www.crowdstrike.com Open in urlscan Pro
2606:4700::6810:b576 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Submission: On June 17 via api (June 17th 2024, 9:14:23 pm UTC) from BY — Scanned from DE

Summary HTTP 159 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 15 domains to perform 159 HTTP transactions. The main IP is 2606:4700::6810:b576, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crowdstrike.com. The Cisco Umbrella rank of the primary domain is 124691.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 27th 2023. Valid for: a year.

This is the only time www.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 82	2606:4700::68... 2606:4700::6810:b576	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:225... 2600:9000:225b:1000:a:de52:1580:93a1	16509 (AMAZON-02) (AMAZON-02)
2 7	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
2	18.173.154.12 18.173.154.12	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 _) (CDN77 _)
9	23.61.251.14 23.61.251.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	156.146.33.137 156.146.33.137	60068 (CDN77 _) (CDN77 _)
3	2600:1f14:5db... 2600:1f14:5db:eb00:aed1:7299:85d3:12bf	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.65.181 151.101.65.181	54113 (FASTLY) (FASTLY)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
3	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
1	156.146.33.138 156.146.33.138	60068 (CDN77 _) (CDN77 _)
159	25

82 2606:4700::6810:b576 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225b:1000:a:de52:1580:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.1.181 (San Francisco, United States) 2 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.154.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-12.muc50.r.cloudfront.net

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.61.251.14 (Miami, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-251-14.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 156.146.33.137 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 494557430.fra.cdn77.com

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f14:5db:eb00:aed1:7299:85d3:12bf (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.181 (San Francisco, United States)

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.146.33.138 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 494557430.fra.cdn77.com

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	crowdstrike.com 1 redirects www.crowdstrike.com — Cisco Umbrella Rank: 124691 go.crowdstrike.com — Cisco Umbrella Rank: 249166	18 MB
16	userway.org cdn.userway.org — Cisco Umbrella Rank: 4576 api.userway.org — Cisco Umbrella Rank: 4468 cdn77.api.userway.org — Cisco Umbrella Rank: 6680	213 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	181 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5930 c.6sc.co — Cisco Umbrella Rank: 8413 ipv6.6sc.co — Cisco Umbrella Rank: 6075 b.6sc.co — Cisco Umbrella Rank: 3843	20 KB
10	vidyard.com 2 redirects play.vidyard.com — Cisco Umbrella Rank: 8802 cdn.vidyard.com — Cisco Umbrella Rank: 23708	60 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 440	122 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 649 p.typekit.net — Cisco Umbrella Rank: 810	73 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1380	282 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	313 KB
3	addsearch.com cdn.addsearch.com — Cisco Umbrella Rank: 212962	84 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10109	710 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	62 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 522	702 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
159	15

	Domain	Requested by
82	www.crowdstrike.com	1 redirects www.crowdstrike.com
12	cdn.cookielaw.org	www.crowdstrike.com cdn.cookielaw.org
9	cdn.userway.org	assets.adobedtm.com cdn.userway.org
8	play.vidyard.com	2 redirects www.crowdstrike.com play.vidyard.com
7	b.6sc.co
7	assets.adobedtm.com	www.crowdstrike.com assets.adobedtm.com
4	cdn77.api.userway.org	cdn.userway.org
4	use.typekit.net	www.crowdstrike.com use.typekit.net
4	use.fontawesome.com	www.crowdstrike.com use.fontawesome.com
3	api.userway.org	cdn.userway.org
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	cdn.addsearch.com	www.crowdstrike.com cdn.addsearch.com
2	epsilon.6sense.com	j.6sc.co
2	www.youtube.com	assets.adobedtm.com www.youtube.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	cdn.vidyard.com	www.crowdstrike.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	go.crowdstrike.com	www.crowdstrike.com
1	p.typekit.net	use.typekit.net
159	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
go.crowdstrike.com
www.reddit.com
falcon.crowdstrike.com
falcon.us-2.crowdstrike.com
falcon.laggar.gcw.crowdstrike.com
falcon.eu-1.crowdstrike.com
supportportal.crowdstrike.com
www.instagram.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
crowdstrike.com Cloudflare Inc ECC CA-3	`2023-11-27` - `2024-11-26`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
cdn.addsearch.com Amazon RSA 2048 M03	`2024-01-14` - `2025-02-11`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
go.crowdstrike.com Cloudflare Inc ECC CA-3	`2024-02-06` - `2024-12-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
1784939676.rsc.cdn77.org R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Frame ID: 2D30C79CD98E99906363D8D77C4472D9
Requests: 155 HTTP requests in this frame

Frame: https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.15&type=inline
Frame ID: F9025197809FD270FE8EED56D22F7EE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CrowdStrike Prevents 3CXDesktopApp Intrusion Campaign

Page URL History Show full URLs

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3c... HTTP 302
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3c... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

159
Requests

98 %
HTTPS

63 %
IPv6

15
Domains

23
Subdomains

25
IPs

3
Countries

19367 kB
Transfer

24950 kB
Size

14
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crowdstrike

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent.html
Title: Start Free Trial

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
Title: r/CrowdStrike

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/actors/labyrinth-chollima/summary
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors'
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230387-labyrinth-chollima-uses-txrloader-and-vulnerable-drivers-to-target-financial-and-energy-sectors
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: U-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230489-labyrinth-chollima-suspected-of-conducting-supply-chain-attack-with-3cx-application
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: U-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence-v2/reports/csa-230494-arcfeedloader-malware-used-in-supply-chain-attack-leveraging-trojanized-3cx-installers-confirms-attribution-to-labyrinth-chollima
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://supportportal.crowdstrike.com/s/article/Trending-Threats-Vulnerabilities-Intrusion-Campaign-Targeting-3CX-Customers
Title: Trending Threats & Vulnerabilities: Intrusion Campaign Targeting 3CX Customers

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent-threat-intel.html
Title: request a free trial of CrowdStrike Falcon® Pro today

Search URL Search Domain Scan URL

URL: https://supportportal.crowdstrike.com/s/article/Prevention-Policy-Best-Practice-Guidelines
Title: prevention policies

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/discover/applications/inventory/group-by-application?filter=name%3A%273CXDesktopApp.exe%27
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://falcon.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27&_gl=1*167cbiq*_ga*MTg3OTExOTAyLjE2NzU4NzQzMDE.*_ga_ZKTET1D58V*MTY4MDIxNTcwOS4xNC4xLjE2ODAyMTYyNjIuNjAuMC4w
Title: US-1

Search URL Search Domain Scan URL

URL: https://falcon.us-2.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: US-2

Search URL Search Domain Scan URL

URL: https://falcon.eu-1.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: EU-1

