXJpas-eVZ59vRYbIBvKHBUwKThntlNbLwyirGhHCShg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog-Image-Priv-Esca-Demo2-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 73 KB
74 KB 42ms
34ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-Priv-Esca-Demo2-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35507d68c9460b1bc5526d5a64fa382b04ea0c9da24b87a9bec7c6fd30bc55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Iw15lE9OpS4V8Nkf7rEUZp2uHTTfTWMy
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 75011
last-modified: Tue, 11 Jul 2023 13:42:33 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0e7785cd57282d63d5e8212ec20d14ee-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493ade935e4-FRA
x-amz-cf-id: NcVg8uap4Pe-9iAyGdy6EacKlVfNdtQvdJiZp-2yO2vW-QlF3FR3bw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog-Image-Delivery-Demo2-1.png
www.crowdstrike.com/wp-content/uploads/2019/04/ 75 KB
75 KB 47ms
39ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/04/Blog-Image-Delivery-Demo2-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c572f7e6cda5feec58f66e79f96df91cfd83f6981d7d1f2958137b98ebf499cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: gIsCw5sgE7fxh0dDhUuCzSEo7IP81XF8
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: status=not_needed
x-cache: Hit from cloudfront
content-length: 76455
last-modified: Thu, 20 Oct 2022 18:02:29 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "4e65fb1433a46d01ecf24e6e633cc562-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493adea35e4-FRA
x-amz-cf-id: BQ2gHr3E_6euGC905dLsP6Bzd-LbMwalxEGfFq4vGSsYPmA4Q4DKfw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Falcon-X-Recon-featured-image-1.jpg
www.crowdstrike.com/wp-content/uploads/2023/06/ 280 KB
281 KB 48ms
40ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/06/Falcon-X-Recon-featured-image-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77b68e97c7c808e6662e4dda77dd798831e80a592f9e175c68314cd9b74d704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: J0nrhY9LAb8j1qIkr5XIRbdplBJY0eA4
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=922540
x-cache: Hit from cloudfront
content-length: 286658
last-modified: Tue, 03 Oct 2023 19:11:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5c526708a6ceb5e32f706df43adc4690-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493adeb35e4-FRA
x-amz-cf-id: HugTc8LUGmuxFHiKhby-Zb06eE7blId-vn_FAmDrIcREDeMBgxEonA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 1022_03_RedHat-OpenShift-Cert_Cloud_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/10/ 78 KB
78 KB 52ms
44ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/10/1022_03_RedHat-OpenShift-Cert_Cloud_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9189f58f08602921b8e72ca4ca59f115799cf71c4b3d334a52f5ed66b955943e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Gv5FyJ9G_bJTn.YCNPRUDlGMIVjvCZVZ
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=356589
x-cache: Hit from cloudfront
content-length: 79501
last-modified: Thu, 12 Oct 2023 22:04:26 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "47e59ebefff27d10913df30626231169-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493aded35e4-FRA
x-amz-cf-id: VsHYLMmalIw8feVli1J05bea9fOR61AsLrNNK8Df88W6ouXXz5yRYw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/02/ 187 KB
188 KB 60ms
53ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b461442bdf6f086af9023de4b6f909e8b21599229c8a8ba3ae4fc92a5c08a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: hZmyn9P._6dypj51wYPbVVhI2lZEUEus
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=617363
x-cache: Hit from cloudfront
content-length: 191687
last-modified: Tue, 03 Oct 2023 19:11:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d25e598fe985128b0022a38d18ffc021-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493adee35e4-FRA
x-amz-cf-id: ZYg7RY78PF4siwaQRlF43kYuduwonV7A8GWF_QFZmAbX3yI9TjRT8w==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0823_01_MSFT-Windows-Restart-Manager.jpg
www.crowdstrike.com/wp-content/uploads/2023/08/ 88 KB
89 KB 56ms
49ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/08/0823_01_MSFT-Windows-Restart-Manager.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2cea87b2980e211b88ecc676e39fe1ecf5bb25f3596f94534e6e786e22a962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: sVjao59CxscMy14jjuRR_4xJF9y8.u_J
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=332841
x-cache: Hit from cloudfront
content-length: 90269
last-modified: Wed, 27 Sep 2023 16:56:22 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "4208951930ac32a38c488d81b98bc45b-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdf535e4-FRA
x-amz-cf-id: FjEPNqcm1_-KbzQTiOTIcYzZ8SI5kRs8B4XbyR2xpYANANta-19zGg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 mapping-it-out-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/02/ 109 KB
110 KB 57ms
50ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/02/mapping-it-out-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057cf64e13a70d98b7ad8f18487273135e4bb1f5083088f3f58bdf345c197620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: .CgaE_tL6ZMMM4tC6TEeDC.E.8Y_8dCG
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=321647
x-cache: Hit from cloudfront
content-length: 111753
last-modified: Wed, 27 Sep 2023 16:56:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a1c9f1bfd248a5bf73316d1c50cf3cfe-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdf735e4-FRA
x-amz-cf-id: RKj3ULf54MsuuddsJJTdcq86VmbqKecPEc9ECywdLXWPEDAvmQ6qsw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0222_03_Falcon_Platform_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/02/ 23 KB
23 KB 75ms
68ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/02/0222_03_Falcon_Platform_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4909664b2cd227fc85ce6fd9d530ec41bef8528f31af916ba9ed95a2cb230823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ks6yGCm9uqlf_PjCKDBScSFi8FiDSfBX
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=96931
x-cache: Hit from cloudfront
content-length: 23201
last-modified: Fri, 13 Oct 2023 17:07:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a8826c5d8fe6f92d156adfc33de6387d-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdf835e4-FRA
x-amz-cf-id: NDgwH2Y0RFbEX1dI4LzzvWhvRv4QPceCDW0OJPupfp3dXjL3lO6QpQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 MITRE-100_Blog_01.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 62 KB
62 KB 68ms
61ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/MITRE-100_Blog_01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479a42c03c6ff55c0993365193e76f8bafaf7d48b53929dead68e5837950a104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: pzX44FErjE9Fd9z8p19vJcmo74GQ25Ui
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=174240
x-cache: Hit from cloudfront
content-length: 63443
last-modified: Thu, 05 Oct 2023 18:45:21 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "ba0d6c92f4ed0c1cb51e7338becfd2d8-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdf935e4-FRA
x-amz-cf-id: 5-9wnJts525_QcnHeI44872wKvameJTXPPXukUuPF2nA9H9YUzWQ9g==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Fal.Con_Product-Announcements_Red.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 107 KB
108 KB 53ms
46ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/Fal.Con_Product-Announcements_Red.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38768e148a5bb63accf39b50ef7301d5afe36333e21bdb5e3a5c089cd6608697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: AgZFjiflNt6Mrd3ISQWzKRT35U_cxxb.
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=309849
x-cache: Hit from cloudfront
content-length: 109995
last-modified: Thu, 05 Oct 2023 18:45:22 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f7132534fa9a98e25d6355de2d63d027-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdfa35e4-FRA
x-amz-cf-id: SPYFsQY1U5m-N8dqZeoazpwx82isJGQK4p-6O5UFGDcQFahJKMfTFA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0923_06_Bionic-Acquisition.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 47 KB
47 KB 57ms
50ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/0923_06_Bionic-Acquisition.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ff4ec8fa344f20a648ff5420435e31d43571889e9df849548a682879bd500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: VgKkkNlfWobeIVKpoqn_c2r78wRRJLPV
age: 2228
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=373544
x-cache: Hit from cloudfront
content-length: 48277
last-modified: Thu, 05 Oct 2023 18:45:15 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0e1e981f4a278761bd1669f9d7f88c3c-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdfb35e4-FRA
x-amz-cf-id: 4wsk7JKzbXqhG0AR7O0I8NVycE8KdBd2sDMU4ItGCYHo5VY5b2rY6w==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 23-OTH-060_adversary-5-panda-china.png
www.crowdstrike.com/wp-content/uploads/2023/06/ 410 KB
411 KB 77ms
71ms Image
image/png 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/06/23-OTH-060_adversary-5-panda-china.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6f07e26ae7e95df3b138d21eb6ef322beda975eddf7d5dd88156c48004e6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y.g0BnHsrd2mx.JBT8pUFNBOdL5X8HhU
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: origSize=429520
x-cache: Hit from cloudfront
content-length: 420334
last-modified: Thu, 10 Aug 2023 11:34:51 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "595d23ef3dcb777f3f92bd3dc5ceb7f6-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdfc35e4-FRA
x-amz-cf-id: _TPRT5i2myJwvCEafY9HnTeZ0b9rCfynMcF7RZcqt1sXx787Y8Lpqg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog_1060x698-8.jpeg
www.crowdstrike.com/wp-content/uploads/2022/01/ 204 KB
204 KB 63ms
57ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/01/Blog_1060x698-8.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d248cadd7c9d133a66cd2126b103fba268494b449dc54f486225e400a0453478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 52e9xSE30llqjjk5Zvv4aps0Q26_wfIQ
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=563870
x-cache: Hit from cloudfront
content-length: 208396
last-modified: Thu, 10 Aug 2023 11:34:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b805ca115d732c3d04ec3c6240312f93-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493bdfe35e4-FRA
x-amz-cf-id: vLP-HDD_Ko0oSiEy1zCp2QH0qQpFab5ZmPafCEH3l2VSpVK7P6txVg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0523_01_APAC-Cross-Boarder-Transfer-Systems_03.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 90 KB
90 KB 111ms
105ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/0523_01_APAC-Cross-Boarder-Transfer-Systems_03.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04727f699b52a1d71fb08c642b35b5352b4df1d961f1e06a84ade494c73c08b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: aTWrZkscLBaiwjwvx7V7B_CYxy.OL7IO
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=359254
x-cache: Hit from cloudfront
content-length: 92030
last-modified: Thu, 10 Aug 2023 11:34:54 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9f2548af0c4b0574886c5902cee76461-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0135e4-FRA
x-amz-cf-id: av5y4_JotTx-sTn3jCz_181Mnhlrp53D4brypKLmUGR7HfgCtq426A==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog_1060x698-3.jpeg
www.crowdstrike.com/wp-content/uploads/2022/12/ 193 KB
194 KB 78ms
72ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/12/Blog_1060x698-3.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b753594ff7e815b6bef74092861f26eb873ce93687e6f5f6253214b63da67ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: rU3ZEmeO_cnHAdWz8.lBGhpe2Qx.B_Y5
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=604748
x-cache: Hit from cloudfront
content-length: 197885
last-modified: Thu, 21 Sep 2023 00:48:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "42320077f55efadcbcfcbc46e7069e62-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0235e4-FRA
x-amz-cf-id: p1S4GGcZsyghtnbhpomJIlZCUX_W9BkppSEA9lv_YEBBxK1jxyb3qA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0423_01_ID-in-the-crosshairs_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/05/ 149 KB
150 KB 87ms
81ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/05/0423_01_ID-in-the-crosshairs_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19835b05e2879bafd44387fcd421b0b4611dc85899328260b363af1c4e3ac02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: JZkt6xqOkv40eohME3ckk5F9epJ_97ux
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=579266
x-cache: Hit from cloudfront
content-length: 153017
last-modified: Thu, 20 Jul 2023 15:39:44 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "abf6ec08db430ec56b34e7a10539988e-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0435e4-FRA
x-amz-cf-id: LtE4y3rVgk2dpS9YYwT9oJyej7sfx64GVqgUZiK8PmGADbaB6laJiw==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/03/ 74 KB
75 KB 63ms
57ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: YpQfZQYPZ3NPqKvsJqUtsUHuL1n46.7P
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=297157
x-cache: Hit from cloudfront
content-length: 76202
last-modified: Wed, 11 Oct 2023 19:00:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5b883786664d9e0c17f1d61bef867c0f-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0735e4-FRA
x-amz-cf-id: r4HTrR62ehrs2ffvnOyQA17rZnwdett3q_K_4Ucc7YctiNIhJyZZ9w==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0923_03_LogScale_ThreatHunting_Chrome.jpg
www.crowdstrike.com/wp-content/uploads/2023/09/ 19 KB
20 KB 77ms
71ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/09/0923_03_LogScale_ThreatHunting_Chrome.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe53644b0b082753243929e09b9e652a9e7051b3cf971e1a018104382778771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Mt6iROaTZoXYG3NrXnq4JzPCp3j_G09f
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=60252
x-cache: Hit from cloudfront
content-length: 19780
last-modified: Thu, 12 Oct 2023 21:09:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9d5ae4b58ca017e7ad5eeb82058fd20e-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0835e4-FRA
x-amz-cf-id: vcUOL3T8G1pdxZHBehc1COh6jMiByM646XsZSRjPGQomAORfj8WFmg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/02/ 204 KB
204 KB 72ms
67ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: An8bPWc4C1f9gq.pG6Aa2zUhVtXfXJfK
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=669828
x-cache: Hit from cloudfront
content-length: 208419
last-modified: Thu, 12 Oct 2023 21:09:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9d717ae48ec87b8cd6569613c6e3b3a0-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0a35e4-FRA
x-amz-cf-id: YBmiweq4vP6h_4IMdAVwS6OVJREtxOd91565f7vLZ2IfBe0D-wX8IA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/11/ 265 KB
