urlscan.io logo urlscan.io
SecurityTrails logo

www.huntress.com Open in urlscan Pro
2606:2c40::c73c:671c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Submission: On April 03 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 4 countries across 28 domains to perform 135 HTTP transactions. The main IP is 2606:2c40::c73c:671c, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.huntress.com. The Cisco Umbrella rank of the primary domain is 869812.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2022. Valid for: a year.
This is the only time www.huntress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 2606:2c40::c7... 209242 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.206.208.114 16625 (AKAMAI-AS)
12 2606:2800:234... 15133 (EDGECAST)
1 140.82.121.3 36459 (GITHUB)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.96.102.137 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 23.35.237.151 16625 (AKAMAI-AS)
1 185.199.108.154 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 44.209.133.52 14618 (AMAZON-AES)
2 34.159.227.151 396982 (GOOGLE-CL...)
1 18.66.97.37 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.244.42.8 13414 (TWITTER)
1 52.222.236.74 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.110 16509 (AMAZON-02)
1 52.208.119.175 16509 (AMAZON-02)
1 54.170.136.168 16509 (AMAZON-02)
1 2606:2800:134... 15133 (EDGECAST)
9 2a04:4e42:8e:... 54113 (FASTLY)
135 36
40    2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.huntress.com
2    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
platform.linkedin.com
1    2606:4700::6811:f0cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
9    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
no-cache.hubspot.com
app.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
4    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
12    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    140.82.121.3 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com
gist.github.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
3    2606:4700:4400::6812:2128 (United States)

ASN13335 (CLOUDFLARENET, US)
3911692.fs1.hubspotusercontent-na1.net
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
1    185.199.108.154 (Hoover, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-154.github.com
github.githubassets.com
10    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
lh3.googleusercontent.com
lh6.googleusercontent.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
4    44.209.133.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-133-52.compute-1.amazonaws.com
scout.salesloft.com
2    34.159.227.151 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.227.159.34.bc.googleusercontent.com
webhooks.fivetran.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
4    2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
forms-na1.hsforms.com
perf.hsforms.com
2    2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
1    52.208.119.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-119-175.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    54.170.136.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-136-168.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
9    2a04:4e42:8e::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
Apex Domain
Subdomains		 Transfer
40 huntress.com
www.huntress.com — Cisco Umbrella Rank: 869812
2 MB
14 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 793
syndication.twitter.com — Cisco Umbrella Rank: 1106
441 KB
12 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 171
lh3.googleusercontent.com — Cisco Umbrella Rank: 73
lh6.googleusercontent.com — Cisco Umbrella Rank: 494
lh4.googleusercontent.com — Cisco Umbrella Rank: 504
4 MB
10 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2466
pbs.twimg.com — Cisco Umbrella Rank: 757
151 KB
9 hubspot.com
no-cache.hubspot.com — Cisco Umbrella Rank: 12093
app.hubspot.com — Cisco Umbrella Rank: 5750
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 11326
track.hubspot.com — Cisco Umbrella Rank: 2507
6 KB
6 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4379
perf.hsforms.com — Cisco Umbrella Rank: 12712
forms-na1.hsforms.com — Cisco Umbrella Rank: 7212
4 KB
5 salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 13727
scout.salesloft.com — Cisco Umbrella Rank: 16158
4 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2390
16 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 927
in.hotjar.com — Cisco Umbrella Rank: 2080
72 KB
3 hubspotusercontent-na1.net
3911692.fs1.hubspotusercontent-na1.net
95 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
25 KB
3 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1784
m.addthis.com — Cisco Umbrella Rank: 1731
140 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2441
content.hotjar.io — Cisco Umbrella Rank: 6944
418 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5067
forms.hscollectedforms.net — Cisco Umbrella Rank: 5237
25 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 fivetran.com
webhooks.fivetran.com — Cisco Umbrella Rank: 57857
325 B
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4625
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
35 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 756
35 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2034
207 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3452
3 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4588
87 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2380
20 KB
1 githubassets.com
github.githubassets.com — Cisco Umbrella Rank: 7763
10 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 483
1 KB
1 github.com
gist.github.com — Cisco Umbrella Rank: 44440
6 KB
1 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8759
2 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3552
160 KB
135 28
Domain Requested by
40 www.huntress.com www.huntress.com
12 platform.twitter.com www.huntress.com
platform.twitter.com
9 pbs.twimg.com
6 track.hubspot.com
4 scout.salesloft.com scout-cdn.salesloft.com
4 lh3.googleusercontent.com www.huntress.com
4 lh5.googleusercontent.com www.huntress.com
3 perf.hsforms.com www.huntress.com
3 js.hs-banner.com www.huntress.com
js.hs-banner.com
3 3911692.fs1.hubspotusercontent-na1.net www.huntress.com
3 cdnjs.cloudflare.com www.huntress.com
2 forms.hsforms.com www.huntress.com
2 syndication.twitter.com platform.twitter.com
2 connect.facebook.net www.huntress.com
connect.facebook.net
2 webhooks.fivetran.com cdn.jsdelivr.net
2 lh4.googleusercontent.com www.huntress.com
2 lh6.googleusercontent.com www.huntress.com
2 dev.visualwebsiteoptimizer.com www.huntress.com
2 cdn.jsdelivr.net www.huntress.com
2 s7.addthis.com www.huntress.com
s7.addthis.com
2 code.jquery.com www.huntress.com
1 cdn.syndication.twimg.com platform.twitter.com
1 content.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 forms-na1.hsforms.com www.huntress.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 script.hotjar.com static.hotjar.com
1 cta-service-cms2.hubspot.com www.huntress.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 app.hubspot.com www.huntress.com
1 js.hsadspixel.net www.huntress.com
1 js.hsleadflows.net www.huntress.com
1 js.hscollectedforms.net www.huntress.com
1 js.hs-analytics.net www.huntress.com
1 static.hotjar.com www.huntress.com
1 github.githubassets.com gist.github.com
1 z.moatads.com s7.addthis.com
1 scout-cdn.salesloft.com www.huntress.com
1 gist.github.com www.huntress.com
1 no-cache.hubspot.com www.huntress.com
1 cdn2.hubspot.net www.huntress.com
1 platform.linkedin.com www.huntress.com
135 44
Subject Issuer Validity Valid
www.huntress.com
Cloudflare Inc ECC CA-3		 2022-11-21 -
2023-11-21		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-02-27 -
2023-08-27		 6 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.github.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-16 -
2024-03-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-04-18		 a year crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.githubassets.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-05 -
2023-10-05		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
webhooks.fivetran.com
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-04-10		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Frame ID: B9A5E2A3AC964FEFB0BD1CEE7FF25FB0
Requests: 109 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B9C8AB2D2051855BAA87803AB77D0591
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 51CD745E8DB96F755C66923F72344A3E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com
Frame ID: D90A2D4739F03DEEE57124572A44457C
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: 6E4EB153CF871FD5AFF5EB636E1F2054
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