Search URL Search Domain Scan URL

URL: https://falcon.laggar.gcw.crowdstrike.com/intelligence/graph?indicators=domain%3A%27akamaicontainer.com%27%2Cdomain%3A%27akamaitechcloudservices.com%27%2Cdomain%3A%27azuredeploystore.com%27%2Cdomain%3A%27azureonlinecloud.com%27%2Cdomain%3A%27azureonlinestorage.com%27%2Cdomain%3A%27dunamistrd.com%27%2Cdomain%3A%27glcloudservice.com%27%2Cdomain%3A%27journalide.org%27%2Cdomain%3A%27msedgepackageinfo.com%27%2Cdomain%3A%27msstorageazure.com%27%2Cdomain%3A%27msstorageboxes.com%27%2Cdomain%3A%27officeaddons.com%27%2Cdomain%3A%27officestoragebox.com%27%2Cdomain%3A%27pbxcloudeservices.com%27%2Cdomain%3A%27pbxphonenetwork.com%27%2Cdomain%3A%27pbxsources.com%27%2Cdomain%3A%27qwepoi123098.com%27%2Cdomain%3A%27sbmsa.wiki%27%2Cdomain%3A%27sourceslabs.com%27%2Cdomain%3A%27visualstudiofactory.com%27%2Cdomain%3A%27zacharryblogs.com%27
Title: US-GOV-1

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/threat-intelligence-briefing.html?utm_campaign=threatintelligence&utm_content=us&utm_medium=sem&utm_source=goog&utm_term=cyber%20threat%20intelligence&_bt=465670942471&_bk=cyber%20threat%20intelligence&_bm=e&_bn=g&_bg=108022039334&gclid=EAIaIQobChMIqsSdwZ-j7AIV9R6tBh23rQErEAAYASAAEgKc8fD_BwE&_ga=2.145914102.359113952.1606756854-1198667695.1606243810
Title: CrowdStrike Intelligence threat briefing

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/product-demo-platform.html
Title: Watch this demo to see the Falcon platform in action

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=CrowdStrike+Falcon+Platform+Detects+and+Prevents+Active+Intrusion+Campaign+Targeting+3CXDesktopApp+Customers&url=https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/&title=CrowdStrike+Falcon+Platform+Detects+and+Prevents+Active+Intrusion+Campaign+Targeting+3CXDesktopApp+Customers
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crowdstrike/?hl=en

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers HTTP 302
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

Request Chain 143

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

159 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Redirect Chain

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers
https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

69 KB
16 KB

232ms
232ms

Document
text/html

2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a752153b260a4c11f612ef2c09a418b23f53972f73aea7111e8a013175833890

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 89560c5b0c3bbbd1-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
content-type: text/html
date: Mon, 17 Jun 2024 21:14:16 GMT
expires: Tue, 18 Jun 2024 01:14:16 GMT
last-modified: Fri, 23 Feb 2024 05:27:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1fb7ef67aaeb45ceb86b21babb0ba848.cloudfront.net (CloudFront)
x-amz-cf-id: WUd3OMqkLhTkSfX_Gn4-23SzFlnKp9Fi0m4hxqR3woRCs-Yuu3Hy6w==
x-amz-cf-pop: AMS58-P1
x-amz-version-id: WRSr0n65Yh5zhpCOLqTsRZeA1Yvkt9lr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
x-xss-protection: 1; mode=block

Redirect headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 89560c5959b0bbd1-FRA
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
content-type: text/html; charset=utf-8
date: Mon, 17 Jun 2024 21:14:16 GMT
expires: Tue, 18 Jun 2024 01:14:16 GMT
location: /blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-id: 9K4WWsrb0eHMIGwJOEfEI2O11vSW4i_Hxw6YYUC9xv4QZ27B3o-cVg==
x-amz-cf-pop: FRA60-P7
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
x-xss-protection: 1; mode=block

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 8 KB
3 KB 172ms
78ms Script
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/OtAutoBlock.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5519e5e3a790d684daf67a4888160187a1359dd446b05fa89cbdaabc66221f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36629
content-md5: /BI5P0G2/48FKPHd2CJvWw==
content-length: 2565
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 15:51:08 GMT
server: cloudflare
etag: 0x8DC2CAB981762B3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 816d0a71-101e-007e-1e67-79a9c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c5d2835972b-FRA
expires: Tue, 18 Jun 2024 21:14:16 GMT

GET
H2 200 single-post.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/ 42 KB
6 KB 143ms
138ms Stylesheet
text/css 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1746906ad6fe82edd82ef2702815c2cc2a1b4d0545c04c4247a701b6e6e84f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: gOk3zk34P3zaty3_aJejOcKfke_V5WWz
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:54 GMT
server: cloudflare
etag: W/"f41947d836fc2971cb506c6d18652f1f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89560c5c9e3fbbd1-FRA
x-amz-cf-id: xS2gajvWUUj36_ip7YsXh1RsA1YAGOarfgQvMM-QFQ73Pccf9o-tyQ==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 crowdstrike-wp-header.css
www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/ 101 KB
15 KB 98ms
93ms Stylesheet
text/css 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/crowdstrike-wp-header.css?ver=6.4.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af6e0f48351a4c4a6f36ef764dad05c56ad7f621453a55dc02a40fa59f143c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-sky-isauth: 0
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
age: 113
x-vhost: crowdstrikewwwvhost
x-cache: HIT
x-served-by: cache-dfw-kdfw8210114-DFW
last-modified: Sat, 20 Nov 2286 17:46:39 GMT
cf-bgj: minify
server: cloudflare
x-timer: S1718658681.377852,VS0,VS0,VE3
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 89560c5c9e41bbd1-FRA
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 theme-styles.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/ 432 KB
74 KB 98ms
94ms Stylesheet
text/css 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd307eff5b34a8545d293195aef6e2c025468423ddce8b28d8662c41e2e08ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: .XmKpH8q3ulfiIl.uwsp2pLaxx7Q9rp6
age: 113
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:54 GMT
server: cloudflare
etag: W/"a7347fdbb0a829f194c12481a59238b8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89560c5c9e44bbd1-FRA
x-amz-cf-id: DvUCg8Ndri6_UZKwBm986dclTSw_GaccM9xHbUDKS2EYT9V7RbPYIg==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 tablepress-combined.min.css
www.crowdstrike.com/wp-content/ 6 KB
2 KB 142ms
138ms Stylesheet
text/css 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/tablepress-combined.min.css?ver=31