265 KB 70ms
65ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/11/XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5a20aea350274cc88cc79a153797c6b253aec6a77259467378f0ca2dc29203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: jT8oOS5DTve9cJ7AM74ww77PPxjL_kYq
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=810899
x-cache: Hit from cloudfront
content-length: 270962
last-modified: Fri, 13 Oct 2023 17:07:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "566134bd7bd51455c57a56f0e2931258-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0c35e4-FRA
x-amz-cf-id: QEnN8T30Xr6MaeUu6EkRJbhxpz8jlP-nYCYUBJ6k5hAADvaONm_-ew==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 mentorships-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 242 KB
243 KB 66ms
60ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/mentorships-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b527f88908eeebbb1870931f8d3c110e7678486424d50343667336a335f33e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: PRN3t3ti5_uBio4uj8avo3RK8hccbWNR
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=958952
x-cache: Hit from cloudfront
content-length: 247770
last-modified: Tue, 06 Jun 2023 21:09:35 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e881929de4def2a5579a84a9e4f944ed-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0d35e4-FRA
x-amz-cf-id: S9tdtr3r-RY5WNKwOy2QlbxujxUrmMhuxPhGxX1gM3x9IJT4dJ8bOQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog_FB_1200x630-1.jpg
www.crowdstrike.com/wp-content/uploads/2020/10/ 33 KB
33 KB 76ms
71ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2020/10/Blog_FB_1200x630-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205dcb7bbc168099a95944b3670fcaec5407412da2d2f6e129ea3faec0731ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: VyqPNgo5HN007h6kSHWDDopZgBnP6ecg
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=83414
x-cache: Hit from cloudfront
content-length: 33765
last-modified: Tue, 06 Jun 2023 21:09:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b1757e1dec848cde3ad547969daac9ae-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be0f35e4-FRA
x-amz-cf-id: 5wejP0hVQpefKhGuazOJxwv6mipqIl5orzEwEJnMBsfCx5DfLlNhYA==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 womens-history-month-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 209 KB
209 KB 92ms
87ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/womens-history-month-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f094e6666e540aaa55a90812a019ea5ea34bd173ad2dc8ed1b4538b53fd68b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 14WVF2.OwbOH7EGNQhXNQWcZSxgHzaRv
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=736516
x-cache: Hit from cloudfront
content-length: 213646
last-modified: Tue, 06 Jun 2023 21:09:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b949171b18f4ba9e01b5204bdfd486ec-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be1035e4-FRA
x-amz-cf-id: YBQFONOBejGnLjbRb1iHiTAnUmi3SX5OuGgm1Tn6E_Ev5ZTA1gZWMg==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 0123_03_MLK-Day-2023_Blog_1060x698_V1.jpg
www.crowdstrike.com/wp-content/uploads/2023/01/ 62 KB
63 KB 89ms
85ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/01/0123_03_MLK-Day-2023_Blog_1060x698_V1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6925696138e919bcfc54d241d2e51017d3383293ea4cf5bd0b7b3932ada195ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: HfWvl5qeksh_QrIwbWyKt1oRM8SQYUy7
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=228171
x-cache: Hit from cloudfront
content-length: 63908
last-modified: Tue, 06 Jun 2023 21:09:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e00038a2fed4ae2e3bd05f8799efccd3-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be1135e4-FRA
x-amz-cf-id: 88RxMYOpGQpKAFAXs8Up-Wz1YaTNUDLEr3RNKYHVBjyDQjO3OoB4AQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Blog-1.jpeg
www.crowdstrike.com/wp-content/uploads/2021/12/ 27 KB
27 KB 56ms
52ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/12/Blog-1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6c1ed511a6160b35044d7c49e35e9b85da14be0164b3c40d5aa23c8ab027b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: _N14FJByGO7nrqMqmVysNFhK.hYE7BVW
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=100740
x-cache: Hit from cloudfront
content-length: 27622
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2d26935459e4c57e3485d38f612d2aa3-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be1235e4-FRA
x-amz-cf-id: K7dXnJFSCDj80GUFc2_-fpwdCu8dScxDIpnvAwdelbRLt0jKg5mT7A==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 CS_EY_Blog_1060x698_v2-1.jpeg
www.crowdstrike.com/wp-content/uploads/2021/05/ 85 KB
86 KB 80ms
76ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/05/CS_EY_Blog_1060x698_v2-1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58861e85bd3a7fd0aa7dd3b60eaf71ac79324dc48d6ec4bda8cd561eecc2234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Ko50gL_d99TA5H0.5K5BGipCvbIohHc9
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=375867
x-cache: Hit from cloudfront
content-length: 87525
last-modified: Thu, 29 Sep 2022 17:10:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2cac6448dd2f54f3691a5c9c58dcad10-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be1335e4-FRA
x-amz-cf-id: JsvP4iK_pfIKOeFtjgnLBaX63UaVKxLVHWT7wiCH0b8B2KazZ4iT0Q==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 Go-Beyond-the-Perimeter-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 405 KB
406 KB 72ms
68ms Image
image/jpeg 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/Go-Beyond-the-Perimeter-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e188efafb2df40e1f4bd4973d31d37ae32a41676bc9c43d008388ec1ea72e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 06E88jVhse7R5o7Y5ABM3Wm4oNqLJfPv
age: 1642
x-amz-cf-pop: FRA56-C2
cf-polished: degrade=85, origSize=1167150
x-cache: Hit from cloudfront
content-length: 415208
last-modified: Mon, 30 Jan 2023 19:50:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5f2005763f57c0c0bc2719131824a0ad-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 816eb493be1435e4-FRA
x-amz-cf-id: B4IEqXp3vMTwGrFjzoBDyrvJtXbjoiPoGorXy7IHE7I6UbcRnOB2uQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 footer-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 3 KB
827 B 87ms
84ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2f64fa9ea0c7f0abc1ad4a0d11b3808ffb66ca288d93e4129a53478be0145bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: GbC2Dj2CYo.JGV46YHzKKsCeXLYgP1mo
age: 4558
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:19 GMT
server: cloudflare
etag: W/"048d3fbbaa9ce51155c284cb2aeda0c9-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb493be1535e4-FRA
x-amz-cf-id: zXb7U9cAplwU4exBHUYQxeThOcxZDbVACWv2XDv79ZUpke1-e-ucXQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 221ms
207ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 222ms
208ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2212b151d5b8d6b92a46cc0179565c5a619e148092%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22840a4ffa1a26e59267b6b28298d972e1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 72ms
39ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.crowdstrike.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 816eb493eb072c00-FRA
access-control-allow-headers: Content-Type