3CX VoIP Software Compromise & Supply Chain Threats

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

135
Requests

99 %
HTTPS

63 %
IPv6

28
Domains

44
Subdomains

36
IPs

4
Countries

6966 kB
Transfer

10648 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

135 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3cx-voip-software-compromise-supply-chain-threats
www.huntress.com/blog/ 		159 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d268b833b8c67a394cd5b1e1d64934f31a0f816a4ad4e0c7c177ab943ba34af2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
s-maxage=10800, max-age=0
cf-ray
7b1f85553d329a15-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 07:15:30 GMT
edge-cache-tag
CT-108856934290,CT-109058070802,CT-54921919288,CT-95216989457,CG-39343107504,P-3911692,L-37647219354,L-38940492861,L-97832688913,CW-37647184945,CW-37647219358,CW-37648091485,CW-37648262592,CW-72308060713,CW-97827380338,E-37640723000,E-37647164007,E-37647184944,E-67886983812,MENU-38395296852,MENU-38397117900,PGS-ALL,SW-4,B-39343107504,GC-38395296829,GC-97827380396
etag
W/"e464dea1ac70da6367693ff5227a3762"
last-modified
Sun, 02 Apr 2023 05:03:13 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBfF6p7De%2BBW0T6z5cXV7vyoEUHbvzi2zpnnONO3m%2BL%2FSd0uCn3h82Z9cLCwHrJdiTy3s1uX8pY5vR%2BYUn6hlIzYZehmoA%2BuIq3hGKyP0gr4QNG5v6ZX4Tzblwl9vPiXZ5arNZ0sMml2dKmtExI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-frame-options
sameorigin
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
HIT
x-hs-content-campaign-id
b6a5a326-12f2-4154-b6af-2b13924c0ae0
x-hs-content-id
108856934290
x-hs-hub-id
3911692
x-hs-prerendered
Sun, 02 Apr 2023 05:03:13 GMT
module_97827380338_POWER_Header_V2c.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1676562421744/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1676562421744/module_97827380338_POWER_Header_V2c.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14d9ab83afefac27b8b16689d2d1444e1d0d93ad55bbd1a55895fccfef24f74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
SAGWwmpNT4Ce834E44U7VqSnpf14PdPD
age
2470
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
V377S36E19MYTEH0
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GlujWn7lfGAOdIYXjsPNR5v+P5E4hGJ6JwCINh3C05YiwxNxwgZXDBiRpbweUdE9GweXnpTLUwc=
last-modified
Thu, 16 Feb 2023 15:47:02 GMT
server
cloudflare
etag
W/"9be42df21680f40ed61ab094e7f3caf6"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1676562421744
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaMKhNHXWX9I0SzDJKEfMioyBZJmXV%2FN6iISPOOGxuzOBm6c7aumKTttXpW%2FTUDwPrBxwNOav%2FShLFKUFTFjxqBPQOfvfzJ313WA1k2fOyBdBlFcK62Lfm%2FfvWxSZz%2BvrpqGHuO2l7EQev630%2Fs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd09a15-FRA
x-amz-cf-id
MGwQUzjXaeTgQcoveEDhau8Sf-Xv7EHqOao7xBpqK0yu4dp8H855_A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_37647219358_POWER_Blog_Post_Header.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/ 		74 B
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/module_37647219358_POWER_Blog_Post_Header.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
49upZA48BAIxdOk80QHxcPVW7u781vZq
age
1839
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
RBE504M68RCZWPX1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
qpaMaopyR1ve51SMs5eS05E32EhYEia633CiPpFJGpj/WW10vCWvD0vc1t+RPydsfNKDKcskfhg=
last-modified
Thu, 09 Dec 2021 06:55:09 GMT
server
cloudflare
etag
W/"69dec35879b2f3061c26e9b58f93b109"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1639032908209
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDVNfJuDFvY64MKcJ5jcwugudxbnHtGNY5a%2BZ6DdqrYPqJdlDy2Q6ClYn4pVaqWaBudrZ2%2Bo5PNExDJQzKtpqRxxlivuTsT8anmHGaZDnrOdJQn1ELyDrufsCyluhMb33DsZaJVX77jJbmDRHLU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd19a15-FRA
x-amz-cf-id
cK3RcJfssFzuaxthC3orVLQNLV8bx97NF6lfUo87ym-PhlGXfqLlhQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_37648262592_POWER_Blog_Post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888770/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888770/module_37648262592_POWER_Blog_Post.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 c59b5a542015c208c95d2ed3c65cdbcc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
sLM6hNVINivm4kGFb2j1Qp1W3F_bHazx
age
2470
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-amz-request-id
7812ZEB3KEZHWRKN
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
huVYZD+LHN2D11teFBX4C3Ac+n0xOXLkjauURCuo/u4brLGQieZHNdrrqVm++TJ+5ofVKVxtHt/vD2k0c3SXbg==
last-modified
Wed, 25 Jan 2023 17:48:09 GMT
server
cloudflare
etag
W/"32d40d380ad9ef9fa7e8201229f3af48"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1674668888770
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hczFt05wPejeZEVNx3XIrIL0j4BIXshg7jdrCyhzD%2FpCKda6Vwr1oMiXrAsnBnssfJIvoOecFOploxJCJVz7OR5kq83WP2VGrMRyL3z5XDRquGFv0v6%2FV2WHEs4DeIFKarT1yGzHp0DSWZ6MMzM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd29a15-FRA
x-amz-cf-id
d4fNLhZHXrlurgR74d4K9YlooQ04-QrrD6XOTt_ldPy7oV51mq8EJw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_72308060713_Blog_Related_post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/ 		980 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/module_72308060713_Blog_Related_post.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 8b1ca38f6b0e2c14ce8c202175f971a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
PvcH1mnBAoQZmMyjaqQqh_SH9bmBXz5d
age
900
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
10V13YW1RGWRM2ZK
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9b9pXyJB3MjFKREWo+lDGEpgFvtPkmzsAFIBaicBiNdOyTOJXTNpPnrW4waDDZM2woerQeI6htqqDo0OniMI3A==
last-modified
Mon, 21 Nov 2022 15:19:04 GMT
server
cloudflare
etag
W/"367408b281056af8212339a4673151f1"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1669043943698
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4OnQVIDUqxW0%2FFnrxCq4VL9Pjn0dHLPIB4UbPg9NRQYQePmlrphm3S%2FMOmk%2FQJG6itFIaTcym%2FhLgPvESEJr7AXLCy4FeH%2BI%2Fo0VOhkB7ZX5LOgaKNKQBw4IXwOcEATw2G9rYQT7hFPHadPzTI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd39a15-FRA
x-amz-cf-id
63SdJ71gyOR6k9i6lOvrS1W-FFBZbgKoEiGFfbu0zo7c6ohlNGY2zw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_37648091485_POWER_Footer_Full.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1674666344441/ 		161 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1674666344441/module_37648091485_POWER_Footer_Full.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b355e659eb1f476e9bb8b33c109b4c47718d902e483db104fcfea35cfc8a5584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
IXDFPhC61haDVWMg3tDQdN4OwCCIYt0V
age
893
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
B3XD7F9QYSNKBQWX
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
AxxIVMdeSHP+ZCG3091zcAPa7gYzCb2N7Ze1lerMLvyRKU9jSj+oDvgLZwOG6FuC243YQjq28Gg=
last-modified
Wed, 25 Jan 2023 17:05:45 GMT
server
cloudflare
etag
W/"6d74737f02d2fe1e657f09910ca14558"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1674666344441
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6ZPV%2FNCv4bqbFHilTtbeDSn4ENlPD1nuFfGrx2%2BFeBYcIn7uB%2BsxaxdjxJv%2BtoACFVxBcKvTqAJ2mSYhbDz5xHEb%2BXMe1nvMtR5MkLTLoQZSOqboOZV6jIUJ9hHiJkZkf%2BZ4SL2G%2BxaJFkL0aw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd59a15-FRA
x-amz-cf-id
VO4z5Nmu5DRlUIixnPP5CFsi3id0UA77WODU-sOb-FGrZz-1le-lEw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1680506130.dop140.fr8.t,1680506130.cds101.fr8.hn,1680506130.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery-migrate-3.3.2.min.js
code.jquery.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-2bd8"
vary
Accept-Encoding
x-hw
1680506130.dop140.fr8.t,1680506130.cds101.fr8.hn,1680506130.cds137.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4165
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa47f9d1bcb0a976e8e42d2a367328d9487b3acd168518d39c42b3b3e99e44d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-azure-ref-originshield
0OXEqZAAAAABrcCeNig0RR4APnUh4rabORlJBMjMxMDUwNDE4MDM3ADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn
AZUR
x-cache
TCP_HIT
x-cdn-proto
HTTP2
content-length
163382
x-li-uuid
AAX4aJ44hRIOuMdLPkMQcg==
x-li-pop
prod-lor1-x
vary
Accept-Encoding
x-azure-ref
0E30qZAAAAABqInon1r8ZQK6nVjKAXtPjRlJBMzFFREdFMDQxOQAyMjI2YTNlYi0wMWUwLTQ3YmYtYWNhMi0yYjA1OGRmZWFkNzU=
x-li-fabric
prod-lor1
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
x-li-proto
http/1.1
expires
Mon, 3 Apr 2023 07:24:58 GMT
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1680286929864/hubspot/hubspot_default/shared/responsive/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1680286929864/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
219133
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
last-modified
Fri, 31 Mar 2023 18:22:11 GMT
server
cloudflare
etag
W/"94daf62e7e6df83595c6251fb0c7c055"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680286930734
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrCONsrSMKOu2tI3IFADQh%2F%2F%2F518wv0aRNP7ICjpJ7ViBrJ%2FPGM%2FG5Nu5Z4kzMMMsdX%2BA1jLrO4vJW6xChulkQ1kcFr9kflK7MmUM%2FeZchiiUnDvFTUGrtNL3MwlznmlVJmAP6mGIX51IIPPJko%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f85562df73730-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
pwr.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/ 		247 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
299c86a9f0a44c5d7958234cfb021c3c73746ade2289d327778c7b08754947af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
4fnJyamHff1bLxYTGeFe_VsApAr9fOjf
age
1477
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
8S4R3KNAHPWVH33T
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
rmJpCdqzuw0uLBgLdcXA4g/ult2uaTaOwttJav8+ZRj4emfx3d4gySdFLYvS5eEqL8yYl8aKQo8=
last-modified
Tue, 14 Mar 2023 12:15:46 GMT
server
cloudflare
etag
W/"5847384eb2dd1ff5deb11f97ec259944"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1678796145392
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tOosB%2BMGB8E8Pbd%2BN4zYN0wvrm6h840RubTKd%2BlQj5JLIi7SbBfeTXWc36Fbs1pVVrzwtZRW8c5nn%2BXcv0GfuIlRbhN7v0ujAYBQVBr2qOgsNcXbboOrtS6DM5AEbgFfJuYCCuUTpPpP02gO64%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd69a15-FRA
x-amz-cf-id
_SMnSjnb_TNDWsmIxbGFfYzUicvkkBjCKTCiAQ7r9_NWN3dr2r8w1Q==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
custom-styles.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1670338665550/HL_Theme_2021/Coded_Files/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1670338665550/HL_Theme_2021/Coded_Files/custom-styles.min.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4067930b3bd986758e5cf0716f632eed56d9628eba4fc6d9002a00cc94110dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
GM243f.mqEIfG51QqeMKEnVH3FJ6_p3Q
age
1477
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
10JGFFBWAQE1VNWM
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YhDD1uIlbI4QxFj/8W0JnWRakq9MkNic7MEkxGWink25TEALvZbjkd/ULqh5yGkWNATcUx1K0Bc=
last-modified
Tue, 06 Dec 2022 14:57:47 GMT
server
cloudflare
etag
W/"0e9f619bafa9c065ccaf1ff3119f0632"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1670338666433
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xnhs3HpzqCw9KDW%2FVRHV44eevq5ShwpPLVntAAnyGQKm6VIGRYQ%2FuK0qwt4lF54rNSZzI5UHWPbq1ggHpZFLdS5gAxD3DJTCd5Hcc%2BTE1UooxPcLUywvUbpwQACnMAlFBtUPjKBIh2hnYfB5htw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8555cdd79a15-FRA
x-amz-cf-id
WDpnjHw_Vh-Kd1YqO6ZvmbaqwmB4_poPLC7vct4J1-RfdAVyy80dBA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
Asset%209@2x.svg
www.huntress.com/hubfs/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%209@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b860656603a5037d589fbc590dae90f79f93a93fa0c0b9511e3aa8df3e1a5ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83752863832,P-3911692,FLS-ALL
age
894423
x-amz-request-id
29CV56GMKSZM94HC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83752863832,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"ec2e8f640c47f66c6d508679561605ea"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662099980418
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
5WkADezxqa2S290OS.L8DvV4kL0N54Ge
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83752863832,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
dcUxl8guuoUl/+2n1qc9i+I3Zm8PU9Yq8wNsumcm4ypd3KDPAAxKbC0vwL1Vv2d+sR5vNqPGZQc=
last-modified
Fri, 02 Sep 2022 06:26:21 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WrOBFBJTK5D2DHFFz6%2BHX3RfDlkyPhTTY%2BpouTkqfTNX8tMyuN6XYXXzBu1fykQek70xsUYqjuo3yd8v4IKJ15YgmEes8slqlc3QjjgyZh010YmaueIFupQEPPqpwIuPuEF5D1db51qzduArBE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee168f5-FRA
x-amz-cf-id
_Lcn7QkvnobiAmcG7MR1nRoSZ3-A5f1Bdc33MADnQNd2MIk2Y_eIvw==
Asset%2010@2x.svg
www.huntress.com/hubfs/ 		10 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2010@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
954f86735dfd8abf4d923b985e719ab1ae438a2fb15a22346b141879538f4a83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83847772490,P-3911692,FLS-ALL
age
894423
x-amz-request-id
STKB2ZX3ZS918H7M
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83847772490,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"f7b384afa435308d55a50acb3b4dc9a1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662182958118
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
YFYdY6E2e5vfVkim17ED3MGPRYOjZc2d
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83847772490,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
11b8LELkf9WenFptSIH7qmZN58E6RvPTV6YkTAZdPk5TtVd/isE/CFj2ixoggZow2eHnksM9m6U=
last-modified
Sat, 03 Sep 2022 05:29:19 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA4ZwHKPpB1MqZgacXnnD248bP6JWYwW8sJN6WX9Z7Wnvd1D9SPWYlN0Wr5W%2FLYa2B6v%2F72llRFjcAJDhDP3kXEnGwVx6DEJFbnlQOzaroqTFomVxsze8ukEY6RKsorUSr0dVLxjUlERQ03vx60%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee268f5-FRA
x-amz-cf-id
WZmcZaEVJgBv7Xa0Gi4ngfybXGuk18SXY0_PhKYUoz8snrnUlsSw3A==
Asset%2014@2x.svg
www.huntress.com/hubfs/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2014@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeab6099229124c0acf1a7cbccf49c55808ca5de5ba8468e03d98bcfcdab3ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83846667130,P-3911692,FLS-ALL
age
894422
x-amz-request-id
VMYRGTT4N7AZF4BJ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83846667130,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"50545bf8ea725c9686064c10f850c0aa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662183246506
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
hNiqXEMKtM._2D4mEPj9Zrl4aEAcxNQs
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83846667130,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
t82qTM5xqh1XkAjZJCWI0v7POyfeuyDJ6QvbAU5ti+0a+s3Lajk+KRuiWlDg1mJBQ4aFiNZPzJY=
last-modified
Sat, 03 Sep 2022 05:34:07 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhqA6%2BxG9VZlpuyAHVL%2Fn6H5DTyY5GQH8msCKRHqOiLzFaxgbUrU3s83U8tn%2FzUEP0Am3EH0zCDtLglnr8QYYrxvmLVVTudNMCMSMnQVncFrV2h9LdYYPVcDKlFpDiPOXDTz%2FgdGTudj7BAMl%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee468f5-FRA
x-amz-cf-id
WMVFGSmTEkB_3ptCdrJyHWukT32JG4U0wrIh_m9QcvjrQwcc2eB5Aw==
Asset%2011@2x.svg
www.huntress.com/hubfs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2011@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
295c420318d37ced90a8a681fe353fe027fd60e83a16ff965950cac3ccb22b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83847468397,P-3911692,FLS-ALL
age
894422
x-amz-request-id
9TVMJ5CAHH6ZN1TS
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83847468397,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"677d200d167e600e2026cdb12a5ed996"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662183042931
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
xjQD8JwE7xmMFjX84sLQs_NDETJwQbqX
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83847468397,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Oz1KVwzky0tt3EOOYhTN658Mm+Ww38/20rtJAP4PLt11sLLzM7eMmmzzf02JBSzPafHICeUutn4=
last-modified
Sat, 03 Sep 2022 05:30:43 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fnDXdFQVhxRiWlKlahBiA3WttCkspkC0SBQaesNYh%2BkTYBtMCzWqKKqPnlRrk3T7HyCKuBFHxYN2s4Gu0Ajyq4g1SwhYqL5rKm8jkji4A17nVpg2QEzVAswjETkwbSzLdYNnkbPUd5%2BLtQstXk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee568f5-FRA
x-amz-cf-id
WwfkbxgpxwGPTt4hmmULQu0jnz-7lsYsjO0owIs5GORiDQoKiaYIMA==
Asset%2013@2x.svg
www.huntress.com/hubfs/ 		15 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2013@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6145ffccacbf92ec04526c41b5e912e6555a7102a0515c64d5ae5b6002c8e4cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83846874671,P-3911692,FLS-ALL
age
894422
x-amz-request-id
VW5P6ZRX598HFZDY
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83846874671,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"9ec961a19aeb3e2015c061aede542e18"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662183181118
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
XFquvk99yq_WF897UvSyCDvvhrMfo7eM
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83846874671,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
exWKjWWyattoMNl8jz9dTnhddRG5mCoD02Eziw/pQ2pu8ZS37rmv4UiI8uxqUi4pr6TnuBCvlgE=
last-modified
Sat, 03 Sep 2022 05:33:02 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQuZMEYDZO3HHquVTF6iz8iwzX3KAFCI7JhRpe8H8UPZyw26wJOfZX4D4C6zIKdAgAXidH0ZxDy%2BDp%2FMcd7Xm7lnrDXthwHT784GPOMpxDFHm9cjs6b1OG9M%2FFzqJyFGOrR2k5NnbUiLvXlRdeA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee768f5-FRA
x-amz-cf-id
sYZOvFkXUQwf3-qmezrJN5pK7Ua1b835E8HEtoeXqCo3mqqmktiKKA==
Asset%2012@2x.svg
www.huntress.com/hubfs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2012@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad4b41123dd3a244cebc4b650de024f2650df1fba41d62ae4c9e4adcf4bc344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83854073700,P-3911692,FLS-ALL
age
500989
x-amz-request-id
SS5FDDDZN3MJ83GN
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83854073700,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
etag
W/"840ad20b2e3fd35f9898eeb352b54514"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662183114206
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 c66dd2dbede6d9916daeaa749445a5ea.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
0u3oVjPLGkqbx06S3I_LGFVUVlpBJeGx
x-amz-cf-pop
DUB2-C1
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
cache-tag
F-83854073700,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
8p25z7vi0Kz5IOkLsm3KfQe0T6ZfO6CLEoqeeVXtaEf00bQCFgUxWT7qHRLd08LJEwsNuiXcwsI=
last-modified
Sat, 03 Sep 2022 05:31:55 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDy2e7gw%2BkIrOUZjNp2R46hFqyf7Ko%2B7GYvtD9wYs3sAA09y5BOgV6bDoY8xFzTUYt4tY5AyioKXQIsXS0kEsekMSRoAogSRlvZWzF7D9WwCaWMuw96CVHjMOaAowlfhgXdRw5yNfYs63a2aGKY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aee968f5-FRA
x-amz-cf-id
nUOTn1r6MwvBHUfer249maMVYBJPYLHS0OHPVAH7VGwgjg4vwlLb4Q==
Asset%2015@2x.svg
www.huntress.com/hubfs/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2015@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee1caa737e585d6cf4a91ab01b27aff627c2056544d7c9e4f704f1a9176a023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83854984338,P-3911692,FLS-ALL
age
500989
x-amz-request-id
SS5223YRJAF16VS2
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83854984338,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
etag
W/"46ba1d0e22afcd81d0f559509d4040e0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662183311931
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 ce024f609b66dae59e41a6b53a8757ba.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ykcf.YtMKnpKRVLLWHK_h271kY_vwQ8j
x-amz-cf-pop
DUB2-C1
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
cache-tag
F-83854984338,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
dx1YhP9LdTvsSbLPvFie6Qq9ZHeqM1o8S6/oDLTip2R7+w9xK7IIy0ZG6/Te0HxyBNodidhweFagEvOSrfqnFg==
last-modified
Sat, 03 Sep 2022 05:35:12 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5vzb3goF2VbWwmWlfuY9sU5qdL3B1WSZcAFkVcJBxgBSo%2Bxpru7%2BKbfTfTHrsPPlm0aK2QJg8PvkoS%2BJ2TM9m5ddjkVeoAE1VBxpLpYZ4QFCsGWNZ8znfyOC7o77hQu6bNucFJfNbs4TEhAmxo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aeec68f5-FRA