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: tsHm.4aglhivxJ6SfEs8YL4ACcBPHmEM
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Tue, 30 Aug 2022 15:32:39 GMT
server: cloudflare
etag: W/"e246c6f72f6db9cc7c8a1061c6b8717b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89560c5c9e48bbd1-FRA
x-amz-cf-id: y4NZZvHwLZVo8mK-YWFHV1tqzJ_pX0lBpfCh9tr5Q2Dl8b_l91DpCQ==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 156ms
57ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2158384
etag: W/"5222e06b77a1692fa2520a219840e6be"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMDh9NDXnhiA9I%2F4qsC2%2FHOH66u67nYZeHNlyG%2BooM5pmRiEQ4wEJfGd19fq8YcytB3eux7B2r0yYDFlyJrIjRD68Fsk5dMf5H0vkejq00V%2FeLmX%2FcE87w5%2BuTM2nLAKFc0jisa%2Fp2pHvB5L18HQx5AN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 89560c5d2e1f915f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 151ms
52ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/css/v4-shims.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2154089
etag: W/"665de85010641f678f0178a9d330a7af"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjTtZDWh3wI00vyWnU%2Bh7ezwZ8UsyKXIxrV1Gm0MdmH3oHl6JHozg2usRjyPNp8fnCP4vGHiU8YLaNlFAbR0hxN4IVph8nHM5Dbo5Mi%2FhIGAQo9edIMjR1WBGrZB80Bhw0CMaXEVOEctxwp%2FYPDoAXCp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 89560c5d2e20915f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fetch-inject.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 1 KB
929 B 91ms
88ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/fetch-inject.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 8X59zM9zSJBnAc8vXumrVwx.3fRjvx0j
age: 113
x-amz-cf-pop: FRA60-P7
cf-polished: origSize=1343
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:49 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e80eef79b8a9c769c9fe24903f880fb5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5c9e4cbbd1-FRA
x-amz-cf-id: UXL9uf8ftGWv1qSy32BIMYUC1t3DrdrTICgcc6MH_75LOmmZitgBCg==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 blog-free-trial.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 2 KB
1 KB 100ms
97ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-free-trial.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

676e244d03975612f45b1fb2b160c87d6e4ea12bad3e7b54218421880be7aa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: UZwwPNauBlHBYVyj.q9huv_.0Hsuilzp
age: 113
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"1f4199dada33df035b42304be61b67ef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5c9e4fbbd1-FRA
x-amz-cf-id: jSpiPjNgtUIEQstqMUiucULi0ESdkUNLYMChsxbVDl-iZKEQWqTxkQ==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 blog-categories.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 141ms
138ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-categories.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c1f5c606c824e1dc3da0982830940f75268925e2febcd5a768f8ae31245286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: SKfNBn7Vwbx2a1fRwHm2nSYh2KrSGuNg
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"fd7f89724b5195ed5600de3dbee61ab6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5c9e52bbd1-FRA
x-amz-cf-id: GJONUHWbglfu53dbTKc38cF5kOucLZneY34NnK0FrE6ItuSRNGlv_g==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 blog-category-sidebar.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 6 KB
2 KB 141ms
139ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc86047b2f0af05517559943656bb3268b864a8efc9cf9ad9779206b594903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: jgYQKTjSz5TbbcoYraM2VM2sxVGEdxlD
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"cdfdc4eedfc78463755ef693d0bfddbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5c9e53bbd1-FRA
x-amz-cf-id: BZ9I-dvTXeXL0dWPd7VYzCFG9qcGBKsX2KUZBiyuC8d38AgTNI8mYg==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 addsearch-ui.min.js Show response
cdn.addsearch.com/v5/ 312 KB
76 KB 182ms
49ms Script
application/javascript 2600:9000:225b:1000:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1000:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ced035236ef87e76d0e300e6c7c507d982c4a48c99a137f3a7fb61a94cb83688

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 08:26:06 GMT
content-encoding: br
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 15:45:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 46091
etag: W/"b04213a26b90b906bfdd4edace511330"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ERCKBZttv67dgTumN-GcKypSi-eStiuAVZiBXMk3f3v6ztjEzZQbfA==

GET
H2 200 Generic_Blogs_Intel_Alert_Adversary_1.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 280 KB
280 KB 141ms
139ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Generic_Blogs_Intel_Alert_Adversary_1.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720efb8fa2292817618aa7adee04349152c748927334fe7527bba18a97c0e5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: e.rw8vujTCh8VqZ_GEoVQeIwWOoJP7vm
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 286215
last-modified: Sat, 20 Apr 2024 03:04:52 GMT
server: cloudflare
etag: "0363472e7794d3f994ce6b675f7a0500"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5c9e54bbd1-FRA
x-amz-cf-id: arac5jwP6orqlQ4lNKcqXuH1DrhTNp4diKTb6uHTLpTYTNe-BeEkhA==
expires: Thu, 12 Jun 2025 21:14:16 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 70 KB
23 KB 663ms
661ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

170d7b2dda1cde0aad9938ebc0e3f7f1e08b01221eead69e14784fdb089543b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
content-length: 23041
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
last-modified: Mon, 27 May 2024 17:23:30 GMT
etag: "ce0d570084d38bcc12da3fb96d2c4cba"
vary: X-China, accept-language, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cdn.vidyard.com/thumbnails/35463232/
Redirect Chain

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

33 KB
33 KB

174ms
62ms

Image
image/jpeg

18.173.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Server: 18.173.154.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-12.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 01 Jun 2024 06:42:22 GMT
x-amz-version-id: QGXgB9JdNTswT6IKoF.GZknfwb5se2Rd
via: 1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: MUC50-P3
age: 1434715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33683
last-modified: Fri, 31 Mar 2023 12:15:17 GMT
server: AmazonS3
etag: "0e24161b84477ff1a391dd5b79e03422"
vary: Origin
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 4320KRFQKzXxr_3_ri9tCq08pqdZdD8MQaYNDDBIWm7a1X1D_STW8w==

Redirect headers

date: Mon, 17 Jun 2024 21:14:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 2214808
x-cache: HIT
content-length: 102
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658857.516728,VS0,VE1
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 image1-1.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 108 KB
108 KB 361ms
360ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/image1-1.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0535ef3e0a5d1eeb5ba52fc5be0224bf22463e413630d40ccfdaebbaf2c7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0a4b38fa4b7e435c9572519905d42268.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: hw1gpwDISx_gcuc3pSfMnqcanoi6pjuS
x-amz-cf-pop: AMS58-P1
x-cache: Miss from cloudfront
content-length: 110269
last-modified: Sat, 20 Apr 2024 03:05:05 GMT
server: cloudflare
etag: "5dedcf4d203eb1570580860e319c49f5"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5c9e58bbd1-FRA
x-amz-cf-id: ZDNg98Vb6IApxK2-_BNMc8zwdjzmjHoWl5WNUFec3h1mPg5xYlh51Q==
expires: Thu, 12 Jun 2025 21:14:16 GMT