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 218ms
207ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A4e%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU.json Show response
play.vidyard.com/player/ Frame 3DC6 7 KB
3 KB 7ms
7ms Fetch
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/uTjAZGHEuZnPioHJ1HZQJU.json?disable_popouts=1&v=4.3.14&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95c20e0a7794962efee37727ae09f6f7072d6b613a60338b884dcbf7af057e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
referrer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 202886
x-cache: HIT
content-length: 3015
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.293175,VS0,VE1
etag: W/"1c9d-5zstqoh+TUCWQa2vZO9C2bqzAuY"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cdn.vidyard.com/thumbnails/35463232/
Redirect Chain

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

33 KB
33 KB

126ms
123ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB4) /
Resource Hash: f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
x-amz-version-id: QGXgB9JdNTswT6IKoF.GZknfwb5se2Rd
x-cdn: edgecast
age: 52574
x-amz-request-id: 1Q6B6QTCGVWC87HZ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33683
x-amz-id-2: HEmyn0neNfPjZ009pMhenrEuhPZ3P/+nAlWwuszMABFdqk3KoQBFw1021m40DJ5omeRNciitlKM=
last-modified: Fri, 31 Mar 2023 12:15:17 GMT
server: ECAcc (frc/4CB4)
etag: "0e24161b84477ff1a391dd5b79e03422"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
accept-ranges: bytes

Redirect headers

date: Mon, 16 Oct 2023 07:49:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 498795
x-cache: HIT
content-length: 102
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.295161,VS0,VE0
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendors~player~player-pomo~unreleased-90f69511b959120d4c9ac2a6662d8f7b.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 160 KB
41 KB 12ms
9ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-90f69511b959120d4c9ac2a6662d8f7b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf6ed702138601d70fbd6b9536fe530b412d831da6d789c5eb01b5cc6cbf93cb

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 3426893
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41873
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 06 Sep 2023 15:52:23 GMT
x-timer: S1697442568.308993,VS0,VE0
etag: "1094c2cc22c1e52eaad7d65a58d5986b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 111

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-d1574b8f4c22b898b6e50effd35e1530.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 102 KB
29 KB 12ms
9ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-d1574b8f4c22b898b6e50effd35e1530.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03498ea3d6dd426a8309cc760dee69c30d0e12dd607971cb2cbdb1c1be7bff4a

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 3426892
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 29250
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 06 Sep 2023 15:52:22 GMT
x-timer: S1697442568.308995,VS0,VE0
etag: "29b7ec510ccc38ce86f2683085d50db6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 110

GET
H2 200 vendors~player-pomo-0dc4e87d8b932e2acbd2b0f97af26433.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 608 KB
103 KB 49ms
46ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-0dc4e87d8b932e2acbd2b0f97af26433.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d620b8aa1e204dca4610a5207b7ca481d85829657a21af7ac51f95f552c2afce

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 3426892
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 105147
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 06 Sep 2023 15:52:23 GMT
x-timer: S1697442568.309251,VS0,VE0
etag: "8a62d5a9eab68a93082f78513d5aa47b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 113

GET
H2 200 player-pomo-9867b8de68ad7e6b70945a32781a16a7.css
assets.vidyard.com/play/stylesheets/ Frame 3DC6 39 KB
8 KB 11ms
9ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-9867b8de68ad7e6b70945a32781a16a7.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e7bf3c169c77079a0afcc451e66853207e3d5049a7b86a81a03b3af28fbe1592

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 310560
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 7580
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 12 Oct 2023 17:31:14 GMT
x-timer: S1697442568.308820,VS0,VE0
etag: "519cd62ec58ec10f09770707f7a09647"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 115

GET
H2 200 player-pomo-9867b8de68ad7e6b70945a32781a16a7.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 263 KB
53 KB 38ms
36ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-9867b8de68ad7e6b70945a32781a16a7.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 736ef378e8ba602b2c8758737f4fde8b4c308e14441d0992e826ad5ac3048060

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 310560
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 53596
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 12 Oct 2023 17:31:14 GMT
x-timer: S1697442568.309192,VS0,VE0
etag: "7c1a28e45c1e8f5a282fcc4891f57bf3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 117

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 25ms
23ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 52407
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdce70f4-f01e-00ad-093e-79f88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb4942c30194d-FRA

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
784 B 40ms
25ms XHR
application/json 35.157.171.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.171.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-171-95.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 78a4b9564a0a06db5941666b6db7ffb118befe320879982484283fda987bf178

Request headers

Referer: https://www.crowdstrike.com/
accept-language: de-DE,de;q=0.9
Authorization: Token 12b151d5b8d6b92a46cc0179565c5a619e148092
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-6s-CustomID: WebTag1.0 840a4ffa1a26e59267b6b28298d972e1

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.crowdstrike.com
access-control-allow-credentials: true
content-length: 596

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 54ms
14ms Preflight 35.157.171.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.171.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-171-95.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.crowdstrike.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.crowdstrike.com
access-control-max-age: 1800
date: Mon, 16 Oct 2023 07:49:28 GMT
server: nginx

GET
H2 200 footer-privacy-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 570 B
567 B 46ms
39ms Fetch
application/json 2606:4700::6812:9a09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-privacy-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1695129389