x-amz-cf-id
VdjKke7vbZ1GPU1xEjYqOOUehV_TMSyKgif08reCW6f679D7L3bHLg==
Asset%2016@2x.svg
www.huntress.com/hubfs/ 		12 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Asset%2016@2x.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
295fe623d1742c976f775c008be5bcb815be503e1cd7811aafdc08cd12682c25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83854167428,P-3911692,FLS-ALL
age
894421
x-amz-request-id
NSZ500D8ZDDEJZWK
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83854167428,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"44914406e9714339fed07ac3ccde38fe"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662184506038
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
wbLDdPcRl.zixcmn1ViEkxLS23kLuxQF
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83854167428,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
j3+ZXOrDnaZo1IcA+kp3nFmYtOOzmeZAaaJCQM/dKM47AMV0d934e6LB3+9Kvh5maGCtqavuC2zoF9cyONOtIpEFxN3QorqdUceyRVPV7rU=
last-modified
Sat, 03 Sep 2022 05:55:07 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COOKhYmX8Ljap%2F4dBAYvkt8vMnVnq8d1iuUEBNzobtiDQ6K1Znna7kme%2FpTnBSCjO%2FMbT04QCFP2VOFytG3a88XFcHQlxOr6ObQaAuMuWJ6PntizFX0V3sPa8nkS%2FmJQXbk3eftHTaIvb9%2BeQJI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559aeed68f5-FRA
x-amz-cf-id
wPA846nA4pAHHVmyDojaHPwgYTbE2y5A2tnKfWWL2SQVFmq-YHRDHA==
Group%20139.png
www.huntress.com/hubfs/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Group%20139.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bf1462917f99639fe1db5284b292d9f2dfb6ab5629d2426b5243a4db6b5b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-83753956493,P-3911692,FLS-ALL
age
894421
x-amz-request-id
Y3AFJ5SQDMDSPX61
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83753956493,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="Group%20139.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
cf-bgj
imgq:85,h2pri
etag
"a44c8a54e3a9fd6dad771171d08e3544"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662102247523
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
WxJSvRoqOyadQDLBNMvKTsJ2SHDjIooW
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=6890
x-cache
RefreshHit from cloudfront
cache-tag
F-83753956493,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5250
x-amz-id-2
b+x+cyxHsEnOzk4NwKHlGZAkuzSKJP3/0XM/kMWHzX5jbtdhwdqbZNtYI3PKW5s4Tt4PgaO/14M=
last-modified
Fri, 02 Sep 2022 07:04:08 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQXyrQDUZCvghGXo7LB6eCDE99ISQwjc4yfJHtcOloCi%2FRo2qoCLktFxrjadye1dtoNaRaAYd4mqts9t1CkQA9ZhI%2BxaF2D2Ztf8k4p7BXEkKwNAi%2FBJUGvw35zm%2Bc2zvPRGowegZWksGwEj36U%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7b1f8559bef068f5-FRA
x-amz-cf-id
OZTieor0YgX6oeniDsvJZiFP2YOwMdDWGV6dqG6eyWP04UjtLuYRzw==
40e39240-8f28-4247-989e-af913fc5ff6d.png
no-cache.hubspot.com/cta/default/3911692/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/3911692/40e39240-8f28-4247-989e-af913fc5ff6d.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7bdf8f9ec125444bedd4c013d5b956636ea5b8407e0b60c991a361f65beab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
x-amz-version-id
null
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
RMK1BWKE68SH4M55
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1039
x-amz-id-2
CNrYhvdnbqWdatEwOJzgFzqg1gWgrG3He68wmTg+ZflnKNUARW7t4MGxSSpEI+qp4pFNAxDWMh8=
last-modified
Wed, 21 Jul 2021 14:21:28 GMT
server
cloudflare
etag
"79b5475fbb2abb884386550a797d2e28"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hOzkbvOgJMmfcYg2GKilWVz4gg7W%2FGwcR0rMQtYkbxLCXndIipghY%2BncFXWfMLwH3GWZHrbtavlx9tFnfwwI4kwH%2Fc%2BWbJqAH8fIk%2BXRLV4ShSRyCiR%2BghKKzE%2FSuacAC7yl4xG1ZlrfEsbkudgDSIo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
7b1f855aa9c99a0b-FRA
current.js
www.huntress.com/hs/cta/cta/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/cta/cta/current.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:30 GMT
strict-transport-security
max-age=31536000
via
1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
O_dI.J5OwqlyrSQnZwBt_38jV6NFMeLX
age
520
x-amz-cf-pop
IAD55-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.140/bundles/current.js&cfRay=7b1f789ec352697b-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Feb 2023 05:00:29 UTC
server
cloudflare
etag
W/"2a447451325b0ef178f8f05aa802c484"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S78rKRwCyDC2ek5c4DxUtRSiAkwaisk0QlTT5v9G5dsX73k01s0%2BmsHsv2i3h4kD399tzQc1VQ%2BFNKBLjwiFlJMdHKDjAWAGnzz1qO%2B5GFm%2ByCiutfiqDq3Pri9aDRH72MD3gEnhwktZ22uhEhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
7b1f85568ad968f5-FRA
x-amz-cf-id
lMoCFmVYIIEYCqe830yfxf-WST1P8vtquBcDxReopiSB4G8vACi_cQ==
x-hs-target-asset
cta-embed-js/static-1.140/bundles/current.js
Huntress-1-1.svg
www.huntress.com/hubfs/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Huntress-1-1.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-83639587659,P-3911692,FLS-ALL
age
894425
x-amz-request-id
P931M5WV0P0NJ0P0
x-amz-server-side-encryption
AES256
edge-cache-tag
F-83639587659,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1662015849971
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
CV3yu1lUsNjBX07SDUAQdESVyZxYlca4
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-83639587659,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MlZ95bOwFSzvIy5/q7oxzbVXwjNqC82yuVc//AnV6544qf1DjxrbUJqspa0Hxlg+Ftw7aA7Lu0s=
last-modified
Thu, 01 Sep 2022 07:04:10 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhAyvTAtZy%2Bn0DsXBdbPZR%2FT5fe2RpgMbG4VNqgLrKJtyyZBWgg9tSU17etomdzXJROC9bJ3v2SYuUZy4Yz%2FKx%2B2mGzsXlxB5dfq%2FVyYVdRQT%2FruGPGwUsAPbzI2i0sl94YtQ%2FVXTBUwAVS30Ro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559bef668f5-FRA
x-amz-cf-id
oUqQG_YBzp9FysQrPOOVT0EalhpecOCT8F5YGA9KJFMrYVSISYoNAg==
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Mon, 03 Apr 2023 07:15:31 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116328
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC6) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:31 GMT
Content-Encoding
gzip
Age
1138
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (amb/6BC6)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
b9912e2d2ba4418a8a4450a166b35cb4.js
gist.github.com/JohnHammond/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/JohnHammond/b9912e2d2ba4418a8a4450a166b35cb4.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.82.121.3 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-121-3-fra.github.com
Software
GitHub.com /
Resource Hash
32d6056c95788f5c57ec432a65eb04b4bba5c7d0a243c0ffb010aa55e3a04902
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com objects-origin.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com objects-origin.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding
gzip
content-length
2661
x-xss-protection
0
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
9D8A:C237:31BB31B:32B23C1:642A7D13
etag
W/"32d6056c95788f5c57ec432a65eb04b4"
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options
deny
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
magnific-popup.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.css
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2904720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1497
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-1b27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFTHeuQtZR%2FgumDDNWTxEqbMDrR9c8bc9fsgVZfy7Mce57QxjChIiZNYE7eyzbQTBFYSvG3%2Bs%2Fl6qo2zewwlTw710uQ8kA6Im4RzrdS3ijGP5iBdvrnaVRabmzyuoqbFYdgB8b7VukgbBWGSfLHvsuJR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b1f8559ba0637fe-FRA
expires
Sat, 23 Mar 2024 07:15:31 GMT
Huntress-1.svg
www.huntress.com/hubfs/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Huntress-1.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-39773583794,P-3911692,FLS-ALL
age
860730
x-amz-request-id
6DD2V1P5C85SVC1V
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39773583794,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1609832613811
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
jsS8.Qyl076AnWtAah4sMmKUd0P8VNuI
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-39773583794,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/SQDBZ6ZCvv1Z1FlkQ494zbKDyoisDFcfBKuoS2g2QS/EnkmMKqe2UaHpKO2EdIoBV8bPosG7QM=
last-modified
Tue, 05 Jan 2021 07:43:34 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmOLpbWVM0tZbY2wga23DwenOvsKpR9eUQPoaENm51yyQtHxsjpLo4Y22NmhIXjIBhStsFAST0LHQfeR97mffItJljvI1NLJnfmjW%2FsrW1e7%2F25Y%2FHhBP%2FYNd8AfCRVzNF%2BsG9uOMdBuCjQFgd8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559bef768f5-FRA
x-amz-cf-id
OjEGFn51o6BFOQRYRmgirnPIZ-UvLNoxClrSxq8gWnJ4wnHVPF6bMg==
Biz-1.svg
www.huntress.com/hubfs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Biz-1.svg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8635796c350308ea6419713250a1cae02120881c6cc990f3b0562821201e7266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-55369190472,P-3911692,FLS-ALL
age
603882
x-amz-request-id
S2W65CQ1DVRA1Q0F
x-amz-server-side-encryption
AES256
edge-cache-tag
F-55369190472,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"10aa3cb3029e1f043563140e89d76c8d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1631771480774
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
pb30Lhh_yVZl.AlHg0LSscg9tyoyIBsR
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-55369190472,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
yBv3rf75SZWkLZHHk91xM8iOuX+lT+RO6Got6uQGfal5fS4z6q+bP/xdYRpSwxdw7T8j3zRE8FE=
last-modified
Thu, 16 Sep 2021 05:51:21 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBkk%2BC8PAIm1C373hdj0gHuICwivowKhR5a2zrpieygLQesepthjR8iY%2BPfyKJZRtOoI3NzFMK06ctQNh9RGflxNJqTu3X0FBLM7sGSpAUhs2Wb0qiFgNJl26I8vNa9M617UXxaB9d38b8GnUh0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1f8559bef968f5-FRA
x-amz-cf-id
vk0Be5T8jjIOUmGJhv0SeUySiIraOb7agkQMugEEBEcfwGOd9TdlYA==
pwr.min.js
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1675459147413/HL_Theme_2021/Coded_Files/ 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1675459147413/HL_Theme_2021/Coded_Files/pwr.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9f94bac395a68b247d7b18c56682d5e3105df9fb210f428f379fa8b16496a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
l2MwqVH1MaNBn_HhGb88vmqd21UH5P3K
age
1478
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
Q12FBCMTS53PKN9K
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lfOnmGlsikSk0E8kfzAUCkOiX0MAGUmSfh6h0rsTvrUhn9PTyUkPLuLXsnTPh79p2uegIgZVLyw=
last-modified
Fri, 03 Feb 2023 21:19:09 GMT
server
cloudflare
etag
W/"305b0a8685ac0870712983a0934c9e1b"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1675459148904
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydGoXyLDMlncqYS6Rv8JUn4WV%2FvVXCyb175r9o2YvpGuiXgRGx9%2Bg8%2FXS67WgMs5Wa6OzavMXE3GKpnwTh7w%2FYU4ju2%2Fo%2BxE9GahJC%2Bp3MddHNU9NTCXRaROYDZxXOw0s6GgLvVARwqbwvWm62g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8559aed868f5-FRA
x-amz-cf-id
of49AiWO5gyHGQ3O25IS7OyusX33w5DCf95eUm_7wAjyErgfc4H4vA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
project.js
www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age
1199226
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5LWsq%2BJtnHOw2QJbtgK4JVhSxgD7mX9%2FUHBTVezk7jQy%2FZ%2BlF8EiW53xBAGix80x6bNW9gCEzJYv%2ByM2BAJSsY59nkXViOJoCSsyBE6vf49ngLinATU7jvAuoGkVL60j2WNp9XNIToFVKwckPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b1f8559aedb68f5-FRA
x-amz-cf-id
vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires
Tue, 02 Apr 2024 07:15:31 GMT
module_37648262592_POWER_Blog_Post.min.js
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888038/ 		933 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888038/module_37648262592_POWER_Blog_Post.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
BBcSXZF4Twfvqpetce9Qqr3pynKHdU7C
age
893
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
Z1JQ4950P1HYR81W
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EiD9gJQFprHAn+tnDKzuWSKOO7d40BcBFfYHqP8yviIze3tLzX52gocJCBBDiuqnbEqfPtJWO+w=
last-modified
Wed, 25 Jan 2023 17:48:09 GMT
server
cloudflare
etag
W/"005ba15488b184ae927f2bb08fa5a345"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1674668888038
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPdKQX%2BYapghrc3%2BgLV61NFLzzzUWhrOkml0AoAl3bs3tGTs%2F0uQYPL9wdhoSUKmFfXVE206Vh4feUuho0om3El3KwJo7nE1ikXwXTbp%2FnKvHPYxGmsOA3e2SRdruzZwPScLITOjOvOfTt3v1ik%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8559aedd68f5-FRA
x-amz-cf-id
7PiQz7a3_86G7BOrcPm2XyS2g_dcNP6FNEC8lcljXfv2T6u0i9hr5A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
jquery.magnific-popup.min.js
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
908418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6546
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-4ef8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIxYiJ75MQE8jIkwUcEmizfAsgodRz47xuK%2BbvvhlRyWRjijFowIZ9yNnAczw4OESZ6xtcifzrsCeKzU0T7hneTn%2Fx7Qes3L1gFRjlvF3nLKKpJSVQq6%2FaFje5jqYdKiFwDdRmtQCPLTuLfj7A3rni6k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b1f8559ba0a37fe-FRA
expires
Sat, 23 Mar 2024 07:15:31 GMT
sticky.min.js
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/sticky.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
oIU6rHYsVQSZOhrGoqvW7sFAXkwuMMSC
age
901
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-amz-request-id
P3X1WRYJAQZAR8N8
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
5wY8PotIqw54A6iRrta179OctWPKE8Lv91RSO3Wi/m1HyMZ0cCLr17+HG9tsO/Vs6DK2UDRYUrzLyWBmhp+9PQ==
last-modified
Mon, 07 Mar 2022 07:07:33 GMT
server
cloudflare
etag
W/"55ae62a2138b0ac2dad2cd6f3fc3decb"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1646636852583
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alRzbZJH8RLPNp%2FClBt2TtSdfIZwmaMrw%2Bk35uYpG3H58besqcjz4D1JH5b58tzIVS6oB36eqTxzyHJkX2yVcT4PebMeVjgMy6ukzCOIbi3ryQ9JDEMzWCQE8keRuv%2FSRRm624V0MpNtIcvse5M%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8559aede68f5-FRA
x-amz-cf-id
cm70dBxEaBdk-RSKXvdfg32UfQVJHV9zy0qz6lxhIWz4GEFEOv1WbA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_72308060713_Blog_Related_post.min.js
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/ 		365 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/module_72308060713_Blog_Related_post.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
SBG.fyduSO9gOy.FmtNERc3Ncw_1ixXc
age
893
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-amz-request-id
ZAPHXVFN7MSPRDEE
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
AxwHO/R6qhnAREcpUVWmdW1MpTC7ML+fquI9o6kmtqHlZGFINUUIZh0GYOrvpNDCa81WkVoDSKA=
last-modified
Mon, 21 Nov 2022 15:19:04 GMT
server
cloudflare
etag
W/"136cb371b82e4f0a84d11b654e92bb11"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1669043943002
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GraNQ9nS44bwaX%2BfuHJahyAOsKVsSVnkwBSzEsuGliDnZl0PXtDxLG1uqnhSRrtIwbd5hi%2Fp5Iwu2HcdLciK2XG3j4%2FOg2p%2BCnFgZbOUk%2Fs5%2FnraR94VZG%2FCS1XntDd4nJise2D0fvLEEjNgbNE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7b1f8559aedf68f5-FRA
x-amz-cf-id
CAxulqntgHtt8aOBJ0T3x30wP358XqfDSMX68wXjro5rWJ5fOUkP4w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
v2.js
www.huntress.com/_hcms/forms/ 		519 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/_hcms/forms/v2.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de23bd96bc43612257043619423fbd28e4a5cf0338c9d9c1fa539b6203f80194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 4ae0902ea4e10dc74700d1753a74440a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
zewPG90uEnn6fOdllfKjDUoe13XjTKvA
age
306
x-amz-cf-pop
IAD55-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2933/bundles/project-v2.js&cfRay=7b1f7de327e35c38-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Mar 2023 10:46:48 UTC
server
cloudflare
etag
W/"ce2a890146bd2b65fe63d9c334e182ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Zw4AZ%2FEi43bAeSDQH5WpBnslh3tWTBK3r23TD8SaYBeB7BHMxrZqUeySxxjUfQRhxyJwg9UKBnSVd%2B6I0ZpyleFZm1f%2B1mP%2BQ8a0P51jK3VHvpwRQ4xDDRvAHoM6WBjfYHaxYZqc8S4NXnCGsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
7b1f8559aee068f5-FRA
x-amz-cf-id
78g_wsBA4z34ZVlw2rLMLuPvr_oTCwkT_f1L5Jfc6-2I8uJ3TCjZRw==
x-hs-target-asset
forms-embed/static-1.2933/bundles/project-v2.js
3911692.js
www.huntress.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace91901091204152ec7745b794f2599e76043aeac769c02bdd18115a13b2e21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7
x-hubspot-correlation-id
050833ac-a297-4ade-a265-c66a27087d06
cf-polished
origSize=2517
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 07:15:24 GMT
cf-bgj
minify
server
cloudflare
x-trace
2B082490AE36F24420BA46A0861FC4002ED719B13E000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.huntress.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuiT6bLRMsQGkrXqM%2FYeG3YdwAR4yLkSsGVk9u1WuzvKHe2IvmAIrAu5PMsgN%2F5jmwsACcQmQDNeYUTYSd8N3N242FEXsIsPazTkgCWQ%2B2dY4FJemQLnrKykFOybLoUBXHa9rClZrEuwJUpmL2E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
7b1f8559befb68f5-FRA
expires
Mon, 03 Apr 2023 07:16:31 GMT
index.js
www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
zqfoHVEO7SsMjSP1JrsnDQf9ix87l6qJ
age
4548557
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 15:43:08 GMT
server
cloudflare
etag
W/"d57b3d84e0be8dd0aef0781d100c0d14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMJ6RgBG4t2P2eTrJlMnS5pQPA7f7CD3cmkDGtJHYaWWWuIyrBqGwcDPlc1J1YWoaID9nryIslrpYohNbFDD4AkJ9FLYq4Mh45nSAJHaJNpFsYfQ2N3Uq8StoXfuuFoUiYNXounupNaFN4hUQ%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7b1f8559befd68f5-FRA
x-amz-cf-id
ch9PXkVWCvH2nOsOte7w4xPGtsY9EwL9b1YbIuksFbdyi3VU8AiTBw==
expires
Tue, 02 Apr 2024 07:15:31 GMT
polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/ 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/polyfill.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5283999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15998
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-11405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNVSX4M62mz0xjtkG%2BzJoqtUVli7t2j1hyTm4n%2B%2BRgnMmxOLVUoBejYqQI27%2BwRB8pBwCXv46TfC5AqUCJhB1mLNo8LuESjM8qt%2BJ%2FAEkUuArlEg7kAxkLVFR%2FPGYM1cZTy1XH6X3xsaKxf%2Brv%2FrjIWE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b1f8559ba0b37fe-FRA
expires
Sat, 23 Mar 2024 07:15:31 GMT
lozad.min.js
cdn.jsdelivr.net/npm/lozad/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38309
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230052-FRA, cache-yyz4556-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZW0WpsZ1kggidJtIzJ9%2F7HYGLew4mZc3gFLcXmvi6BNKoDXhLsuVKfogxdISpiO608B%2FD6wEYNtj1j0LB8uiXYCWx8Cd4QblMZ1pxHNQTPHwhpIAvG8jk882rIi310GQHkPsXPQRf3y9Jy0cxGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b1f855aac149a00-FRA
sp.js
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/ 		111 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/sp.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2397024
x-jsd-version
2.15.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230073-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"1bcc9-Fvi1pHLpkqezVQp0uCr6MtFyy4s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHPeVEZtPuwHJRIKLG5hp2iUGJLxEITGnwM5kLQnGdBOv6eLaV2Ed9gbI%2FGng69ut0e1TnsROhFYOTHjDQkAtHuvwlAg5U%2BT26dimT0lNqoxTuTqKTVkFjrCyysmRFJ%2Bqrg13kmBuplKlDG1iDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b1f855aac179a00-FRA
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=620982&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&f=1&r=0.9360354116774297
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
20400c209d45a7cc98bf2c9c986f435649446f806ecd79d3858e8b2ce39e2120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=0
x-amz-request-id
18PQ9HVM21BMKFMF
age
6004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
AJ3M81XZ2tOc0uReIvt+f2xZm+lTT5cYRr5suxFPGxw3aPK2n28WrYFs4y7maNAj8Wr0KJkC1jRgUAKtdJJc9Q==
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
server
cloudflare
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7b1f855ac85991d2-FRA
expires
Mon, 03 Apr 2023 11:15:31 GMT
HKNova-Regular.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Regular.woff2
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e