GET
H2 200 Screenshot-2023-03-29-at-1.41.47-PM.png
www.crowdstrike.com/wp-content/uploads/2023/03/ 126 KB
126 KB 336ms
334ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/Screenshot-2023-03-29-at-1.41.47-PM.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b717457ea6bf116ffcf318685cff6613ca9ac4d9e3bbda3ac1602e65a7841e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: J_Gk8FtTA3ztrdTGkwNO4LeiLBWZdq.i
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
content-length: 128922
last-modified: Sat, 20 Apr 2024 03:04:57 GMT
server: cloudflare
etag: "6865cecfd2d341ae876b7bd3b4aa4459"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5eb951bbd1-FRA
x-amz-cf-id: s9_xdgYval7FgiUGKstWV_PqpBiq75NaMnGv7TFJ2qlqJcGygKk_sw==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 0224_02_LATAM-Malware-Update.jpg
www.crowdstrike.com/wp-content/uploads/2024/02/ 589 KB
590 KB 108ms
107ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/02/0224_02_LATAM-Malware-Update.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856540b7b80cc68706c9977f03d3fb567f2a424f8d13400acb1318713567ddd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 551a3a9c2bf1e2158a9f24897afe2b8c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: heXY07HWCKJGLPjVlOubBZP9glYpYDtJ
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 602905
last-modified: Sat, 20 Apr 2024 03:00:32 GMT
server: cloudflare
etag: "e491a85442ca3003c9c7237bd43c72c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ee9b5bbd1-FRA
x-amz-cf-id: gX2rNeZIj54gNUDbIbVGEQLU_ET8l5VzIvhylztrBCZhM-7mmbrMzg==
expires: Thu, 12 Jun 2025 21:14:16 GMT

GET
H2 200 GTR_BlogImage_1060x698-1.jpg
www.crowdstrike.com/wp-content/uploads/2024/02/ 104 KB
105 KB 108ms
106ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/02/GTR_BlogImage_1060x698-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

725372600b9f890713ebb3a41322fa90345111904e54345285c1674d4350e39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: yQolcLx55eqaSke3IBBIUSNK.PGAMuMV
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 106997
last-modified: Sat, 20 Apr 2024 03:00:48 GMT
server: cloudflare
etag: "8abf62a4083103ec76baf13bb6060d15"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ffb83bbd1-FRA
x-amz-cf-id: -MuLz6Hl0PQlwvfK7cQkv419c3yGcsLuA6B-LJ-Oswmbq3FT7PDUeA==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 1123_08_Insider-Vulnerabilities.jpg
www.crowdstrike.com/wp-content/uploads/2023/12/ 92 KB
93 KB 125ms
123ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/12/1123_08_Insider-Vulnerabilities.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6dee6c73c3fffab45a1d559044b3806b79ce98c1370945608a1121f3badea14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 abd012b9637ad93b7c9aa82d2cfb262c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: rCy.p.jWVh1ysXaA3ny40Ws9mPbOsJwS
x-amz-cf-pop: ZRH55-P1
cf-polished: degrade=85, origSize=422581
x-cache: Hit from cloudfront
content-length: 94294
last-modified: Sat, 20 Apr 2024 03:08:20 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7aa08aae96f17829f6cc7c9219e787ca"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ffb86bbd1-FRA
x-amz-cf-id: kp0yxppn7dgahSnZISSyfxRRsfF6SUn75_T5Lom0R4Pw7TeQrUzDxw==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 exit-promoter.min.css
www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/ 5 KB
1 KB 113ms
113ms Stylesheet
text/css 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/components/exit-promoter.min.css?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c0b8d5e9b7d24a63fd54cbf0002f396e8de5c44644eb72556d0c2cb78497c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: nFrpzWaNMG2L5vB1ee20.2S_hQWhfOMB
age: 113
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:51 GMT
server: cloudflare
etag: W/"1f772eef740a2abf51fd8782f91682d3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89560c5fbafcbbd1-FRA
x-amz-cf-id: Q_DAmDntSWIiyIxjSnamrtWxGJDpyyFr0S3PjZCuwfVQaTmB3nx0Kg==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 footer-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 24 KB
9 KB 138ms
135ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f21f8a677f32d29928597f8ed5712286e237b95ef9ab26f3aabd00adea4e8c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1e22254f0abea6547aaa07a03d921130.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 40_wgcMshl9F1ZYzPzPpGLyE9R8UokZW
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"709eb57ce9348d64b2b248e702010841"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5ffb7cbbd1-FRA
x-amz-cf-id: vBm1Z7qY61sdjen5FmXxhrTryzkOJttP9UhZIaDm1qsaXJt8vn7piw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 theme-scripts.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/ 203 KB
66 KB 106ms
104ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/theme-scripts.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7bd74fbf924b0b4d706b0b599bde21553542dd428253478448884cb5668a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: qtjEoSKsICSPALFlH_qkfrspcs7X0Vrs
age: 114
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:51 GMT
server: cloudflare
etag: W/"67260e8797b5a52815c01762f9fcefba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5ffb88bbd1-FRA
x-amz-cf-id: qp8R1z_W2O8qSnSYCyEluq4APVIfLMUW3YPwdHOiXmhnF_gnjvJUXw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 blog-navigation.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 7 KB
3 KB 101ms
98ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d423b0486bffe04c6dd45d0e7edcb60d20683dd009587830b23ade111b9dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 1HV6rB_DHUkAHjtlhyMwv4nIVujJ0yWW
age: 113
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"0d5907cd2552ff3b9702c9e5b64ed13e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5ffb7ebbd1-FRA
x-amz-cf-id: OFeOi5yiE4dYwYzsSWNZ0nC5sClv__g2lite6fbRNRLi1i6CuAz7AQ==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 exit-promoter.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/ 23 KB
8 KB 97ms
95ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/plugins/exit-promoter.min.js?ver=1708658992

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9354ea2d384254df4fb13863b8c2fa6e4c563b2a1d882f20b428bb17a3c5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2eb19ccd40bc3ab33c9eed96d984c41e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: oX8Z9z8b5Kdynh3G8lTX.qF85DBnPRjw
age: 114
x-amz-cf-pop: LHR61-P2
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:50 GMT
server: cloudflare
etag: W/"769a94c1ac111795cd753277f134edc8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c5ffb81bbd1-FRA
x-amz-cf-id: vExDnzwfbCLInO55bx0CSk8tiCSDrOhlWmSvuD0JDGyn_PNw7sYpzg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 launch-6cccf53edc18.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/ 439 KB
116 KB 164ms
40ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9fc0876c504ddc0c3b67bc59206bd60843875de01206315a3b26f0ce5301f567

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:27 GMT
server: AkamaiNetStorage
etag: "4f3b966bd9699ad6f03c50226b8bcdb5:1716563847.600598"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 118919
expires: Mon, 17 Jun 2024 22:14:17 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 53ms
52ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 12297
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:30 GMT
server: cloudflare
etag: 0x8DC8B517E123FAA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae3a10ff-301e-004b-7bac-bda210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c5ffc0f972b-FRA

GET
H2 200 zya3koo.css
use.typekit.net/ 3 KB
915 B 181ms
44ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zya3koo.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d1c90bd20c04adf24d97ff015095058b528a293e12533fcc37a6f4b61970785e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 17 Jun 2024 21:14:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 692