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825eddc5a328150497ef80e31c6ac8ec6aeaafda378ef0af6f2c8436660df29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: eOzw.oc2cAPwjSCqI8skJ.tlig_tutY9
age: 2415
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 12 Oct 2023 21:09:19 GMT
server: cloudflare
etag: W/"e015b4ace38254b0c98d6595247e39f5-1"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 816eb4943eae35e4-FRA
x-amz-cf-id: uj9Z0RsCafmTxpt7RuCMa31NcsUzzSnECB6-chG8xeka54Cq4-nVgQ==
expires: Mon, 16 Oct 2023 11:49:28 GMT

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU Show response
play.vidyard.com/video/ Frame 3DC6 262 B
378 B 8ms
8ms XHR
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/video/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c69b33e20e714957c45450fc592eff0c82ac3f32bebd6c10e2389a7aab743143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 202886
x-cache: HIT
content-length: 224
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442568.437999,VS0,VE1
etag: W/"106-wDoQ+XdYu7Iq4Yki6Uumy4kgeDM"
vary: X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 7-e5e5c8965781295cc678b9668496aecd.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 438 KB
98 KB 13ms
12ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/7-e5e5c8965781295cc678b9668496aecd.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d03dd607a450f00012097f7fc18237d94673c579952c57f4326e73afe0410a

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 378508
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 99834
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Tue, 12 Sep 2023 15:52:28 GMT
x-timer: S1697442568.450450,VS0,VE0
etag: "249b5b5edc2899b76ff0fb1d7718b60c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 107

GET
H2 200 6-d3b1d5678e4fe48daadbd7cad3f8dfb3.css
assets.vidyard.com/play/stylesheets/ Frame 3DC6 181 B
204 B 11ms
10ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/6-d3b1d5678e4fe48daadbd7cad3f8dfb3.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 310559
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 103
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 12 Oct 2023 17:31:14 GMT
x-timer: S1697442568.450439,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 108

GET
H2 200 6-d3b1d5678e4fe48daadbd7cad3f8dfb3.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 13 KB
4 KB 11ms
11ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-d3b1d5678e4fe48daadbd7cad3f8dfb3.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd78520434501b8767736a055d65321ca866c0f1035afb3c0ec577b038d60814

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 310559
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3678
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Thu, 12 Oct 2023 17:31:14 GMT
x-timer: S1697442568.450439,VS0,VE0
etag: "d099d16b4c22fbbb8b81a1c0975a5387"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 111

GET
H2 200 36-88ef275bc8713e4ad6f5a59bd4122e28.js Show response
assets.vidyard.com/play/js/ Frame 3DC6 4 KB
2 KB 12ms
12ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/36-88ef275bc8713e4ad6f5a59bd4122e28.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-e328308b819e5df137639b5f21c9ce69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bdd3b5ad12d4ca6cfb71ae192b0f53ece7b3eda3b0e5bd1187e699c3f925a0f9

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
Origin: https://play.vidyard.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: br
via: 1.1 varnish
age: 3426891
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1430
x-served-by: cache-fra-eddf8230081-FRA
last-modified: Wed, 06 Sep 2023 15:52:22 GMT
x-timer: S1697442568.450422,VS0,VE0
etag: "f10e187f0ac9494399d2d681c6b977e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 99

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 330ms
106ms Preflight
text/html 184.73.67.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.67.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-67-37.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 16 Oct 2023 07:49:28 GMT

GET
H2

200

Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cdn.vidyard.com/thumbnails/35463232/ Frame 3DC6
Redirect Chain

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

33 KB
33 KB

8ms
8ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB4) /
Resource Hash: f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
x-amz-version-id: QGXgB9JdNTswT6IKoF.GZknfwb5se2Rd
x-cdn: edgecast
age: 52574
x-amz-request-id: 1Q6B6QTCGVWC87HZ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33683
x-amz-id-2: HEmyn0neNfPjZ009pMhenrEuhPZ3P/+nAlWwuszMABFdqk3KoQBFw1021m40DJ5omeRNciitlKM=
last-modified: Fri, 31 Mar 2023 12:15:17 GMT
server: ECAcc (frc/4CB4)
etag: "0e24161b84477ff1a391dd5b79e03422"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
accept-ranges: bytes

Redirect headers

date: Mon, 16 Oct 2023 07:49:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 498795
x-cache: HIT
content-length: 102
x-served-by: cache-fra-eddf8230105-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1697442569.523594,VS0,VE0
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame 3DC6 71 B
216 B 108ms
108ms XHR
application/json 184.73.67.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.67.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-67-37.compute-1.amazonaws.com
Software: /
Resource Hash: 6ad36e9668ad18c2b1693b60dd41b2f35e192e88157d478035ec4ba02dc4bce4

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Mon, 16 Oct 2023 07:49:28 GMT
x-vidyard-hostname: e8ae1e6f1f14
content-length: 71
content-type: application/json; charset=utf-8

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/ 202 KB
36 KB 21ms
21ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1020f9ea3c68809ea44b991f0ac679b8e3bc1f650820ab789198a3ce393039d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 65885
content-md5: bHNz9OfnPqGWpV0XFiqpAw==
content-length: 36253
x-ms-lease-status: unlocked
last-modified: Tue, 24 Jan 2023 21:06:26 GMT
server: cloudflare
etag: 0x8DAFE4EDB0DC9B3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 58a8502d-501e-012c-1ae1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb4954f831d84-FRA
expires: Tue, 17 Oct 2023 07:49:28 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 18ms
17ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 5519
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 522c887a-a01e-015f-1be1-5a6c4d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb495b8091d84-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 62 KB
13 KB 17ms
16ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5x5OTvRos5JBKPa+Qbpqxg==
age: 29139
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148668308060
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58a84701-501e-012c-48e1-5a1c8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb495b80a1d84-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 11668
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 37e42e60-201e-0145-4ee1-5a4322000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 816eb495b80b1d84-FRA

GET
H2 200 RC698dc8385de1411c824b73d0b3be0648-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 626 B
579 B 7ms
7ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RC698dc8385de1411c824b73d0b3be0648-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 87ec0711b8449b001a2b6427719e159699e124a8a1de11bf12212ba6dcc3eade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 321
expires: Mon, 16 Oct 2023 08:49:28 GMT