Request headers

Referer
https://www.huntress.com/
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-38491779608,FD-38491499040,P-3911692,FLS-ALL
age
1527188
x-amz-request-id
NXN5NB126YC02K4Z
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
"5a3239585a66868a9109bab6273f0a26"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1607406808501
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
y1_7cBbebzu1P55qghtsCfIzqKHObY4N
x-amz-cf-pop
FRA56-P4
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
content-length
32892
x-amz-id-2
0hqwMv9G/11NhsEtbjvB9SkNvT2f3dxSWRgSQ0H/6QwrJc/H5iCUxYIJ6wpYMSb/No0sFyBMmjE=
last-modified
Tue, 08 Dec 2020 05:53:29 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
7b1f855aa9943830-FRA
x-amz-cf-id
DUdCEkGsSHGJGhl0FzWDrYrsmSnyh7gE5a5j1mKK4E-IbvfzWEUOPg==
HKNova-Bold.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Bold.woff2
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe056293886177b09ff745622e1ed914c80210571ba1c1f357e26f2a456cc10

Request headers

Referer
https://www.huntress.com/
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-38491499045,FD-38491499040,P-3911692,FLS-ALL
age
1628225
x-amz-request-id
GFXB662MYEPQ5K38
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38491499045,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
"c70ef2ebf7b362a95b0a872d29d0ecda"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1607406808193
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
HksL4GZhEqXLWJawp7ng3VY8IqbEzeqn
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-38491499045,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
content-length
33624
x-amz-id-2
C9YUGLyd2WBmjZxpDsSOGrYAHNgXO2iLjUnLS+1LAiLurWVnPkwBU2pBRntCIaV+hnx85TnngKk=
last-modified
Tue, 08 Dec 2020 05:53:29 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
7b1f855aa9963830-FRA
x-amz-cf-id
KumsjkGVEcLj5rOMIyRris_uMjvCYX4h-SI4KOCMyWdoNGBozGCwhA==
Huntress-Rapid-Response-Blog--ProxyShell.png
www.huntress.com/hubfs/ 		646 KB
648 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/Huntress-Rapid-Response-Blog--ProxyShell.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb7aa016e75f8a4d3efea0caaa8de2ebc81ec02baeecbfbc98d9541c726a47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-53267410474,P-3911692,FLS-ALL
age
330372
x-amz-request-id
HFFDV706MPZ10KZX
x-amz-server-side-encryption
AES256
edge-cache-tag
F-53267410474,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="Huntress-Rapid-Response-Blog--ProxyShell.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
cf-bgj
imgq:85,h2pri
etag
"bd8d8d839cc7eaa0ea76b4f6a28e004e"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1629404371223
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
.B2g.Q6kWRMyf9Yfoyt0CgonFRlcByPe
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=958947
x-cache
RefreshHit from cloudfront
cache-tag
F-53267410474,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
661706
x-amz-id-2
Cp8LX+IqWAJ2bmIVrThjVEUIN97lVPLi9eB5/SC/OlH3+lRaGtyvAvIevHUPjVNW7YzX2QrbEOY=
last-modified
Thu, 19 Aug 2021 20:19:32 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hl34Ai8Kcd4IEiS9ufhI6llz%2FgU3laUEZXuyCJvSJo6MwIVp30pu8kNMfhyC4pJNrOcnopcHJJwFYu98vv4kS68P0vflj2xlyS5RtBhCuO4IlCeTYmFhF0nnONCS%2B%2Bnxxj8OJ56mVsAtsQyyoFQ%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7b1f855b48ae68f5-FRA
x-amz-cf-id
wyZYuQflELimo-k5hmu5RxxfNBnATw9VIqMsy5LBxOpfnk-vj7VX7A==
visuelt-black.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/visuelt-black.woff2
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e