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 177ms
44ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zya3koo&ht=tk&f=39496.39498.39500&a=30979937&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 free-trial-content.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 334 B
436 B 87ms
87ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/free-trial-content.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-free-trial.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d871b6771dfa1a9115eee87e6dbb038d19387e11f27904622a56ff9bd4d2b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: dRPis__Dp6gpeB.Wcyvxk.na9Ln1AYMJ
age: 113
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"601c272358b511909bc7b5eb4103d6dc"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5feb65bbd1-FRA
x-amz-cf-id: l41u6VW9j7Km3eNdlXwBJNFIiKC8CJmtgRwqhRMTLpPWapvgD2QG3A==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 categories-all-info.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 1 KB
600 B 87ms
84ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/categories-all-info.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

232758efb13500589ac9c795477f1dc3fcb16d1c19f5fdb1749dc62de328b212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 6gPMHSvvNtk.WG82YZu2ls1lXGy5ykIi
age: 165
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"25cd42fb90ac9362e35ef7eac8c536b5"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb6cbbd1-FRA
x-amz-cf-id: U04OT6wVMr5dYxQlSdiixPs95vYlI1Glalo3HfZUNxotB1usIY7NRw==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 605 B
487 B 141ms
138ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c847dce1cd0746b8168211b5b9b41c397aff2b4d94e3eaeacb41eb572ef6b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: jWENBbQJ5pw1_NC_IfZ8xIalkJQ1Hy99
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:49 GMT
server: cloudflare
etag: W/"8f14624f18b4ca93cf91762162782712"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb6fbbd1-FRA
x-amz-cf-id: 8W_qfWhKdoU_zgn6vBwwd7Frj80PF9xo6m4ZvupWUidj5DZ0I6YKcA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 sidebar-free-trail.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 159 B
415 B 85ms
82ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-free-trail.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 80870c148d8c8f3b510fdacf10500460.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 2o70XxCinE5VF0pTo7qx4fg5rqBAQp1K
age: 165
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"df1b037e9cbf2d8045e53137b1055ebe"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb73bbd1-FRA
x-amz-cf-id: pyHAjJOOjLu7-6AK5ZTbGtXSJdd9eJdcuXiqzEJWabrEYIh7nW7o8A==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 sidebar-featured-articles.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/ 4 KB
2 KB 114ms
111ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/widgets/sidebar-featured-articles.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a1c184d50442cbf6f575454a8801ec64f9e509b76aa5210c35a98bd5207603e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: jkk.K6VKBU07uCW5iYUfnl6MXXFrAq19
age: 166
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"d438691dea751eaf3ef2387b0e1bd4f6"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb76bbd1-FRA
x-amz-cf-id: qkgunwwURW0SQmP6pDgkz4ohjrGiXqpZkvYFqNhk-MGN50ko3lc10A==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 sidebar-subscribe.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 178 B
362 B 89ms
86ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-subscribe.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9929448596fb4faec2a082aabe759212.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: .bjbkZp99jWrSnYXruIYlBo0s7HdbagP
age: 165
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"1fbd7b14b1667df99fa1837a82639ee7"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb78bbd1-FRA
x-amz-cf-id: 7mG3Sb-TcE86wzqGj36U37I7lxNArbT_19jHV5sNLR1x9VKHeRSRCg==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 sidebar-demo.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/ 345 B
497 B 92ms
89ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/sidebar/sidebar-demo.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-category-sidebar.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: K5xvmPGjwGjEzwPFnCa5q2QozrG4LnQ0
age: 137
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"4d636d45eeb8585ade6681163017cc09"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb79bbd1-FRA
x-amz-cf-id: 1I37O8FjwTuPke0PRiEYmVV0Nb9MS2oTxV2CKckQMZU_GeAOMy7aLQ==
expires: Tue, 18 Jun 2024 01:14:16 GMT

GET
H2 200 addsearch-ui.min.css
cdn.addsearch.com/v5/ 42 KB
6 KB 47ms
47ms Stylesheet
text/css 2600:9000:225b:1000:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addsearch.com/v5/addsearch-ui.min.css
Requested by: Host: cdn.addsearch.com
URL: https://cdn.addsearch.com/v5/addsearch-ui.min.js?key=7737a29b854de71521b1cd72c4118cfc&id=asw_01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1000:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ebe1e4135bb845bd442e32f716d10da89f715f890bdfe4b71354edb5c7f17f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 16:34:34 GMT
content-encoding: br
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 15:45:00 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 16783
x-amz-server-side-encryption: AES256
etag: W/"38b86b391d57228f06ed64ca140efd1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: AWD24dXXnw2jjA3-EvodZuNtkVJUoRxnr_d2FNVPBdWrqGkHqLW2lg==

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ 147 KB
147 KB 49ms
49ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2158385
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
server: cloudflare
etag: "d5e647388e2415268b700d3df2e30a0d"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BiDVXUBy8KwD8%2FdZJTspv53oQMObjFgB4emjYDl8jbvHM1fcJouLzaT6Lwldv9BbX07OIVAam4yogY%2BcoF15Tai%2FNO43RxOmbhOtQCG%2BHXe%2FzRf3DSyfRMDVM19Hr09dhAPgdV%2FWypYUBK2WUU4QWow"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89560c608a40915f-FRA

GET
H2 200 l
use.typekit.net/af/28f000/00000000000000003b9b2048/27/ 23 KB
23 KB 160ms
40ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/28f000/00000000000000003b9b2048/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
server: nginx
etag: "5d5df1b25290dc82b22a668f0395604299f16750"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23176

GET
H2 200 logo-red.svg
cdn.addsearch.com/v4/assets/ 4 KB
2 KB 46ms
46ms Image
image/svg+xml 2600:9000:225b:1000:a:de52:1580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.addsearch.com/v4/assets/logo-red.svg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1000:a:de52:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 18:14:34 GMT
content-encoding: br
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 06:28:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10784
etag: W/"8c2b9e4242eb4f2a16941b1de3656f64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 4yg87eQro7T4Y8ozUYaZUljruW8OnDFMuUFbLuSiKg_Qy3mQhbsDYA==