GET
H2 200 master.m3u8 Show response
cdn.vidyard.com/media/hls/Q2rdwA5GMQkne3KuXpeVmA/,full_hd,hd,480p,sd,.mp4.urlset/ Frame 3DC6 623 B
506 B 28ms
8ms XHR
application/vnd.apple.mpegurl 93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/media/hls/Q2rdwA5GMQkne3KuXpeVmA/,full_hd,hd,480p,sd,.mp4.urlset/master.m3u8?4jsdX34srzh4PdvQJdYP4fFkPT9pyEAQRm4cwoxxnbI3mYi_vm-jP2UklQHL9gsYFiHiJhG5DVCexZTUHeuEqA9c87U0j3UfeyA7sCo-kwbkgB8l-yiLEYot_3_IEhWSENJpG0sokcvkDQi-nc4ivgLiKtvXqn8HNC0U1unZdBPQmPLFPZvDonbab9CNYuALg7q0zg
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/7-e5e5c8965781295cc678b9668496aecd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C95) /
Resource Hash: c561767419f9c1e8ac41c8ae62d931db520f9b111a96de978fb62946ee77ffb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
x-cdn: edgecast
age: 559733
x-cache: HIT
content-length: 232
last-modified: Mon, 09 Oct 2023 20:20:36 GMT
server: ECAcc (frc/4C95)
etag: W/"-1-26f"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
vary: Accept-Encoding
accept-ranges: bytes

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 47055
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 17:37:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d009a6a8-f01e-0082-40a2-fd783d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 816eb495fe6b194d-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
493 B 16ms
15ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 3369
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 17:37:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a7c2afc2-301e-0034-53c1-fd0a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 816eb49618741d84-FRA

GET
H2 200 CS_Logos_2020_InlineRed_b.png
cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/ 23 KB
24 KB 23ms
23ms Image
application/octet-stream 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/CS_Logos_2020_InlineRed_b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QB/VUZMYBu/LYPsEI/xs+w==
age: 79319
content-length: 24007
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 19:10:59 GMT
server: cloudflare
etag: 0x8D82DA9CDE4D646
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 26f7a48a-f01e-0103-5ae1-5a9db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 816eb4962e94194d-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 25ms
25ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 16 Oct 2023 07:49:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 41227
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 17:37:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5d6c045a-301e-000b-1336-fdc2e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 816eb4962e95194d-FRA

GET
H2 200 RC9977e7e8d24c4505b6cc57623ef571a1-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/ 2 KB
1020 B 7ms
7ms Script
application/x-javascript 2a02:26f0:480:983::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/da7f939c447d/RC9977e7e8d24c4505b6cc57623ef571a1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:983::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 664d36a575a04201b4b8af5a7b87ff87e8bd8fa9bd638b1a578423ee861b3e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 19:24:57 GMT
server: AkamaiNetStorage
etag: "c799438a271efbee2be5f762f00048bc:1697225097.750913"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 761
expires: Mon, 16 Oct 2023 08:49:28 GMT

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 3DC6 68 B
213 B 115ms
115ms XHR
application/json 184.73.67.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-0848513ab96834b7b8adae23e7926ac3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.67.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-67-37.compute-1.amazonaws.com
Software: /
Resource Hash: b3e42ae341360553721976d43899450f05f55ad72282cef23112424982352b3b