Request headers

Referer
https://www.huntress.com/
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-38492600914,FD-38492172814,P-3911692,FLS-ALL
age
1334488
x-amz-request-id
CX4J0X049D44Y5R8
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
"80407703322249fe13bbef5596e9e414"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1607408610505
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Mon, 03 Apr 2023 07:15:31 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
zgv.hEhHVdSF2XuwUP4L0JY36hLML11L
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
content-length
28504
x-amz-id-2
rzFUr9qdEhyCarwkA90M2MjiGc9nKegq86/PQV/d6NPF1Nrnzhl1JekorYKOiSxU4RLU3KNCKKk=
last-modified
Tue, 08 Dec 2020 06:23:31 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
7b1f855b5a743830-FRA
x-amz-cf-id
Djlqiovb8g2J4qbGuwDTMqBTr1-N7MxOAWuaxrApqzhVYTmvSGRRZg==
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=51048
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
gist-embed-aa244c59879c.css
github.githubassets.com/assets/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/gist-embed-aa244c59879c.css
Requested by
Host: gist.github.com
URL: https://gist.github.com/JohnHammond/b9912e2d2ba4418a8a4450a166b35cb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.108.154 Hoover, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-108-154.github.com
Software
AmazonS3 /
Resource Hash
50ca3b84fcf135b2b132e12607242e3d225536be494405c534c8fe55bea8d8dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-fastly-request-id
bcfdde700aed5727c8d9860175027355de5131ef
date
Mon, 03 Apr 2023 07:15:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1563562
x-cache
HIT, HIT
content-length
9605
x-served-by
cache-iad-kcgs7200168-IAD, cache-fra-eddf8230039-FRA
last-modified
Wed, 08 Mar 2023 00:35:02 GMT
server
AmazonS3
etag
"bd177d14495cba1413e2cca6de554168"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
22198, 644
axJlnVDIrXYCVoV-Rk4fRUCqB37uct9KJkMJGZkZLQFSlTS3qGOEJ2ffXXrlAVWNL8luqUN0CXTmxoQoLRe5VDyP2eRqRuMNwullBKrMEBRROpNT7RhvVG-75FmaWicAgwTweccTmNfyUs1pTLVvHo8
lh5.googleusercontent.com/ 		358 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/axJlnVDIrXYCVoV-Rk4fRUCqB37uct9KJkMJGZkZLQFSlTS3qGOEJ2ffXXrlAVWNL8luqUN0CXTmxoQoLRe5VDyP2eRqRuMNwullBKrMEBRROpNT7RhvVG-75FmaWicAgwTweccTmNfyUs1pTLVvHo8
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
99ad2210ad01b8f34231d83a0eb4ecf6e9071f3bf4a92e058c503613b51e7a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:18:05 GMT
x-content-type-options
nosniff
age
10647
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
366497
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 17:22:15 GMT
xxQdrObRbGFwt4pa1tluheqNI6Kz2LP6v1rDkraOJGgA-ru25LgrDKoXiOeKZY0N8lest4g4Njazviwm4JNCu4KElnae--3Xynjb60LWCgLs1fLXjWe87AH9BJXLmwiP4K9MDN8I7TCLcuWTuPFj5g8
lh3.googleusercontent.com/ 		251 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/xxQdrObRbGFwt4pa1tluheqNI6Kz2LP6v1rDkraOJGgA-ru25LgrDKoXiOeKZY0N8lest4g4Njazviwm4JNCu4KElnae--3Xynjb60LWCgLs1fLXjWe87AH9BJXLmwiP4K9MDN8I7TCLcuWTuPFj5g8
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b9921d3cabeacda11bc38697e21d714b17b7182a791506d6f84427f92dd34db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:18:06 GMT
x-content-type-options
nosniff
age
10646
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257509
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 16:29:07 GMT
image-png-Mar-30-2023-11-16-37-4594-AM.png
www.huntress.com/hubfs/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/image-png-Mar-30-2023-11-16-37-4594-AM.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf74ede1c7098af9ade75ebd001e3d7649d2de8d24f86bb9554ced24123217c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-108866674863,P-3911692,FLS-ALL
age
330197
x-amz-request-id
2C8AKFQF4EBZC2GA
x-amz-server-side-encryption
AES256
edge-cache-tag
F-108866674863,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="image-png-Mar-30-2023-11-16-37-4594-AM.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
cf-bgj
imgq:85,h2pri
etag
"8a8157294b86790d8eafe6ff875023a4"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680174997459
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 33f7e3e8ae7caf5d589fe55fdfeb705c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
fr2iNcV3aC7vWakGp6qHDXtxwdgNwpi8
x-amz-cf-pop
CDG52-P1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=182078
x-cache
RefreshHit from cloudfront
cache-tag
F-108866674863,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73286
x-amz-id-2
ZGJJu5AKeZRkbgMhkUbrQTsVKC1pa4K4BC5fyt+gvtJZ2wAuKhPEmZ2P0Sf1wPMgn5pyt0NGu9E=
last-modified
Thu, 30 Mar 2023 11:16:38 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0XhtLX5iCcYK7LDJeIf5lIleL7nitSnif3Cn8v9w2oClPDHwuQ9tasJiTnyOFjhbfvu2ZKna%2B9K4Obj7z6Kwez%2F%2FBjyb%2FBjR7MhdeYokdrrcavYmknLRwPrlpk536rsEw2%2FAokxCvQZIg8yApU%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7b1f855caa1568f5-FRA
x-amz-cf-id
MgUEKtVURnit5LTFOpgf66vTW8quONPiMhjDQYd67SdrO-8O0gnzNQ==
PfJqu4ZcxVMFPDBcD99QJIPMuJ5epGe_HVz9ivVsU7k1kQJGHqj-oSA3CQPsqYaHkA_80g8k3W8fb3O3TNjmWbj4NBWchqCIgmjWpS1ScHM0jwkR82w1I1yfqTp_-HY-v0u2d0562Fka2-UyiyNvokg
lh6.googleusercontent.com/ 		238 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/PfJqu4ZcxVMFPDBcD99QJIPMuJ5epGe_HVz9ivVsU7k1kQJGHqj-oSA3CQPsqYaHkA_80g8k3W8fb3O3TNjmWbj4NBWchqCIgmjWpS1ScHM0jwkR82w1I1yfqTp_-HY-v0u2d0562Fka2-UyiyNvokg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a589953bf9665795f9132d2daa0c0ead1463a5ec4cd915ea793a20bd3f0493f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:18:06 GMT
x-content-type-options
nosniff
age
10646
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
243800
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 16:21:00 GMT
doZeBsK0VRhzyj4ypq1pFejcXq8qWg_iNCEIcyVeQuKB5CIAJG9TWCh5rDrEZnSPkMDC42t-TAKOiYQ_JGVajmzs_cws4EP3zGOVJkTG2puUbsRfmQ1O9x5HPQ8OQ_lciHjoQZzGQAE321_-OWGiBvI
lh4.googleusercontent.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/doZeBsK0VRhzyj4ypq1pFejcXq8qWg_iNCEIcyVeQuKB5CIAJG9TWCh5rDrEZnSPkMDC42t-TAKOiYQ_JGVajmzs_cws4EP3zGOVJkTG2puUbsRfmQ1O9x5HPQ8OQ_lciHjoQZzGQAE321_-OWGiBvI
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3272fa3921149779117665accd617e0a998fbebccf293c93a0f4d2a73ed1bb27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 03:23:18 GMT
x-content-type-options
nosniff
age
13934
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52558
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 01 Apr 2023 08:24:31 GMT
TOxSwubhURHwcihcD9pbipOAyKrau2sYi10jGdi5k77OOXypIR6n2A98qhHH5yB7LZAKaDla38LOAHdTEb_C22eSCfmjdPWcqiiqY_-y6_knMbgsxsvicMqkIumPGQzAqPBywlMtcNOCpEz9qrZRz_A
lh3.googleusercontent.com/ 		514 KB
514 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/TOxSwubhURHwcihcD9pbipOAyKrau2sYi10jGdi5k77OOXypIR6n2A98qhHH5yB7LZAKaDla38LOAHdTEb_C22eSCfmjdPWcqiiqY_-y6_knMbgsxsvicMqkIumPGQzAqPBywlMtcNOCpEz9qrZRz_A
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
976795d7e22e5d969fec920899de3973b3797805295b425814a0b7eda1eac02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:18:07 GMT
x-content-type-options
nosniff
age
10645
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
525875
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:23:08 GMT
f5xc10bXPlW3nfpVoT4HA4VVpW4RPdICwOmfw7kxuLTDTt8XO7Y-yjUXf1Gjdvp5ubM5Z0FxSPotYEqgIQnTrsSXTSzC82nHYyGNg1saZAhduMAvPMDLAM4bm7kfQ6GJWs2-hWBe0PkLnX8ozMINvJs
lh4.googleusercontent.com/ 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/f5xc10bXPlW3nfpVoT4HA4VVpW4RPdICwOmfw7kxuLTDTt8XO7Y-yjUXf1Gjdvp5ubM5Z0FxSPotYEqgIQnTrsSXTSzC82nHYyGNg1saZAhduMAvPMDLAM4bm7kfQ6GJWs2-hWBe0PkLnX8ozMINvJs
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc90600273f33251c7c892e4a29e221a7cd38bce5f033285cc6ee2c1092d4150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 03:23:18 GMT
x-content-type-options
nosniff
age
13934
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
504394
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 16:18:51 GMT
4Bz7F4yHhZWUCKo8kxqR9o2PvtMGpQIdZk9wTp7wgNqEXC84eEaZaSKt12lHuuQ7S3qqFaveQpiypLNVhqiO84UYCc39Eu0Um7QGzIsEIWxSS8WYxk2vILvWWViQ16VhExlzU6bAcSu6Ko-PvvWoWUg
lh5.googleusercontent.com/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/4Bz7F4yHhZWUCKo8kxqR9o2PvtMGpQIdZk9wTp7wgNqEXC84eEaZaSKt12lHuuQ7S3qqFaveQpiypLNVhqiO84UYCc39Eu0Um7QGzIsEIWxSS8WYxk2vILvWWViQ16VhExlzU6bAcSu6Ko-PvvWoWUg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef8543e00761575eea98ff84cc1838bdef2d609b18df5f6223de4a02a9be4c7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:18:07 GMT
x-content-type-options
nosniff
age
10645
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87952
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 16:23:49 GMT
image-png-Mar-30-2023-09-42-25-8012-AM.png
www.huntress.com/hubfs/ 		304 KB
306 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/image-png-Mar-30-2023-09-42-25-8012-AM.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb1b3070a24bfdcd807b0ede4016e34dbfa2a8e8e7cb32522c8e72258af43ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-108858084212,P-3911692,FLS-ALL
age
330167
x-amz-request-id
RAV5340P8DFK8FB2
x-amz-server-side-encryption
AES256
edge-cache-tag
F-108858084212,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="image-png-Mar-30-2023-09-42-25-8012-AM.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
cf-bgj
imgq:85,h2pri
etag
"3054615117c886312659f6c11ac01c75"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680169345801
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 ad6a8626693b859ee3661bdf278729f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
o7U3g9H4eRYabEzTg.Z0RwYC_D.6LG5F
x-amz-cf-pop
CDG52-P1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=448324
x-cache
RefreshHit from cloudfront
cache-tag
F-108858084212,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
311542
x-amz-id-2
zbOVYtFz+ahOfIkTGw0hAzVlfsW5ZkckKXH6BPffCnMYb32DCWN8Kz5QUuxHjsQQ9Rle7BW/VqM=
last-modified
Thu, 30 Mar 2023 09:42:26 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGsJ4e8ZmvaCbI36yT9R%2Fs8KqYSWGhou4c1Jse97X7uN96LIN2AEnNjpeJAiYKG17cEvKebXdnXeL6AMi5l6%2BXXwfpE9nxNc1k6W67fWwzn%2BxmKbZWII075PuAXpUjQqjASvFqyxukoUEUg5TBE%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7b1f855caa1968f5-FRA
x-amz-cf-id
O1X9XgpoUCxgSuP_V794KDWTO-f3Y4DPhKyjxAbr62SwnFh1OYxIvg==
Iy6CWsIDRDhTNm8DUdOLcXQl8zWq69ywhE6Wl-kKxoXH9wAU6C-p-ub_QXKlaMvd5j7P_eoffw7yPp8Wd5BYJOqL_3vx1EoIy-2aRkRW3odcXCJlVKAZoh6oDy85q6D3hHpT790eTnCGhlwgAOR3CHA
lh3.googleusercontent.com/ 		774 KB
775 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Iy6CWsIDRDhTNm8DUdOLcXQl8zWq69ywhE6Wl-kKxoXH9wAU6C-p-ub_QXKlaMvd5j7P_eoffw7yPp8Wd5BYJOqL_3vx1EoIy-2aRkRW3odcXCJlVKAZoh6oDy85q6D3hHpT790eTnCGhlwgAOR3CHA
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6b60f7e7131c8008218d66625b9620492b5f43301067794c42d0410b2b6f9ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:19:25 GMT
x-content-type-options
nosniff
age
10567
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
792931
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 17:19:32 GMT
Gfx8awdo5MEfJPgnXuZc9KRFMayikJyAePwsmUd7fK1M7LyMNn46AQNJWZaZQ3eEN1HDINI8iM8A4JmOUthdm-qTbAGDRoIqu-1F7Q5YrAMydRzitn6fI-vMDXxioIGQNddDZ5Xrf80SFBxwKBC62JM
lh3.googleusercontent.com/ 		255 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Gfx8awdo5MEfJPgnXuZc9KRFMayikJyAePwsmUd7fK1M7LyMNn46AQNJWZaZQ3eEN1HDINI8iM8A4JmOUthdm-qTbAGDRoIqu-1F7Q5YrAMydRzitn6fI-vMDXxioIGQNddDZ5Xrf80SFBxwKBC62JM
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4989658a95faa99aaeeb2ef0310af2bdffbe47019d857f99a96a1c6c174711c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:19:32 GMT
x-content-type-options
nosniff
age
10560
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260912
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 16:22:55 GMT
image%20(1)-png.png
www.huntress.com/hubfs/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hubfs/image%20(1)-png.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed819b871f664202259f09be20fd60a1a31f9ed7ba293ded18d0ec6e44ef53ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-108858198457,P-3911692,FLS-ALL
age
330166
x-amz-request-id
RVE327D2E4H7VQMZ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-108858198457,P-3911692,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="image%20(1)-png.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 18
cf-bgj
imgq:85,h2pri
etag
"316e7cb53845fb823ad8d8ddbf47a876"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680169986577
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 18
date
Mon, 03 Apr 2023 07:15:31 GMT
strict-transport-security
max-age=31536000
via
1.1 a769201928d4a671d76c2aeb231718ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
g5lFtZ24vz34CWei7FC55PWZnq7gWLkE
x-amz-cf-pop
CDG52-P1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=84957
x-cache
RefreshHit from cloudfront
cache-tag
F-108858198457,P-3911692,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58118
x-amz-id-2
om0kEvJrQuphY8MaIZuKC5zb2/qSLA70SQ/OaBh4Rlo2HqutEZs+m8SlbpzshzIsy/GuKCksowo=
last-modified
Thu, 30 Mar 2023 09:53:07 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMXeBJQcrVlVN0Ug9O%2B%2F3h6QmjF2xCyuxrv8A5NVEDvSB9Mu3mtaZ%2Br%2Fl%2FkRRPRJVMcpbIXdEbHk%2FQtCANYL0S7zKDLsl0IW3sgmGyZAoicbGAd2QZxDmjnb28PJrrzIFUhX8Fg7SkdKKtVtJvs%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7b1f855caa1a68f5-FRA
x-amz-cf-id
9kX4LAGX-x2Ecy96QguMHV9zkS37kfwMbV8dVE5jP-clvzrVMoE14Q==
KVNPHbgErJ-KGkcU0aQWpH_v8-SnXpM71ZVl6raiaQced8_9d1Zq73uICfP0bcuskIuAtqzuRsqkcahP8fouoXigS_Nt61LjSRGyBZ7ULway42q0dqglXNxDbAzhldp9Nk_SkZND48Bstsl2cLkeoEk
lh6.googleusercontent.com/ 		240 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/KVNPHbgErJ-KGkcU0aQWpH_v8-SnXpM71ZVl6raiaQced8_9d1Zq73uICfP0bcuskIuAtqzuRsqkcahP8fouoXigS_Nt61LjSRGyBZ7ULway42q0dqglXNxDbAzhldp9Nk_SkZND48Bstsl2cLkeoEk
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5a631391c7aa5c0db951edffecdde77d52d14b9fb861be5e2ffbb35ef9adb338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:19:32 GMT
x-content-type-options
nosniff
age
10560
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245696
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 01 Apr 2023 07:20:17 GMT
iA8Q-dPDmXH5bINbu-I_lcqb9ZVZSY5nUZU6jEVAVUqCMYMsd3gWw6al7VCYfMuLSf7BqPc0vNK2UQORnWu-JkI11uhsjT6a8xMvnWCom_-_IP6nFoDPXT-0qrnU2PAQF9bVDUc6zL3okOaFx-C9vFU
lh5.googleusercontent.com/ 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/iA8Q-dPDmXH5bINbu-I_lcqb9ZVZSY5nUZU6jEVAVUqCMYMsd3gWw6al7VCYfMuLSf7BqPc0vNK2UQORnWu-JkI11uhsjT6a8xMvnWCom_-_IP6nFoDPXT-0qrnU2PAQF9bVDUc6zL3okOaFx-C9vFU
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5b676331cce4744f9038ee6b0a8dfe2b1f4a961c26b88e18030cd2df9117271d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:19:32 GMT
x-content-type-options
nosniff
age
10560
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
300201
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 31 Mar 2023 17:24:33 GMT
bUXJF_mZb-5XhzFa7rWvH3IcfmZ9iyemT_C3888KHG4V-WZZWUQgmZYAX3f0v6IufBXFZ0utfY5mnGO8ZWOk9dYDwTfn_6EgmoMPCz3gJtp7uRj8Ij6LdYnWd8iPs0X-_C644I67tz1MKuIY0OECLFg
lh5.googleusercontent.com/ 		356 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/bUXJF_mZb-5XhzFa7rWvH3IcfmZ9iyemT_C3888KHG4V-WZZWUQgmZYAX3f0v6IufBXFZ0utfY5mnGO8ZWOk9dYDwTfn_6EgmoMPCz3gJtp7uRj8Ij6LdYnWd8iPs0X-_C644I67tz1MKuIY0OECLFg
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc1e2c2052ed23bf57a8d4db3d448509887ec773c2abe87639bcbdd8ca648afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 04:19:32 GMT
x-content-type-options
nosniff
age
10560
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364130
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 01 Apr 2023 07:26:24 GMT
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=620982&d=huntress.com&u=DD329A76802441855DAE41DDCBC0D951B&h=ca8129e1aeabafdb14f3bd6e22a25410&t=false&r=0.46357632157679185
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 07:15:31 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
r
scout.salesloft.com/ 		41 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.209.133.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-133-52.compute-1.amazonaws.com
Software
/
Resource Hash
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
93b9081f0959b7e9fb764a1ce3ecb19e
tp2
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ 		53 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/sp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.227.159.34.bc.googleusercontent.com
Software
/
Resource Hash
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.huntress.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
53
tp2
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.227.159.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.huntress.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://www.huntress.com
content-length
0
content-type
application/json
date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
Blog-ThreatAnalysis_Contextualizing%20Events%20&%20Enabling%20Defense_%20What%203CX%20Means.png
www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/Blog-ThreatAnalysis_Contextualizing%20Events%20&%20Enabling%20Defense_%20What%203CX%20Means.png?width=600&name=Blog-ThreatAnalysis_Contextualizing%20Events%20&%20Enabling%20Defense_%20What%203CX%20Means.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
562a66d5fa7c47d6c33d176ad3181ebcad23a3c6367d91114c9d6fb5598cd91e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
via
1.1 f92e634cae29c615cbe8f686d8333cf6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-109062545415,FD-65276690465,P-3911692,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63142
cf-resized
internal=ok/m q=0 n=1107+0 c=24+71 v=2023.3.5 l=63142
last-modified
Fri, 31 Mar 2023 18:38:11 GMT
cf-bgj
imgq:98,h2pri
server
cloudflare
etag
"cflsr3RtCkyARYWyiOyNAAKdycjB129824Eq0-_AXqDQ:159d3c1ba7dacc84f5e4ed733f60fcb3"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAtyXzwfiHOvr0Jh4mmc%2FdU6iDecsPeTtdeZwTuXvq0Hj14WV4Bi8AiE39i6w0ETlvoxAfidhCjoHQd%2BxPZAf3NLYJbhmcuPYn2pEaQks%2FwF8QYumgXCXnJCn2cusikRha%2FukirmTPGM56ODA9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7b1f855e9c6168f5-FRA
Huntress-Rapid-Response-Blog--ProxyShell.png
www.huntress.com/hs-fs/hubfs/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hs-fs/hubfs/Huntress-Rapid-Response-Blog--ProxyShell.png?width=600&name=Huntress-Rapid-Response-Blog--ProxyShell.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55102f117a12b60b23ae0859b578b70931729d9c9b5a921e2444ef82d4a5e475
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-53267410474,P-3911692,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15457
cf-resized
internal=ok/m q=0 n=851+0 c=41+64 v=2023.3.5 l=15457
last-modified
Thu, 19 Aug 2021 20:19:32 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfYHxff24lVoAizvYvLh7X0BQejB129824Eq0-_AXqDQ:bd8d8d839cc7eaa0ea76b4f6a28e004e"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O9HcBLrHiKmvtebyBvt%2F2Q5yCtoBgeVP1CZ7Oxq92QDzBa5oFB9jRDFac51FcCTFBF5hWUh5ZeMT%2Bawk69ahKP9zzVj42rP%2B%2FUVx4xxRn5pUM8zrTktwmzaxCT%2BYL5ffnFIppdOm9QsBUor0RM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7b1f855e9c6568f5-FRA
Blog-ThreatAnalysis_Addressing%20Initial%20Access.png
www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/Blog-ThreatAnalysis_Addressing%20Initial%20Access.png?width=600&name=Blog-ThreatAnalysis_Addressing%20Initial%20Access.png
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
078598a1182316c342bbadbfc51ee03890f05ad9e1a6733b9747753792ef42ff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-106663349545,FD-65276690465,P-3911692,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47975
cf-resized
internal=ok/m q=0 n=592+0 c=29+72 v=2023.3.5 l=47975
last-modified
Wed, 15 Mar 2023 19:37:37 GMT
cf-bgj
imgq:98,h2pri
server
cloudflare
etag
"cfQkQrv6oek9thL8VVMec9bWlOjB129824Eq0-_AXqDQ:c3f68cf6e11fe6965003141fc69bc5e3"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jemyl4lUXXXmVUzXqGDNce8FL%2BzUABvuho3lVUs8FuyB7h2pN%2FuN6HWAQk5qv5E%2BXHCH6V3sYWalw2bIARMhBY5UxI%2BGSE1qS5aIJE3xTmE5pSHoVndwkiVElrJP6%2F1QmX6Pk3KHwKUSo%2FuGMDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7b1f855e9c6968f5-FRA
json
www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/json?hs_static_app=forms-embed&hs_static_app_version=1.2933&X-HubSpot-Static-App-Info=forms-embed-1.2933
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5e8c491dd51215590e902c1bf4604f2ebce5e6a9cdeeccea94246b901b3497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
bf5e5de3-5f1b-43e6-8dc9-5c8b0d90a475
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BF59C212AC1B2A14C7C18AF350AD1203445E19D33000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcLHAWArhgTjyDvKOlEgJvFP2QKYpTUoEcACdEYxvuBLMlL7YMd6DqrFD71Vi4uM39jT3cQvRR7HLfZiwnJIEllZK4E9ks6mCSOCRAEEoY84GfUUIo8oGq7v5HoYHTUu5B0DEEufZjQdaVWiWlY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
7b1f855f7d5a68f5-FRA
access-control-allow-headers
*
x-robots-tag
none
hotjar-2159185.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2159185.js?sv=6
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
6d32ae685bd6e83f03817f290c6641bfa48a35d75617729c21dfa40006fbced9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 07:15:28 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/15e780775755a8d313e935b47c92da5f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
XT-uzQIzwgznj_Yre6dWQzVYZNWQDQUZEU6kREsmOzTTb5Nl8UIbhg==
all.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9979a0734bcee6e4a74480f7a12d5c71f0fabeb5e93dc01ef5afd38ad3619ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 07:15:32 GMT
content-md5
6tpSQywWyuaNiGC+dKXAXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
kA7Be3p5qXvNwtM2jawxh9jl0yHJsAo+1eU3RjIwCbLwWc3dbjqja0SbaT/ljEoONZrdLU1KbzsJ4AZZhX28+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
bf8d07d9435a1d3e05f5938a72d7aadc
cross-origin-opener-policy
same-origin-allow-popups
etag
"4d2dad03c4b6e2336502504c0810bdf1"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 03 Apr 2023 07:32:14 GMT
3911692.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/3911692.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db247da989b444145ac8089c0e67518ec866692e3a063d55fbd677e7b93247ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
x-amz-version-id
GasN4YO2MODTYKn1ZtY1Nq3iAObcATUn
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
HHXNJD99SPC5XATK
x-amz-server-side-encryption
AES256
x-amz-id-2
N9DBmA41Ns+L7799M9KR2lXBkl0nnac2KxE4Ei033WbCNxIQKX30Vk52VdHPVVeTiXDrK64Yqa8=
last-modified
Wed, 01 Feb 2023 14:51:13 GMT
server
cloudflare
etag
W/"53dee976c8f9c15af4a730f04a4166ff"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7b1f855fecd830cc-FRA
expires
Mon, 03 Apr 2023 07:20:32 GMT
3911692.js
js.hs-analytics.net/analytics/1680506100000/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1680506100000/3911692.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe902a3609534e0a4a2578c43e6b8aaf442379d05d64eae6d9c4da5e534bccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
EMEJRYH5GDEGBZK7
x-amz-server-side-encryption
AES256
x-amz-id-2
MEp4dLIkKpmblCgclsR5xOZ3cYNL6fdJ7UeDjLr+9MhUixaZu+pTuLT/DM7u6tH2CV0/7LReLNs=
last-modified
Thu, 23 Mar 2023 16:34:11 GMT
server
cloudflare
etag
W/"1c5f917d2379f59a2707a4fe7345b925"
vary
origin, Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
7b1f855feb319b2e-FRA
expires
Mon, 03 Apr 2023 07:20:32 GMT
collectedforms.js
js.hscollectedforms.net/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
x-amz-version-id
UTgFLxzqgfPWpvgFow3DNbYx_N7FOQZ9
via
1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD55-P4
age
341
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.331/bundles/project.js&cfRay=7b1f7d0e5e2f03d0-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Mar 2023 01:24:29 UTC
server
cloudflare
etag
W/"9656224f3534bbb83c23ef97671f6be1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
7b1f855ffdae913a-FRA
x-amz-cf-id
vne15-n7hyx8kufaxKr0lQc16aGiY74S2lr-QT7uRvQikhCNJzgUww==
x-hs-target-asset
collected-forms-embed-js/static-1.331/bundles/project.js
leadflows.js
js.hsleadflows.net/ 		545 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afe3bcb469471dcaaedd0181f6a0259346575339f09a6a4d4e5100df00ec3fd