GET
H2 200 breaches-stop-here-post-cta.jpeg
www.crowdstrike.com/wp-content/uploads/2021/07/ 18 KB
18 KB 94ms
94ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/breaches-stop-here-post-cta.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810332241127fca1f484b8f71e13d7dc99bde7644e56216fdc777d047fb16a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: aPnhXcSd19qyXFMnDtLV9aa66s2nMfzf
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 17921
last-modified: Mon, 21 Aug 2023 21:48:07 GMT
server: cloudflare
etag: "d954c6a287707fc4afac139378aae270"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c609c46bbd1-FRA
x-amz-cf-id: aC-nveNjYmuO3XBdxO_TX0L7erEVVSSmfoECa-zbzJ4KIPOcQNGCdQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 CS_Free_Trial_blog_300x600_final.jpg
www.crowdstrike.com/wp-content/uploads/2021/07/ 103 KB
103 KB 116ms
115ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/CS_Free_Trial_blog_300x600_final.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde72d130fdb48d147968266f9be78dd02412d8ed80995862f506d9f721f4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4c691f43539bb56ddcaef755730a6e86.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: EJ_aFabM3o635qgcr2FEa3Hy9LQEbmwv
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 105065
last-modified: Tue, 23 Apr 2024 16:41:04 GMT
server: cloudflare
etag: "11edcc35473c47fabaa1e19b2f186d08-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c609c48bbd1-FRA
x-amz-cf-id: usw3ZDURKUIgANAJM7-eGChOx5-Jm5STjigKRu1qJjNht6bb2dVrQw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 red-falcon.svg
www.crowdstrike.com/wp-content/uploads/2021/07/ 4 KB
2 KB 112ms
112ms Image
image/svg+xml 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/07/red-falcon.svg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: TcFqfoqw60gqGStaXtVlISxjk.DdUyRi
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jul 2023 19:37:50 GMT
server: cloudflare
etag: W/"2c1e9eeb3990af43e758701889df354a-1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89560c609c49bbd1-FRA
x-amz-cf-id: OBg3ISDKrwvBRt4uTfxY3-XLLzgKu4fExAAs6NqynLMc24hcLjj88g==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 bee15b7c-b632-450e-9003-9c8b60b3b978.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/ 5 KB
2 KB 149ms
66ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/bee15b7c-b632-450e-9003-9c8b60b3b978.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384ad6c5085d773700ca45bd99e00f40335779afc64e4715cda26ea57aecfce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4486
content-md5: PFk9Sm6GkrwJIyuXlA1ktw==
content-length: 1760
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 15:51:07 GMT
server: cloudflare
etag: 0x8DC2CAB97E97B9A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66caa3d8-001e-0096-1857-793052000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c612fc63657-FRA
expires: Tue, 18 Jun 2024 21:14:17 GMT

GET
H2 200 23-m-156_cloud-security-icon.svg
www.crowdstrike.com/wp-content/uploads/2023/11/ 3 KB
2 KB 128ms
105ms Image
image/svg+xml 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/11/23-m-156_cloud-security-icon.svg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dcb4b8f8926bf46fb35389caec38cf06c566048372f67646d40efce85e24346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1708658992
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 90dd5141cd2d05c51d479a582cded280.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: NgaaV.iMDMt9O0hbFenuhjLV.LzdMed0
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
last-modified: Sat, 20 Apr 2024 03:08:00 GMT
server: cloudflare
etag: W/"ad1aee8fa1ac90ea74a166f24797a258"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31104000
cf-ray: 89560c60bc73bbd1-FRA
x-amz-cf-id: 7Blpk_Mk0UBBXIu9tT49ufqYd00E4fSeHQqFlKNoG3fsN1n1lsI7Qw==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 24-OTH-053-new-blog-category-options-final-300-dpi.png
www.crowdstrike.com/wp-content/uploads/2024/03/ 78 KB
78 KB 100ms
89ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/03/24-OTH-053-new-blog-category-options-final-300-dpi.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f4aab24a8400c4ae32c2dcd33086b87def54daea3d4da60e43c1a5c75ac90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/pages/single-post.min.css?ver=1708658992
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 98845fbd1cb14abbe9d464a4caf17976.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: dS3WSOANA3Xjr8pa.c0Q.SL8D0s9wO6G
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 79900
last-modified: Sat, 20 Apr 2024 03:01:17 GMT
server: cloudflare
etag: "f8eaaa036b0a0a864cac0d683905da82"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c60bc75bbd1-FRA
x-amz-cf-id: i0pITlmlafYoNZT5xpPXqRkK-bJBzWgpS-8udS32FXqwl0I5fGwhxg==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 l
use.typekit.net/af/8a200c/00000000000000003b9b204a/27/ 24 KB
24 KB 96ms
45ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8a200c/00000000000000003b9b204a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
server: nginx
etag: "98e94e3a4f18a4bde13fe394b9115dd62fc5445b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24452

GET
H2 200 l
use.typekit.net/af/d562ce/00000000000000003b9b204c/27/ 25 KB
25 KB 102ms
51ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d562ce/00000000000000003b9b204c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zya3koo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.typekit.net/zya3koo.css
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
server: nginx
etag: "79b73a8b60023503d1f34e07b81f37976902b3f9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25780

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ 107 KB
108 KB 51ms
50ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2170057
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
server: cloudflare
etag: "005c9aa92b564b73b7582cc4f1fa49cb"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0YbswYzquDOFpvonqtde%2BUrUMCOr47J%2BGzF44nYo4qrx61didzASEGNzzNiSqp65i0qIEt6Ux2p2UA14Nb5W5nZ5N4%2Bh5mOvSsenHrQk6inOUvd1etVf3EMWg26GlthcabOJuHqSQa48QOvp%2BSNA2VX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89560c60fac1915f-FRA

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/ 82 KB
47 KB 127ms
126ms Font
font/ttf 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/CrowdStrike/crowdstrike.ttf?sfjo45

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: 8WbpyMsWTKq66Fh4WFMpc3EjAq2fpbUJ
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:27 GMT
server: cloudflare
etag: W/"ad87bba53a140fc17152a36f87a03f2f"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=14400
cf-ray: 89560c60fcc2bbd1-FRA
x-amz-cf-id: MRaVB8qMvAG2E1gazpPGBxSGjp-9lVU-AyG4SN9UqV47Xf1NLSUOJw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 itcavantgardepro-xlt-webfont.woff
www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/ 26 KB
26 KB 90ms
89ms Font
font/woff 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/fonts/ITCAvantGardePro/itcavantgardepro-xlt-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/styles/theme-styles.min.css?ver=1708658992
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: TiOEJ1363SwJ07kMCE0zQZ5MjRCkbLpU
age: 113
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 26532
last-modified: Mon, 17 Jun 2024 18:34:29 GMT
server: cloudflare
etag: "97e5d80225ecf45f6488b9f660ecfd8c"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c60fcc4bbd1-FRA
x-amz-cf-id: mJvklceZovQJ_a3bHyTLhMKwR_041qfKUW5_fpIbIs67DbeXD7Lb_g==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 footer-social-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 605 B
0 0ms
0ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-social-nav.json
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c847dce1cd0746b8168211b5b9b41c397aff2b4d94e3eaeacb41eb572ef6b0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: jWENBbQJ5pw1_NC_IfZ8xIalkJQ1Hy99
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:49 GMT
server: cloudflare
etag: W/"8f14624f18b4ca93cf91762162782712"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c5ffb6fbbd1-FRA
x-amz-cf-id: 8W_qfWhKdoU_zgn6vBwwd7Frj80PF9xo6m4ZvupWUidj5DZ0I6YKcA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 forms2.min.js Show response
go.crowdstrike.com/js/forms2/js/ 199 KB
67 KB 369ms
75ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/js/forms2.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 7114
etag: "222675-31b30-619b21e0856c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 89560c62e931b61b-WAW
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 marketo-forms.min.js Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/ 29 KB
10 KB 86ms
86ms Script
application/javascript 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/marketo-forms.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d65062f0efac879a3ebb5641b4bedc855f5d7e9d600e7bf42762d86bef1600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a7f9178d47a7241f2ecd6c65877f7100.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: dphiFleVGpwUc1ptbO38THifoRO__h8u
age: 166
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:48 GMT
server: cloudflare
etag: W/"5b3b3922b22faa6490ee182db22141be"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89560c610cdabbd1-FRA
x-amz-cf-id: SwHsN2mkeNfBpyianLDbDly2ePidK7YWCxgdzmAJswT7hKnNLRv0xg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 promo.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/promo-json/ 11 KB
3 KB 82ms
81ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/promo-json/promo.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/theme-scripts.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a68c25f979ec7efa0297fa11a0f3690abafae75f9db9f09c282811954f8516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: EoLnCBxbEoFIrXfklyvkEZlTHu7wNHiz
age: 138
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Tue, 28 May 2024 21:43:04 GMT
server: cloudflare
etag: W/"e27556bcb8a48e942d47cfeded895296"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c615d44bbd1-FRA
x-amz-cf-id: smwzXkLfCWk1YJIxixs2PDnxQp7pt_1Lr4Jc1jZx3HB-epBvoVwfgA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 blog-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/ 65 KB
6 KB 88ms
88ms XHR
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/data/blog/blog-nav.json?ts=1718658840000