Request headers

Referer: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.14&type=inline
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Mon, 16 Oct 2023 07:49:29 GMT
x-vidyard-hostname: a4fe7b259b60
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 104ms
104ms Preflight
text/html 184.73.67.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.67.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-67-37.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://play.vidyard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-methods: POST, PUT
access-control-allow-origin: https://play.vidyard.com
access-control-max-age: 86400
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 16 Oct 2023 07:49:29 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 199ms
199ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A28%20GMT%22%2C%22timeSpent%22%3A%221085%22%2C%22totalTimeSpent%22%3A%221085%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:29 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 203ms
203ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A29%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222086%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:30 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 206ms
205ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223087%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 204ms
204ms Image
image/gif 23.38.98.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=23887621-7ff9-443f-823d-d1ea74a4f40d&session=5efc7a17-507c-464a-87ef-0eee4746b303&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2016%20Oct%202023%2007%3A49%3A31%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224088%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=bfdc949e-59af-4969-8ea6-a9e8ed5e28e6&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-89.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:49:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crowdstrike.com/	1969-12-31 23:59:59	Name: _csUtms3 Value: %7B%22utm_medium%22%3A%22dir%22%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: jdjq4xByASc
.youtube.com/	1970-01-20 19:49:54	Name: VISITOR_INFO1_LIVE Value: hwJCuSXXFc4
.crowdstrike.com/	1970-01-20 17:40:18	Name: _gcl_au Value: 1.1.1555108004.1697442568
www.crowdstrike.com/	1970-01-20 15:40:47	Name: _an_uid Value: 0
www.crowdstrike.com/	1970-01-21 01:06:42	Name: _gd_visitor Value: 23887621-7ff9-443f-823d-d1ea74a4f40d
www.crowdstrike.com/	1970-01-20 15:30:56	Name: _gd_session Value: 5efc7a17-507c-464a-87ef-0eee4746b303
.go.crowdstrike.com/	1970-01-20 15:30:44	Name: __cf_bm Value: hhSaYpWRpsw123lz9J2CL7yf3DZ52nBf0jzPQbELyI8-1697442568-0-AemDYena3fV3Lfn5dFk5rvdX19xA8p61YYZefBPDFulC3ZmMaqU6hW8hZ8raiLpYvLvP/yeae/Ig0uEnEE7zAnw=
.6sc.co/	1970-01-21 01:06:42	Name: 6suuid Value: 99632617e2350b0008eb2c65e3010000f21b0100
.crowdstrike.com/	1970-01-21 00:16:18	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Oct+16+2023+09%3A49%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=202301.1.0&isIABGlobal=false&hosts=&consentId=b4cf1861-d08e-43a3-a1fb-9526c7ec5c11&interactionCount=0&landingPath=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
www.crowdstrike.com/	1970-01-20 15:30:44	Name: _csRef Value: www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
assets.vidyard.com
b.6sc.co
c.6sc.co
cdn.addsearch.com
cdn.cookielaw.org
cdn.vidyard.com
connect.facebook.net
epsilon.6sense.com
geolocation.onetrust.com
go.crowdstrike.com
ipv6.6sc.co
j.6sc.co
p.typekit.net
play.vidyard.com
raw.vidyard.com
secure.adnxs.com
use.fontawesome.com
use.typekit.net
www.crowdstrike.com
www.googletagmanager.com
www.youtube.com
104.17.74.206
151.101.1.181
184.73.67.37
185.89.211.84
23.38.98.89
2600:9000:2156:ac00:a:de52:1580:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2606:4700::6812:9a09
2606:4700:e0::ac40:670b
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a02:26f0:3500:16::215:1495
2a02:26f0:480:983::1e80
2a02:26f0:480:f::213:7ee1
2a02:26f0:7100::210:151
2a03:2880:f084:105:face:b00c:0:3
35.157.171.95
93.184.221.26
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
03498ea3d6dd426a8309cc760dee69c30d0e12dd607971cb2cbdb1c1be7bff4a
03b0c564fb579679c627efd07eaabc7a9c59479b5b7798b4e6c29b3520030fec
04466026773f10391f6d0d84d702b9eef45db6438822b4edcd931cf5cc89d2d2
04727f699b52a1d71fb08c642b35b5352b4df1d961f1e06a84ade494c73c08b0
057cf64e13a70d98b7ad8f18487273135e4bb1f5083088f3f58bdf345c197620
0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1
0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6
0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38
0f5a20aea350274cc88cc79a153797c6b253aec6a77259467378f0ca2dc29203
0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b
1020f9ea3c68809ea44b991f0ac679b8e3bc1f650820ab789198a3ce393039d7
19835b05e2879bafd44387fcd421b0b4611dc85899328260b363af1c4e3ac02c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
205dcb7bbc168099a95944b3670fcaec5407412da2d2f6e129ea3faec0731ee1
20a7bbc288f8920ac4851c59b16ff54e322027ebce3317d9b265b8129c94c594
21cf396be385b21e8311d96026d57f639323043d2f17f42f6864a615b5fca86c
21df4fadab40e33ae5d4b3008d3b347c75c1e0aa0d2eaf045eba4a6ee97e3c79
21e518d176577de2a43a469289812d0585bc739bd66694606c5f1be6a701db43
242698db9612aea97080689d97905652fa015ea74efbf70a516aef3852474d88
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
302c63800f372511b5c5981ce65f09ddc9926619a28ab7c8ebd23d0b120236a2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
36d220e0244517475dfe10f437bf2226a28eca7378c4b8fafa914a01174776cc
38768e148a5bb63accf39b50ef7301d5afe36333e21bdb5e3a5c089cd6608697
3b461442bdf6f086af9023de4b6f909e8b21599229c8a8ba3ae4fc92a5c08a6a
3d871b6771dfa1a9115eee87e6dbb038d19387e11f27904622a56ff9bd4d2b84
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
42d6d13af8e9e1e3e2eb9649efd2ffdd3a9d1b25dcd3ea489052a30d427466e0
45034c0ac4d6bf521f49c8062e0973da9332e668ca630b1095ad862be55d568a
46e7d29c1548aebe6deb68bb5322403af16353df4ae5243800dcf58f9f643232
479a42c03c6ff55c0993365193e76f8bafaf7d48b53929dead68e5837950a104
4909664b2cd227fc85ce6fd9d530ec41bef8528f31af916ba9ed95a2cb230823
4f6f07e26ae7e95df3b138d21eb6ef322beda975eddf7d5dd88156c48004e6c3
52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5
52c13ffb83b6901a230087f2d6e2df300bc6281a8dc10e3b38bf5d43c7cea0a6
541ff4ec8fa344f20a648ff5420435e31d43571889e9df849548a682879bd500
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
59fe5b428dbf3980f53ef1fb768b90a772e7f430cd33617da5c8ceb54820bf37
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