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
x-amz-version-id
OHbS.drTXhzGlBgGSuSusLCISmtjihuB
via
1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
55867
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1179/bundle/main/lead-flows-release.js&cfRay=7b1a316fda9a37f0-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Wed, 29 Mar 2023 10:58:01 UTC
server
cloudflare
etag
W/"6d4ca71bce374032ee1eec31e2ecd382"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=86400, max-age=0
cf-ray
7b1f855ffd7337ef-FRA
x-amz-cf-id
4eYopXZz3FOfpa_Zoiv_SGDhzMPKZ5JA0xnZayRUmiNiuoGO9a35-Q==
x-hs-target-asset
lead-flows-js/static-1.1179/bundle/main/lead-flows-release.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
x-amz-version-id
U0cNE4RbBA1fh8BSp1QKep.V2dqyarjX
via
1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD55-P3
age
26
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.338/bundles/pixels-release.js&cfRay=7b1f84bb1d1d9a3f-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Fri, 10 Mar 2023 06:22:14 UTC
server
cloudflare
etag
W/"afe2d57e0b6425d8d30346e51ffa1dfe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
7b1f855fff5692c6-FRA
x-amz-cf-id
Ej7Tqv1dFNQcri_sMy474ExpBcsmtMOP-pLRdJvCbzqfdxGh2DgK3w==
x-hs-target-asset
adsscriptloaderstatic/static-1.338/bundles/pixels-release.js
r
scout.salesloft.com/ 		41 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.209.133.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-133-52.compute-1.amazonaws.com
Software
/
Resource Hash
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
a9151fecd7d19c92f43f73d58ddf5947
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3911692&callback=jsonpHandler
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
1d3690ef-04fa-4984-a67d-e85aa125ca46
x-trace
2B34FE6A143AF9A3C972B7C6FA3D623DACA7437964000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
7b1f855ff8109a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints
default="https://exceptions.hubspot.com/csp/reports?cfRay=7b1f855ff8109a0b&resource=unknown"
_ate.track.config_resp
v1.addthisedge.com/live/boost/YOUR_ID/ 		27 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/YOUR_ID/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
content-encoding
gzip
cache-control
public, max-age=37, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
47
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=642a7d138c979635&bkl=0&bl=1&pdt=156&sid=642a7d138c979635&pub=YOUR_ID&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.huntress.com&fp=blog%2F3cx-voip-software-compromise-supply-chain-threats&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1680506132441&jsl=8193&uvs=642a7d133d9d988b000&skipb=1&callback=addthis.cbs.jsonp__77324611326162750
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f4ae8351f1aca7621d7482c5f0d09b24dd3eb5bf2ac93e6c44e3c69c5a3b827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 07:15:32 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B9C8 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 51CD 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 03 Apr 2023 07:15:32 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame D90A 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC0) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1592566
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Apr 2023 07:15:32 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
cta-json
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&pageId=108856934290&pid=3911692&sv=cta-embed-js-static-1.140&rdy=1&cos=1&df=t&pg=40e39240-8f28-4247-989e-af913fc5ff6d&pg=40e39240-8f28-4247-989e-af913fc5ff6d
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78e6456301fd1f38e995ba28fe0dc1ec7e0423ce6b7a41e89cd1b23e52dae6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2af8b5d6-2c08-4968-a8ce-8daf627439a4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B54343D96F5F24E1BCA08AA3B9A0A2F93AE3440AD000000000000000000
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.huntress.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6QyRrldX6DdfhIFYkKNQT79erMvJVULQqNusyax8P4C1OOBtSgAvD4%2FYJQwWmmsqX0%2FPRSrEqbYZi39E5%2FseqjXEqsh6B3OryZcO8CwLXuFbyEsFbRw8HUtuOOovTWFiH7TbCDAnmshsslcP37AaOLmnTbqeS9fesY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-max-age
180
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7b1f8560385e9a0b-FRA
i
scout.salesloft.com/ 		48 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.209.133.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-133-52.compute-1.amazonaws.com
Software
/
Resource Hash
7793dd99fee2c87c79b76061e2aedc1a3072ec1958eb4a736aafeae0fe418689
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
b3c1d720a964877c00e2a83f9ff50442
settings
syndication.twitter.com/ Frame D90A 		663 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
104
date
Mon, 03 Apr 2023 07:15:32 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 03 Apr 2023 07:15:32 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
7720ae909b1f6ce5
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cae1d54e1eefc14843e604132a88206c4abea0b7d534b29bf20ce926b4d4cc82
content-length
284
modules.76304821fe35d593f0f4.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2159185.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 07:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
343165
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68985
last-modified
Thu, 30 Mar 2023 07:56:01 GMT
etag
"fa9caf97b169b97f64425fac5776898a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8_r5WFzd9Rn9JfYKl5V80_xPS1C38hozBtg-F6Urr7gx_1q6fNe89w==
all.js
connect.facebook.net/en_GB/ 		308 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=bc675a447199c4717bb9ab6b8503ffac
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
822c011ba0c51065ff9f78f2968d7acd973eeade856356910df2d275c62d6389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Origin
https://www.huntress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 07:15:32 GMT
content-md5
dRiL0b46hOPVwJwIBGQ/dQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88440
x-fb-rlafr
0
x-fb-debug
J/6CyylA+r34U1BpEIP82Ut1/2SYhsj/ci0DnGTks/kWkohpoYuLiGkwsz3tzpzAp28GJDqZ3X6owi7mtVSoaw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c12dd723a3d5db4c4c34e2bb8a69aafa
cross-origin-opener-policy
same-origin-allow-popups
etag
"18c7b92bfcc58589614b1e749df7d787"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 02 Apr 2024 05:31:56 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
26cee8a6-7c33-435f-b527-9a602939b60b
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2B8FA42A84E26241F730AECBA30CEAF87D2641E241000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7b1f85613fdebbb5-FRA
i
scout.salesloft.com/ 		48 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.209.133.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-133-52.compute-1.amazonaws.com
Software
/
Resource Hash
e2297da7c71b99a743b07339a730ec1216786a55f9999a45c4aab9c27f1e7a95
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
f21dc691dbbe76d31e735ee0b694e94d
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=3911692&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
b5acde0f-9b04-4df1-a4e5-9a79ed53895b
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.huntress.com
cache-control
max-age=0
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7b1f85619f85913a-FRA
cta-loaded.js
www.huntress.com/hs/cta/ctas/v2/public/cs/ 		0
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3911692&pg=40e39240-8f28-4247-989e-af913fc5ff6d&lt=1680506131448&dt=1680506131540&at=1680506132725&an=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a5da0a5a-3b82-4162-8b60-2c4e66a8e2d7
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 07:15:32 GMT
server
cloudflare
x-trace
2B65E0803AE8B5968EA070012C36D640374C8FB55C000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcr7lnvElNt%2B4I6ETzhiinCBy8RRfdrc0VYq8EF%2Fqu3JmpO%2FvctqQ844i4zCGvJydYviU1u0Y38GJ2nTEECzG9Kn7lYW7qe8z%2BVXbspwXH1u4PrhxRd7m0Xjm7wmvWQRaK7bwt8Bt492GtMk96k%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
cf-ray
7b1f85619ff068f5-FRA
x-robots-tag
noindex, follow
cta-loaded.js
www.huntress.com/hs/cta/ctas/v2/public/cs/ 		0
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3911692&pg=40e39240-8f28-4247-989e-af913fc5ff6d&lt=1680506131448&dt=1680506131540&at=1680506132727&an=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 03 Apr 2023 07:15:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
ca651390-9331-4ada-a7e7-39d0f6844140
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 07:15:32 GMT
server
cloudflare
x-trace
2B105837D02B0F54F471941A4764FA1439A598C8A8000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jdy9I0TQHAR0y2j9bOu6UsJieq0eZ7vb3pHc8gogos3huUiyzzgSTD6FSfIZSBtuR%2BWa7VjV0dxEwL%2FbeyvYoQ3qXiV5PLl8v74Svh5laLYSNwamB%2FEUJTTmAyD%2FA%2FOJ9LA5i5QSP3hf%2B6FFxPM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
cf-ray
7b1f85619ff168f5-FRA
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
X-HubSpot-Correlation-Id
29989683-1557-44f0-b7f6-533a4cd1c034
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Last-Modified
Mon, 03 Apr 2023 07:15:32 GMT
Server
cloudflare
X-Trace
2B71A3E8D5273B5C11C11642B864C6695B2E20260E000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7b1f8561d8b90404-FRA
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
X-HubSpot-Correlation-Id
257f499b-5184-4989-80b0-92857aebb991
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Last-Modified
Mon, 03 Apr 2023 07:15:32 GMT
Server
cloudflare
X-Trace
2BC831BB1D130A68672D419076D9326175F54AE745000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7b1f8561dcdf9128-FRA
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
c8280bd7-defa-4073-8706-91364e0de564
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2B6040C062D73704A63FB070EE5340A18EA8F10319000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7b1f8561d81fbbfd-FRA
2159185
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2159185?s=0.25&r=0.029149588391408132
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
YBRMmfa47I0C5SU0A65BGmwKPc8AzYla3okrIwwPPlIg8Sctcyp4LA==
visit-data
in.hotjar.com/api/v2/client/sites/2159185/ 		148 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2159185/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.208.119.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-119-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a6aac8e9a67e2442b43e625709a99abeb6ab0148e94dd788cee106f2710c3906