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/blog-navigation.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4de69c4da632c524a487089027651a870ebb73818c4138725db58e87979119f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-version-id: 7QjHapVVChkCDt6KdyYN2NL5DZnoiU1R
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:25 GMT
server: cloudflare
etag: W/"9ac53826796cc13a66f6d43c01e3489e"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c616d62bbd1-FRA
x-amz-cf-id: tTUnJ9Ywky2q2HuTuoI4bPehAwiN915AUWrTMBKsMgQq7dmRQt04uQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 footer-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 3 KB
860 B 79ms
79ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06adbc033a1a4d6c04306c51945d1661225aa304b703660fd4347e73109802b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: b687Q0nlqXyY6Rvcak04_8crzAcQE3Pt
age: 166
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:49 GMT
server: cloudflare
etag: W/"3e9ac59d8452503ef988c27c6ee4c63b"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c617d70bbd1-FRA
x-amz-cf-id: Afzk6Jj2BQ0nSOcZ3QRtoXu6gtumWekLBws_90q3j8vJLzcIv-QXVA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 159ms
61ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89560c623c4471b8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 RedLogoCS.svg
www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/ 6 KB
2 KB 124ms
109ms Image
image/svg+xml 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/images/logos/crowdstrike/RedLogoCS.svg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-version-id: 6RPw82LM2qmqY8xp1PX6ujpR5fReLh7E
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:41 GMT
server: cloudflare
etag: W/"81ee08b1302889572e1a229ba2a2029b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89560c622e5cbbd1-FRA
x-amz-cf-id: 2E10jhxX-hdvg8b29Lz3x_0ijBZkHn5k_s0JSCoE-sc26HE6iKi02Q==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 xdr-wave-blog-image-1068x698-headline-3.png
www.crowdstrike.com/wp-content/uploads/2024/06/ 68 KB
69 KB 129ms
114ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/06/xdr-wave-blog-image-1068x698-headline-3.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932260c413362a1f76334f6bcbab0a6871ec16075439a19381403cf8604cf7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c0ce977a13f3d9bbc6eed6540faf728.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 1vepcMUFlFYVIB0b63ZCOrAN9sqcsPzH
x-amz-cf-pop: ZRH55-P1
cf-polished: origSize=75559
x-cache: Hit from cloudfront
content-length: 69898
last-modified: Tue, 11 Jun 2024 21:22:15 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d728083ae5be165ce7bd6444a4b8a0a3-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c622e60bbd1-FRA
x-amz-cf-id: efbhsRWg6wIw-uOkUg_RxZx6OHPG-RqGouw6lz3w2rHbGVi0zX1Zkg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0222_03_Falcon_Platform_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/02/ 95 KB
95 KB 133ms
119ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/02/0222_03_Falcon_Platform_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b51ef8f41389200c7afe4b12a7c70fca5b189f7aeee62af8e64ca68b0e77556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: Kngh9eyod3Kh_dyBKiXfar_Yqw0x8yvc
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 96931
last-modified: Mon, 10 Jun 2024 16:04:58 GMT
server: cloudflare
etag: "a8826c5d8fe6f92d156adfc33de6387d-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c622e61bbd1-FRA
x-amz-cf-id: er9fVpjcLWABU66Lgn35BwUsJnpctDo2jUyb2FnSIpUxkVyWFin87g==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/03/ 290 KB
291 KB 142ms
128ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/03/0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2fa9f5a02e6f3aff464232bdd7b2203a4b5614d861925b316d61e2b861e67a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: l5sataM_voLNjx.K0IOaRiwQ_r7PY6ET
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 297157
last-modified: Fri, 14 Jun 2024 16:11:02 GMT
server: cloudflare
etag: "5b883786664d9e0c17f1d61bef867c0f-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c622e64bbd1-FRA
x-amz-cf-id: 2lNpAX-JDDDMqrY7y-sNS1hGm5dKDGPpGILfRI5sM5w4EC38_4bqqA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0522_11_Falcon_ID-Threat-Protection_Fed-State-Local_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/04/ 371 KB
371 KB 128ms
114ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/04/0522_11_Falcon_ID-Threat-Protection_Fed-State-Local_Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