63bf01eb9c526436e112dac238827fe17a752fc80b34ba3934ec092778497876
664d36a575a04201b4b8af5a7b87ff87e8bd8fa9bd638b1a578423ee861b3e14
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6925696138e919bcfc54d241d2e51017d3383293ea4cf5bd0b7b3932ada195ea
69c9761403e2485e8ba4b18719eedc5190efed122125c5e0491288462b4fb56f
6ad36e9668ad18c2b1693b60dd41b2f35e192e88157d478035ec4ba02dc4bce4
6e188efafb2df40e1f4bd4973d31d37ae32a41676bc9c43d008388ec1ea72e1b
732735dc86bf7593921ca6ad5818eb7f67e37e6cdef0bc2ddc862276e11618a7
736ef378e8ba602b2c8758737f4fde8b4c308e14441d0992e826ad5ac3048060
74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7
78a4b9564a0a06db5941666b6db7ffb118befe320879982484283fda987bf178
7a3130477a6f2f745a9506410595c4c56ccea6746059817835d31bb505eb19af
7c9d38c1f093684d41a7b08eaad9de6256e4d277c7d782b5411c6d1179f2819a
7f094e6666e540aaa55a90812a019ea5ea34bd173ad2dc8ed1b4538b53fd68b3
8075e644b252872397824d6163fb27e99f9e043afa435c458bf67226b612ca23
825eddc5a328150497ef80e31c6ac8ec6aeaafda378ef0af6f2c8436660df29c
85164c9ebf305039e4d7ef9bbe9902396f227b9da80e311f3adebc865e10fb27
875a394bacf884023e57246e4377055ffb403bc95d5e995dd26a5e49994d00e0
87ec0711b8449b001a2b6427719e159699e124a8a1de11bf12212ba6dcc3eade
881496d42cddfd02cec1c1e080f9033abe22410c2861f8214e9ce48d9efeef44
8ce875796d4d6e5681b090c6b31f2e89e76e39f853e4fe2dd00dcee0f0db35cf
8e0c9ad71fdf2b8553461659e37cfbb453a5a569c5f8c67273cded5fc9e0d2ae
8fb3b1c8ff2e87f1fa4c43ea0d8a6dc3cc486cc772c854575c82fcd92dbf7cba
8fd6f40785d0bd9b34adbd6985abb75a1bd3cbfaefec8d3443929d3ecd999d0f
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9189f58f08602921b8e72ca4ca59f115799cf71c4b3d334a52f5ed66b955943e
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
956347b596554a858253974b2e43bcd6c28dbe2e01f13d52984f7a6c1057fd86
95c20e0a7794962efee37727ae09f6f7072d6b613a60338b884dcbf7af057e41
96b4ff4e6539bb610991fa9b313de9ce9490b83c10a04ebdc0efd27a2ab42c35
970c0f7a95958b2eb75f05bfeae5fb619adeca6c0a7fcb538a4f59e342f8eea0
9af6e0a0313027a162e74d5d3d66046341fa4203730f6a1ce3b5889af5235ea6
9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb
a09fe9b9f8deb402e85425e864ed0d7bd28a382f8e4b5e5ad1a6bb3ad3030ce3
a0f9ad349100e22fc0f804bf2cd7295202370354e8b5b519b2a03468b3c7e67d
a111d7ae871651ec4bc05e764a552b66bfac244cc85daff7913469defbf694d9
a3b3b9845700ca10a5b4def83602cc7cc4ac726339a92441592dad7ac933a95f
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
a9e3e4b8db90923d111e652b91ba5dd6c68defaa08ad0baa8c48ba07506b2cd6
ac2cea87b2980e211b88ecc676e39fe1ecf5bb25f3596f94534e6e786e22a962
aeb7c851c0fcce9ea166dc5062405ca56e561ba6a82a3daab0cade0f4818a12a
b008ac68c17b1b9533d27849384bfb1c4899618e3c85113c235306979e289845
b2283707e63fb53f2b24b4ea284661017f4028dd9f1062425ad9f44fff58b62f
b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db
b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730
b3e42ae341360553721976d43899450f05f55ad72282cef23112424982352b3b
b4bd561963cd077bec553b3a2a68b1ea084d0327f76a311029238709d01ac5c0
b527f88908eeebbb1870931f8d3c110e7678486424d50343667336a335f33e28
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
b753594ff7e815b6bef74092861f26eb873ce93687e6f5f6253214b63da67ede
b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819
bcaf3bfa5b565128f4a6052c3dacd8066a4bc0f9ce97cb6c6a71cfea9c2e11ee
bce50a6c3baaeb81c86f575125a959fdb1ffc5bb7a3bec2452503fda239ba4d7
bdd3b5ad12d4ca6cfb71ae192b0f53ece7b3eda3b0e5bd1187e699c3f925a0f9
be3af610c33131a0b88a81ace4b6713c241ed607d85130158987dcc63a8cf684
bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc
bf1ddee318dfac492b600afebbf5b67edb7e8cf2898802907c5c6194040840ab
bf6ed702138601d70fbd6b9536fe530b412d831da6d789c5eb01b5cc6cbf93cb
c2a27f67646142dabf6aa023a556e5beda6ee2ffde499ffa43f4287e7db99827
c409e947fcd9d3b08d4a4292a05908955e08e7673ed9be6271e5659a9d88b1ef
c561767419f9c1e8ac41c8ae62d931db520f9b111a96de978fb62946ee77ffb5
c572f7e6cda5feec58f66e79f96df91cfd83f6981d7d1f2958137b98ebf499cb
c69b33e20e714957c45450fc592eff0c82ac3f32bebd6c10e2389a7aab743143
c77b68e97c7c808e6662e4dda77dd798831e80a592f9e175c68314cd9b74d704
ca48ecff4b0eaca4ca4a70090a2a1fe3037a2972b2345971d63caacb0e1c2dc4
cc6addb827a2a39237154916d2a692464bceb44dc7bd73e7cdeb7150181615b5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d248cadd7c9d133a66cd2126b103fba268494b449dc54f486225e400a0453478
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d3e348c78c790de1bc1e2cb7480fb011717b1843f0a9bc1cb1a90fc45f542e3a
d620b8aa1e204dca4610a5207b7ca481d85829657a21af7ac51f95f552c2afce
d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609
d8f4f7589e5ecac8f3938b7c06d4496f218a7e0c6ab4eb15596d9c6a3c351367
d918dfd178470f1be12242960742fd20f811cf84c1beb90695770308a92cf017
db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd78520434501b8767736a055d65321ca866c0f1035afb3c0ec577b038d60814
e0a93c95249cebbb8a22324d3f8e5f0801a41ff1fd27ac43485f8a56816e366a
e0d7247f9a18889ae8a68fd56edaa202264826e284c725ce09964a71d1ee663e
e2d03dd607a450f00012097f7fc18237d94673c579952c57f4326e73afe0410a
e2f64fa9ea0c7f0abc1ad4a0d11b3808ffb66ca288d93e4129a53478be0145bf
e35507d68c9460b1bc5526d5a64fa382b04ea0c9da24b87a9bec7c6fd30bc55e
e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492e5bd630a86a679a9ead911fc5e1e155d75098344c375131c40470e97396d
e7bf3c169c77079a0afcc451e66853207e3d5049a7b86a81a03b3af28fbe1592
ea01987f1b76dfc2985483ac05bc1eaa38dc8e1e83fa23882a481d007c4ed11d
ebe53644b0b082753243929e09b9e652a9e7051b3cf971e1a018104382778771
ed6c1ed511a6160b35044d7c49e35e9b85da14be0164b3c40d5aa23c8ab027b0
eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0
f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424
f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce
f58861e85bd3a7fd0aa7dd3b60eaf71ac79324dc48d6ec4bda8cd561eecc2234
f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa5203c768a6b538b2dc84abba2c89c87c68d917f1488f2a18f299faceabbce1
fb61f3185f67175c4ae4647c4fe804fb2623791dd295589adc4c2771248cfde3
fba0e6ec960786f7e28a4c7c2b9e385dfdc7f3a991e0fb394ffd13da53446f4a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.crowdstrike.com Open in urlscan Pro 2606:4700::6812:9a09 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

98 %HTTPS

63 %IPv6

14 Domains

22 Subdomains

19 IPs

4 Countries

9066 kBTransfer

13410 kBSize

11 Cookies

41 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crowdstrike.com Open in urlscan Pro
2606:4700::6812:9a09 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

98 %
HTTPS

63 %
IPv6

14
Domains

22
Subdomains

19
IPs

4
Countries

9066 kB
Transfer

13410 kB
Size

11
Cookies

157 HTTP transactions
0 data transactions