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 03 Apr 2023 07:15:32 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
22bdd9c3-ab9c-4842-aa78-07d94b350dfc
x-trace
2BE62617FD69CB516284491492CBD1B4DE66708CFB000000000000000000
vary
origin
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
7b1f8563bbe6085c-FRA
content-length
35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tweet.b81b6d7af2d75db873cff6099e4f433a.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B82) /
Resource Hash
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2700
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (amb/6B82)
Etag
"09ec5707a836b9e4f4427dcddd1d0c64+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.170.136.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-136-168.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3c3fb4d37cd90ae15e4c0b28940ba931bed89be480aa7eae66a4163cc4d47f3f

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 03 Apr 2023 07:15:33 GMT
content-length
56
vary
Origin
content-type
application/json
view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.huntress.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
7b1f85646c3792b7-FRA
content-length
0
content-type
application/octet-stream
date
Mon, 03 Apr 2023 07:15:33 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/3911692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Apr 2023 07:15:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
274a9d97-db50-4f0c-9454-32d48b8b041f
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.huntress.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary
origin
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7b1f85655d9992b7-FRA
Tweet.html
platform.twitter.com/embed/ Frame 6E4E 		345 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B83) /
Resource Hash
c719f46982a18e719b6d54a04241d221b494b89e134e2599007dcca53e08b6d8

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
546
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Apr 2023 07:15:33 GMT
Etag
"167bdc45943bf43cdb0f408220514883"
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B83)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embed.runtime.883d9d6d34e214836af5.js
platform.twitter.com/embed/ Frame 6E4E 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
3d0c1b5000e70f8465807e2762eab438b7b09ef070ad2e0d130edad99a2093d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
4252
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
Server
ECS (amb/6B9E)
Etag
"961d572b7b8d135e0b971ec864c2b78f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.7796.1cc3f324e058b5b670fb.js
platform.twitter.com/embed/ Frame 6E4E 		538 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.7796.1cc3f324e058b5b670fb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B71) /
Resource Hash
c00bc6177508556408233fa48ab00edf3070843c5e8da19d36fcf74cddb8daaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
177793
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
Server
ECS (amb/6B71)
Etag
"e812296088ce599788d6c42c10600d3a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.Tweet.6832cf0b9282f1713aab.js
platform.twitter.com/embed/ Frame 6E4E 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.6832cf0b9282f1713aab.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBC) /
Resource Hash
624de99dfd7a994cd0cddcdae6929024cdd7fa8954dd2cbf5451935229225f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6297
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
Server
ECS (amb/6BBC)
Etag
"125e7f3f87ea0dcc17c2e6b18534b2cd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 6E4E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB5) /
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6789
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
Server
ECS (amb/6BB5)
Etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
platform.twitter.com/embed/ Frame 6E4E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
1519
Last-Modified
Wed, 15 Mar 2023 20:48:32 GMT
Server
ECS (amb/6BA4)
Etag
"9b4625539e420d3aa9e7164c41134250+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.horizon-web.i18n.en-js.366839868b444ace3ab1.js
platform.twitter.com/embed/ Frame 6E4E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.366839868b444ace3ab1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B83) /
Resource Hash
be84fd6d1e48863b7445ddd6ba71d7be42cffad8aa1e92b02617ab4b034e1e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592557
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
11413
Last-Modified
Wed, 15 Mar 2023 20:48:32 GMT
Server
ECS (amb/6B83)
Etag
"88412b75b52a72cf61d03fd69420da53+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.2212.2867b50b9f519594e1b9.js
platform.twitter.com/embed/ Frame 6E4E 		257 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.2212.2867b50b9f519594e1b9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC2) /
Resource Hash
8a0dd7217bd1f7080b9c7449b7c4ca2506984fcc535c48c93a8512733d055e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592567
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
80338
Last-Modified
Wed, 15 Mar 2023 20:48:33 GMT
Server
ECS (amb/6BC2)
Etag
"221354d09450b588c2699f4d762c7e52+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.4915e6dd60d4a83465e8.js
platform.twitter.com/embed/ Frame 6E4E 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.4915e6dd60d4a83465e8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.883d9d6d34e214836af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B75) /
Resource Hash
decece76fa04da7dc96e314e697639bc0ae90ff0073976795213119ed49935a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1641270384023719937&lang=en&origin=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&sessionId=8b507b5eee424a05d6a4e2eb51c61a83a4b02ae6&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 07:15:33 GMT
Content-Encoding
gzip
Age
1592566
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
18490
Last-Modified
Wed, 15 Mar 2023 20:48:32 GMT
Server
ECS (amb/6B75)
Etag
"7a0fe4939483c742cb15feed6bccb845+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet-result
cdn.syndication.twimg.com/ Frame 6E4E 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1641270384023719937&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.1cc3f324e058b5b670fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8D) / Express
Resource Hash
2f4bec4e5a073cac7f75ff5d3009597aada10c3782a3fb27a861cd262ad63276
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=631138519
age
5
x-powered-by
Express
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1061
x-xss-protection
0
x-response-time
132
last-modified
Mon, 03 Apr 2023 07:15:29 GMT
server
ECS (amb/6B8D)
etag
W/"15b5-rulOgyZsvpooQ/l4TTnpOWTwrpc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
9876ad32ba942a9b
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
886b12cb29d54e126b434d063c91c8c2f97c8fed76460100a7c30a799800cebf
accept-ranges
bytes
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
__ptq.gif
track.hubspot.com/ 		45 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=3911692&pi=108856934290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&cpi=108856934290&cgi=39343107504&lpi=108856934290&lvi=108856934290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&t=3CX+VoIP+Software+Compromise+%26+Supply+Chain+Threats&cts=1680506133851&vi=2aafbdfd00f4fa8857e1e45c724828b8&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3c59cceb-b7b8-4e9e-b2b8-59b9dc35b460
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df2IiyAGDdYnzneN7oD3VblHw5Eo9fDqPTZSTUKNGYDrx9CMd3hJUtcWSi%2BNDL%2Fk8oihM9%2F2eeuUoAMfzSPjITEVLkz46UtD8lY5rlSCDG%2BjCUDBQSEfjMcrKMGBrsII41LX4U2FHXAPHhHMgXX7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b649a0b-FRA
x-robots-tag
none
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-hubspot-correlation-id
17213c14-3de8-4c31-a7e3-03805cc87507
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Mon, 03 Apr 2023 07:15:34 GMT
server
cloudflare
x-trace
2B806D63D41C8B12A1FF67FE3154C19CB25A2853AB000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
7b1f85694ad0085c-FRA
__pto.gif
track.hubspot.com/ 		45 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__pto.gif?w=1680506133856&m=ReferenceError%3A+hasVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hasVars+is+not+defined%0A++++at+https%3A%2F%2Fwww.huntress.com%2Fhs%2Fcta%2Fcta%2Fcurrent.js%3A1%3A1564%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A43464)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A44210)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A43408)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A65462)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0d46eeb0-8e8a-4bc0-b926-befa46eeadf5
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvv9HRWTBsmwbGb8pRvKUFquZjNb3O185Rg0hrKwqByTjgBitHABIf1NgFVXUlJem3D045k7KygVSqMn44PTqUhFOL%2Fwi4te7YwfQaRaxRQ5CsNwcjKbU3tLekNWlWnBAjDucWAI9j2ox6gSzipj"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b669a0b-FRA
x-robots-tag
none
__pto.gif
track.hubspot.com/ 		45 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__pto.gif?w=1680506133858&m=ReferenceError%3A+hasVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hasVars+is+not+defined%0A++++at+https%3A%2F%2Fwww.huntress.com%2Fhs%2Fcta%2Fcta%2Fcurrent.js%3A1%3A1564%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A43464)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A44210)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A43408)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1680506100000%2F3911692.js%3A20%3A65462)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d2a559a9-1cc3-4f36-9bb9-612be5368ab8
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww9TsmGwd6CcrkYMaomsXItMOJTB4pjGv%2BtMI9uziRRd0oeAtEyzOrgjd3uCsONIF%2BWELphUoeY6bfn2d5kESSJGR5fT2Z%2FtvocnQp4qAjVVasd8WZQstzHlu%2FqmoxxnYYpuGCSlh%2FwtU5O088rv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b689a0b-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2240e39240-8f28-4247-989e-af913fc5ff6d%22%2C%2211f3d86c-bd5d-4c54-8656-c84ab64a3af1%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=3911692&pi=108856934290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&cpi=108856934290&cgi=39343107504&lpi=108856934290&lvi=108856934290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&t=3CX+VoIP+Software+Compromise+%26+Supply+Chain+Threats&cts=1680506133862&vi=2aafbdfd00f4fa8857e1e45c724828b8&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
6eb09ad2-76c7-4c1e-883a-77968805e91e
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTGJ3Knlrtu%2FhVpA0vBHN4OUUUxOPAVh%2BrmTNS35C2W2XflFDwGKXMRMC4ifNfLBhfWpAwSf9ERjP%2BddHXdb7C8aOx1zx%2Fi1HLhJVYgpNkMNlfYzugQxSdfabvBLG6islz45ngT6YKdoGg0XPln3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b609a0b-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=3842a8ec-cb5c-403d-9a80-617333996309&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=3911692&pi=108856934290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&cpi=108856934290&cgi=39343107504&lpi=108856934290&lvi=108856934290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&t=3CX+VoIP+Software+Compromise+%26+Supply+Chain+Threats&cts=1680506133877&vi=2aafbdfd00f4fa8857e1e45c724828b8&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0ee48d96-9c1c-4a46-a5de-74b17dcf71c4
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S09gV3OTnoWhk3E3xAZjxKGTk7XUXAjetnxQp05AIFwbX2HypASABr30e24QYFrF2%2Bzjcd5Jsy9GRBt%2Bc03THTSQo3GUiRxxbGwlfjM3bTtSQVFMPUD0NyrKh1tmmM7J1mbbbl8JJ%2FTLGH3rUaew"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b6d9a0b-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=3842a8ec-cb5c-403d-9a80-617333996309&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=3911692&pi=108856934290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&cpi=108856934290&cgi=39343107504&lpi=108856934290&lvi=108856934290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats&t=3CX+VoIP+Software+Compromise+%26+Supply+Chain+Threats&cts=1680506133893&vi=2aafbdfd00f4fa8857e1e45c724828b8&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
84b2c753-58c1-4009-ad89-985abbf19ea3
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huzIuNB75HQKi1jHuTGaW0BOxQr4baUx0Sj4IofaEFmlsWfRTbqe7B2iJWkaAnJApyZsAQdEuZTHJMUwfBmDc%2F1UhHF9S0CjL36Mwz9asU2XK0w%2FxTNqWwYuA%2FZ6gR2jwPI%2BJox2svaWMWHkX7lI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7b1f85699b6b9a0b-FRA
x-robots-tag
none
embeds
syndication.twitter.com/i/jot/ Frame 6E4E 		43 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1680506134146%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.huntress.com%2Fblog%2F3cx-voip-software-compromise-supply-chain-threats%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223708929f7a248%3A1677278365261%22%2C%22item_ids%22%3A%5B%221641270384023719937%22%5D%2C%22item_details%22%3A%7B%221641270384023719937%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
105
date
Mon, 03 Apr 2023 07:15:34 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 03 Apr 2023 07:15:34 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
09cbaaaab0dbd41d
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cae1d54e1eefc14843e604132a88206c4abea0b7d534b29bf20ce926b4d4cc82
content-length
43
_tDlpLhl_normal.jpg
pbs.twimg.com/profile_images/1475480482305523712/ Frame 6E4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1475480482305523712/_tDlpLhl_normal.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9efab8cd25d28e25a4bff004dcae4fa3867ef494f246bf7149531935295c4408
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2111
x-served-by
cache-lhr7343-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Mon, 27 Dec 2021 14:53:34 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
ed8d70b3cceb9cae
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2snxaYAInXBO
pbs.twimg.com/media/ Frame 6E4E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2snxaYAInXBO?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00c9bd80a0ed2f71081231d61fb0192dc7d7a51b68a11fc68ad1f813a0f7d06b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
6353
x-served-by
cache-lhr7374-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:21 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
62893edec10c0117
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2s98aUAEZSiF
pbs.twimg.com/media/ Frame 6E4E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2s98aUAEZSiF?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19c985067d082b29f388b539b09d4179c7b3b5ce685442eb341e24e7d99071db
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
6622
x-served-by
cache-lhr7347-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:23 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
6cfb964040ca87c8
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2tWvacAA2S3E
pbs.twimg.com/media/ Frame 6E4E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2tWvacAA2S3E?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67f80caa56474d24d04fffb57572fc426e661431f915434ce2538f52960ab015
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
6267
x-served-by
cache-lhr7329-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
0b06f08fc3a266d3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2twCaYAI7bOJ
pbs.twimg.com/media/ Frame 6E4E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2twCaYAI7bOJ?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a4bb638ac16ee65f5fa65d2d45bf5172fdb92bea5ca197100506db410afd6b5e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
4843
x-served-by
cache-lhr7350-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
148403afb2294fef
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2snxaYAInXBO
pbs.twimg.com/media/ Frame 6E4E 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2snxaYAInXBO?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b38f6e72013c0977dfc61a1cd7d788ce4b31d0bc8aa7292c9ad35eadca09f04
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
33948
x-served-by
cache-lhr7345-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:21 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
5751feaeeb2cbb55
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2s98aUAEZSiF
pbs.twimg.com/media/ Frame 6E4E 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2s98aUAEZSiF?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4eb34569a3667b9a3127927885c6c1e097739df05bb9fcd17aa4b0db45e4a57f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
33130
x-served-by
cache-lhr7360-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:23 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
549bb3631104e573
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2tWvacAA2S3E
pbs.twimg.com/media/ Frame 6E4E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2tWvacAA2S3E?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58c8a8e1a659f2e16df302af0be8e5fe60f4d4de5287e3989b722410bf3256bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
35574
x-served-by
cache-lhr7382-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
b3c60d426d223166
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fsb2twCaYAI7bOJ
pbs.twimg.com/media/ Frame 6E4E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fsb2twCaYAI7bOJ?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c251f8f5cf17821ba0e9dbe5565cefa37664c89e129876deddee5986b575edd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 03 Apr 2023 07:15:34 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
22175
x-served-by
cache-lhr7371-LHR, cache-hhn-etou8220028-HHN, cache-tw-ZZZ1
last-modified
Thu, 30 Mar 2023 02:43:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
5ec09ce696b53621
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
perf
www.huntress.com/_hcms/ 		2 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.huntress.com/_hcms/perf
Requested by
Host: www.huntress.com
URL: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 03 Apr 2023 07:15:36 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
159649ec-ab79-4e72-b8fc-0565edf87b12
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
server
cloudflare
x-trace
2B0CE19F6DDF6FB66AD7CC2045AB94A8BFB9F7C327000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZezu9Q4Xmq%2BXExdAZSxjHY1awBjOXl%2FsC%2Fi0VbdZcDjBC5ZoIGSQtqiIrKOW%2BgmEJyT5VUvvywxv11vNZWbMATp1zrq9qi8te4RUndhwsPYhXOakwbssIcZdSlSmdbVde8Og0fd05%2BgAxKdXgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
cf-ray
7b1f857b2d0468f5-FRA
x-robots-tag
none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| _hsp function| hsLoadGtm boolean| useGoogleConsentMode undefined| gtag function| $ function| jQuery function| checkCookie number| checkCookieIntervalId object| GlobalSnowplowNamespace function| snowplow number| settings_timer number| _vwo_settings_timer object| _vwo_code string| SLScoutObject function| slscout string| cookie object| __core-js_shared__ object| Sslac object| IN object| _hsq object| hbspt function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| g object| vwo_iehack_queue function| _typeof object| Snowplow object| __twttrll object| twttr object| __twttr boolean| __@@##MUH object| $window object| $document function| hsSearch undefined| searchResults object| ytp function| onYouTubeIframeAPIReady function| getYTPVideoID function| iOSversion string| nAgt function| isTouchSupported function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end function| uncamel function| setUnit function| setFilter object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_7086348 function| i18n_getmessage function| i18n_getlanguage function| genericSocialShare undefined| module_72308060713 object| hubspot object| HubSpotForms object| hsFormsOnReady object| options function| hj object| _hjSettings function| __cons function| addEvent function| removeEvent function| getClassList function| getRelList function| lozad function| jsonpHandler object| addthis_share object| addthis_config object| $postsContainer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB boolean| PIXELS_RAN object| enabledEventSettings object| __hsCollectedFormsDebug object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded object| __buffer boolean| _hspb_ran boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

18 Cookies

Domain/Path Name / Value
.www.huntress.com/ Name: __cf_bm
Value: CKmkMB6_uEqTU52Nelfd1utYQpeA9Qj5Z84EQia9IG0-1680506130-0-AYc+IU29y7uVpZ8esJ8iQlcaQBoLKLZiV9zZaYkxpWnHM6qipOc71MEskb+P6nLipmfWTB6DJzgrKH/52StlmNo=
.www.huntress.com/ Name: __cfruid
Value: e9ee7e6fb409a108a0e51da91935db2cff004f13-1680506130
.hubspot.com/ Name: __cf_bm
Value: a0tBY2f7IevwmqXxAFNdlARP_4d2wjaSxVT_opA_U2Y-1680506131-0-AUG1jheLpVw188ZD5sjwiNTQXX2m8viYEzTVkZy3e/1Bv9OltSSKE+9NQsz7cMlT1TboihLGhiOeoSiB0w6BVRk=
.huntress.com/ Name: _vwo_uuid_v2
Value: DD329A76802441855DAE41DDCBC0D951B|ca8129e1aeabafdb14f3bd6e22a25410
.huntress.com/ Name: _sp_ses.1564
Value: *
.huntress.com/ Name: _sp_id.1564
Value: a8a92f34-b405-45e7-a82b-9eb6b3ec63cd.1680506132.1.1680506132.1680506132.4a8c0ed7-2036-4bc7-aa19-23004b7095af
www.huntress.com/ Name: __atuvc
Value: 1%7C14
www.huntress.com/ Name: __atuvs
Value: 642a7d133d9d988b000
www.huntress.com/ Name: slireg
Value: https://scout.us4.salesloft.com
.addthis.com/ Name: uvc
Value: 1%7C14
www.huntress.com/ Name: slirequested
Value: true
.huntress.com/ Name: _hjSessionUser_2159185
Value: eyJpZCI6IjkyMzgwYTE1LWQ2ZTEtNWVkMi04N2I2LTJkZWQxNGRjZTYzZCIsImNyZWF0ZWQiOjE2ODA1MDYxMzI3OTQsImV4aXN0aW5nIjpmYWxzZX0=
.huntress.com/ Name: _hjFirstSeen
Value: 1
.huntress.com/ Name: _hjIncludedInSessionSample_2159185
Value: 1
.huntress.com/ Name: _hjSession_2159185
Value: eyJpZCI6IjdmYjQ0MjJkLTU3OWEtNDQ3My04M2I5LTFlMzlmM2U5YTAyOSIsImNyZWF0ZWQiOjE2ODA1MDYxMzI4MDUsImluU2FtcGxlIjp0cnVlfQ==
.huntress.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.addthis.com/ Name: loc
Value: MDAwMDBFVVJPMEIyMjQ1MjA2MTAwMDAwMDBDSA==
www.huntress.com/ Name: sliguid
Value: 3ce76b94-f7e7-409e-9634-449f8d9669c0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3911692.fs1.hubspotusercontent-na1.net
app.hubspot.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn2.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
content.hotjar.io
cta-service-cms2.hubspot.com
dev.visualwebsiteoptimizer.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
gist.github.com
github.githubassets.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
m.addthis.com
no-cache.hubspot.com
pbs.twimg.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
s7.addthis.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
static.hotjar.com
syndication.twitter.com
track.hubspot.com
v1.addthisedge.com
vc.hotjar.io
webhooks.fivetran.com
www.huntress.com
z.moatads.com
s7.addthis.com
104.244.42.8
140.82.121.3
18.66.112.110
18.66.97.37
185.199.108.154
2001:4de0:ac18::1:a:2b
23.206.208.114
23.35.237.151
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2c40::c73c:671c
2606:4700:4400::6812:2128
2606:4700:4400::ac40:9a55
2606:4700::6810:5505
2606:4700::6810:5614
2606:4700::6810:5905
2606:4700::6811:180e
2606:4700::6811:4341
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:7fab
2606:4700::6811:e9cc
2606:4700::6811:f0cc
2606:4700::6813:9b53
2620:1ec:4e:1::45
2a00:1450:4001:812::2001
2a00:1450:4001:828::2001
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:8e::159
34.159.227.151
34.96.102.137
44.209.133.52
52.208.119.175
52.222.236.74
54.170.136.168
00c9bd80a0ed2f71081231d61fb0192dc7d7a51b68a11fc68ad1f813a0f7d06b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
078598a1182316c342bbadbfc51ee03890f05ad9e1a6733b9747753792ef42ff
0afe3bcb469471dcaaedd0181f6a0259346575339f09a6a4d4e5100df00ec3fd
11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868
19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
19c985067d082b29f388b539b09d4179c7b3b5ce685442eb341e24e7d99071db
20400c209d45a7cc98bf2c9c986f435649446f806ecd79d3858e8b2ce39e2120
24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844
24bf1462917f99639fe1db5284b292d9f2dfb6ab5629d2426b5243a4db6b5b47
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
295c420318d37ced90a8a681fe353fe027fd60e83a16ff965950cac3ccb22b4b
295fe623d1742c976f775c008be5bcb815be503e1cd7811aafdc08cd12682c25
299c86a9f0a44c5d7958234cfb021c3c73746ade2289d327778c7b08754947af
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
2f4bec4e5a073cac7f75ff5d3009597aada10c3782a3fb27a861cd262ad63276
3272fa3921149779117665accd617e0a998fbebccf293c93a0f4d2a73ed1bb27
32d6056c95788f5c57ec432a65eb04b4bba5c7d0a243c0ffb010aa55e3a04902
3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3c3fb4d37cd90ae15e4c0b28940ba931bed89be480aa7eae66a4163cc4d47f3f
3d0c1b5000e70f8465807e2762eab438b7b09ef070ad2e0d130edad99a2093d5
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4989658a95faa99aaeeb2ef0310af2bdffbe47019d857f99a96a1c6c174711c7
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4eb34569a3667b9a3127927885c6c1e097739df05bb9fcd17aa4b0db45e4a57f
50ca3b84fcf135b2b132e12607242e3d225536be494405c534c8fe55bea8d8dc
55102f117a12b60b23ae0859b578b70931729d9c9b5a921e2444ef82d4a5e475
558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9
562a66d5fa7c47d6c33d176ad3181ebcad23a3c6367d91114c9d6fb5598cd91e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58c8a8e1a659f2e16df302af0be8e5fe60f4d4de5287e3989b722410bf3256bf
5a631391c7aa5c0db951edffecdde77d52d14b9fb861be5e2ffbb35ef9adb338
5b676331cce4744f9038ee6b0a8dfe2b1f4a961c26b88e18030cd2df9117271d
5c5e8c491dd51215590e902c1bf4604f2ebce5e6a9cdeeccea94246b901b3497
5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403
6145ffccacbf92ec04526c41b5e912e6555a7102a0515c64d5ae5b6002c8e4cf
624de99dfd7a994cd0cddcdae6929024cdd7fa8954dd2cbf5451935229225f26
67f80caa56474d24d04fffb57572fc426e661431f915434ce2538f52960ab015
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b60f7e7131c8008218d66625b9620492b5f43301067794c42d0410b2b6f9ecf
6d32ae685bd6e83f03817f290c6641bfa48a35d75617729c21dfa40006fbced9
7793dd99fee2c87c79b76061e2aedc1a3072ec1958eb4a736aafeae0fe418689
79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c251f8f5cf17821ba0e9dbe5565cefa37664c89e129876deddee5986b575edd
822c011ba0c51065ff9f78f2968d7acd973eeade856356910df2d275c62d6389
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8635796c350308ea6419713250a1cae02120881c6cc990f3b0562821201e7266
8a0dd7217bd1f7080b9c7449b7c4ca2506984fcc535c48c93a8512733d055e51
8b38f6e72013c0977dfc61a1cd7d788ce4b31d0bc8aa7292c9ad35eadca09f04
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8ee1caa737e585d6cf4a91ab01b27aff627c2056544d7c9e4f704f1a9176a023
8f4ae8351f1aca7621d7482c5f0d09b24dd3eb5bf2ac93e6c44e3c69c5a3b827
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
954f86735dfd8abf4d923b985e719ab1ae438a2fb15a22346b141879538f4a83
976795d7e22e5d969fec920899de3973b3797805295b425814a0b7eda1eac02a
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9979a0734bcee6e4a74480f7a12d5c71f0fabeb5e93dc01ef5afd38ad3619ae6
99ad2210ad01b8f34231d83a0eb4ecf6e9071f3bf4a92e058c503613b51e7a5a
9efab8cd25d28e25a4bff004dcae4fa3867ef494f246bf7149531935295c4408
a4bb638ac16ee65f5fa65d2d45bf5172fdb92bea5ca197100506db410afd6b5e
a589953bf9665795f9132d2daa0c0ead1463a5ec4cd915ea793a20bd3f0493f2
a6aac8e9a67e2442b43e625709a99abeb6ab0148e94dd788cee106f2710c3906
aa47f9d1bcb0a976e8e42d2a367328d9487b3acd168518d39c42b3b3e99e44d4
aad4b41123dd3a244cebc4b650de024f2650df1fba41d62ae4c9e4adcf4bc344
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ace91901091204152ec7745b794f2599e76043aeac769c02bdd18115a13b2e21
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b355e659eb1f476e9bb8b33c109b4c47718d902e483db104fcfea35cfc8a5584
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c
b860656603a5037d589fbc590dae90f79f93a93fa0c0b9511e3aa8df3e1a5ca2
b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e
b9921d3cabeacda11bc38697e21d714b17b7182a791506d6f84427f92dd34db3
bc1e2c2052ed23bf57a8d4db3d448509887ec773c2abe87639bcbdd8ca648afc
bc90600273f33251c7c892e4a29e221a7cd38bce5f033285cc6ee2c1092d4150
bcf74ede1c7098af9ade75ebd001e3d7649d2de8d24f86bb9554ced24123217c
be84fd6d1e48863b7445ddd6ba71d7be42cffad8aa1e92b02617ab4b034e1e1a
bfe056293886177b09ff745622e1ed914c80210571ba1c1f357e26f2a456cc10
c00bc6177508556408233fa48ab00edf3070843c5e8da19d36fcf74cddb8daaf
c14d9ab83afefac27b8b16689d2d1444e1d0d93ad55bbd1a55895fccfef24f74
c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6
c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c
c719f46982a18e719b6d54a04241d221b494b89e134e2599007dcca53e08b6d8
ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80
d268b833b8c67a394cd5b1e1d64934f31a0f816a4ad4e0c7c177ab943ba34af2
d4067930b3bd986758e5cf0716f632eed56d9628eba4fc6d9002a00cc94110dc
d78e6456301fd1f38e995ba28fe0dc1ec7e0423ce6b7a41e89cd1b23e52dae6e
d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e
db247da989b444145ac8089c0e67518ec866692e3a063d55fbd677e7b93247ee
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de23bd96bc43612257043619423fbd28e4a5cf0338c9d9c1fa539b6203f80194
decece76fa04da7dc96e314e697639bc0ae90ff0073976795213119ed49935a0
e2297da7c71b99a743b07339a730ec1216786a55f9999a45c4aab9c27f1e7a95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
ed819b871f664202259f09be20fd60a1a31f9ed7ba293ded18d0ec6e44ef53ee
edb1b3070a24bfdcd807b0ede4016e34dbfa2a8e8e7cb32522c8e72258af43ed
eeab6099229124c0acf1a7cbccf49c55808ca5de5ba8468e03d98bcfcdab3ed7
ef8543e00761575eea98ff84cc1838bdef2d609b18df5f6223de4a02a9be4c7c
efb7aa016e75f8a4d3efea0caaa8de2ebc81ec02baeecbfbc98d9541c726a47a
f7bdf8f9ec125444bedd4c013d5b956636ea5b8407e0b60c991a361f65beab99
fc9f94bac395a68b247d7b18c56682d5e3105df9fb210f428f379fa8b16496a8
fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffe902a3609534e0a4a2578c43e6b8aaf442379d05d64eae6d9c4da5e534bccd