969dc9810ae7ff4dda03af2446d050cbfcb0517bf7e75ec5f809bc1b8f0734ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4678033b564719cfa85dd7af417223aa.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: r4Tfvkmam.2c80p23cpDqTJCWB1yfz.V
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 379504
last-modified: Tue, 11 Jun 2024 18:29:39 GMT
server: cloudflare
etag: "61166ac3d8d397c8d9c09d5f82aa6458-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c622e68bbd1-FRA
x-amz-cf-id: uDcduFWWAW1leLxyz2W4_SKESETKI7igLNNyV1d4U93xTMNh40KOIA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/02/ 204 KB
204 KB 107ms
93ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 5eyaTrvm2elN8SepBQT2V4N8Go.czlF2
age: 138
x-amz-cf-pop: AMS58-P1
cf-polished: degrade=85, origSize=669828
x-cache: Hit from cloudfront
content-length: 208419
last-modified: Mon, 17 Jun 2024 18:28:45 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9d717ae48ec87b8cd6569613c6e3b3a0-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e6cbbd1-FRA
x-amz-cf-id: XH4WBGfJNgh5kw2a4ik1RaHvPPUaT7akXPGDZQbUikxQNbKCRUWpcw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 1022_08_Small-Business-Rethink-Cybersecurity_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/10/ 324 KB
325 KB 154ms
139ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/10/1022_08_Small-Business-Rethink-Cybersecurity_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f11d6ba5320479397de917dca409cb3994fc78534cececad0ddba8ed2fdd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 8AIGuucNDMCj_.5.dO7nSxpEqdVQWprr
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 331891
last-modified: Fri, 14 Jun 2024 16:11:00 GMT
server: cloudflare
etag: "d17c421c16810355d3876a30b70c7d26-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e6ebbd1-FRA
x-amz-cf-id: P2Jesiaobmwq3aQWGv7wnCVoCLonvViK6kPDxBBRych_dHC3a2Q5Og==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0921_06_Telecomm_LightBasin.jpg
www.crowdstrike.com/wp-content/uploads/2023/10/ 839 KB
841 KB 130ms
114ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/10/0921_06_Telecomm_LightBasin.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc50522b78336540aa02fc54fdf855c8726e0eaecb627d116d28b40b34abaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: gble_EtT3rraM7KIkHvhap0.qOgYwH.O
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 859531
last-modified: Fri, 14 Jun 2024 16:10:48 GMT
server: cloudflare
etag: "7bd477619cff287d93defc3be66f09de-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e6fbbd1-FRA
x-amz-cf-id: WfnMkYYepLWuP4KLDvpDyhrLjRWIFaYhdJdgS2VkufwvoH1cVoTgRQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 patch-tuesday-blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/03/ 484 KB
485 KB 122ms
107ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/03/patch-tuesday-blog-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c465f39d05ccb409fee2b4c336caffc7eff511bda7b3fbd006cf25f2c31b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: jx9LyZw_ptt0ZJUKvGsFL9K67Ws08Chq
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 495754
last-modified: Fri, 14 Jun 2024 16:11:01 GMT
server: cloudflare
etag: "df577bf5632bbf7292f6d8566acc8c38-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e75bbd1-FRA
x-amz-cf-id: eJ9v5L0xHlxxgfEVrLaooe6wb6Z1-bZHMNadUMNMT0mdYKV71uDtuw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 IR-Video-Blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2019/12/ 14 KB
14 KB 151ms
136ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/12/IR-Video-Blog-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: nbdAY4DJBodYlrtDuuY4xz8e9cBFgrB0
x-amz-cf-pop: ZRH55-P1
cf-polished: degrade=85, origSize=60108
x-cache: Hit from cloudfront
content-length: 14351
last-modified: Thu, 11 Apr 2024 05:03:07 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "96e7d13e7744d7a668c204a2d141f878-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e77bbd1-FRA
x-amz-cf-id: pqEnGhUcZJn5ecuxxuEZFqIbJokSRAKmUYcO2zsVut-_Esrt-R5Bqw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 video-ATTCK2-1.png
www.crowdstrike.com/wp-content/uploads/2019/01/ 277 KB
278 KB 114ms
99ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2019/01/video-ATTCK2-1.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30b5b871c01839552b14a1cc7dfb35614b537418ce89fea5cc89eae614af7ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: X9FDjy5wtgPs.AJzugOsazBj_PpP2gbE
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 283973
last-modified: Thu, 11 Apr 2024 05:03:08 GMT
server: cloudflare
etag: "6e08b90e0bdd132d24324963245f811d-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e7abbd1-FRA
x-amz-cf-id: GfpjcsgYPFhtiQGKLBc9GeTviLNLXUJRNv_T8PrQlZ54L98bFGCRyw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Edward-Gonam-Qatar-Blog2-1.jpg
www.crowdstrike.com/wp-content/uploads/2018/08/ 91 KB
91 KB 135ms
120ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2018/08/Edward-Gonam-Qatar-Blog2-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f37e1646c902eeb517fdd7079b495af24d247d7a82675b34b360eb829e89f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: rtYne1zzQZOf08mRT67e53BUVebBO1g6
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 93166
last-modified: Thu, 11 Apr 2024 05:03:09 GMT
server: cloudflare
etag: "09a35cad8fef9a1381967287e350fbdb-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e7cbbd1-FRA
x-amz-cf-id: 6ULJcSp5j-RSsIuSU_vOarNzcr2dU-bB4v6Dhwc9ECpcRNll4A4xYA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2021/10/ 537 KB
538 KB 211ms
197ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/10/Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6953f3cc7d3845188c7a6083b0bd2979134f84cdad0706b958fd074562d82595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 7.WyPwb_dU7cAfiThNsoQgmQ5n_a_98I
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 550300
last-modified: Mon, 10 Jun 2024 16:04:47 GMT
server: cloudflare
etag: "e11285e1f02c9d94549a24720cc1c7e1-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e7fbbd1-FRA
x-amz-cf-id: eKiehS2F1QREmTzpRzT_-JTUdVMf-SPfMr46LDZCdzA7gwn0Odd4Jw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Kernel-attack-Blog_1060x698-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/01/ 677 KB
678 KB 118ms
104ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/01/Kernel-attack-Blog_1060x698-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5570e2804405ac119ae21551a257b2e0157d99c593765a63219ad17b4c4c0abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 5WFqFSE9Sz3EmHGXmXwk7pCd5z5Gib6M
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 693753
last-modified: Mon, 10 Jun 2024 16:04:59 GMT
server: cloudflare
etag: "65a30c08860dd19025fa20194447162d-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e81bbd1-FRA
x-amz-cf-id: 28ILng1HD9eNtiQAmSpgNklOgY2ATznVsDVSd1f1_EzIUqD6fyscdw==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0524_05_Dominoes.png
www.crowdstrike.com/wp-content/uploads/2024/05/ 391 KB
391 KB 125ms
112ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/05/0524_05_Dominoes.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1456654ae4fa2d7e2daa1e1bcb72e42de117dc4f349c0a822af92ad9fdbce27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 0T9wz5H5g3L0DcOxKHGhj4ua103t04ct
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 400116
last-modified: Mon, 10 Jun 2024 16:05:00 GMT
server: cloudflare
etag: "4d61c349b3a4e48c8736674096c3565c-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e83bbd1-FRA
x-amz-cf-id: avWbGeLIk1DzshGrzcgKn_Nahqajw-eHDF9Za0KcIdqmpnNbnlFGRg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0424_01_Protecting-High-Profile-Employee-Info_Dark-Web.jpg
www.crowdstrike.com/wp-content/uploads/2024/04/ 373 KB
374 KB 117ms
103ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/04/0424_01_Protecting-High-Profile-Employee-Info_Dark-Web.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c2ccd30648fc09f85414277bd29e17593e43494a15d659d9cbf53954e0fc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: CoYGqH_Tf3EvGF7CAZS245WKzQjQzq6T
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 381919
last-modified: Sat, 20 Apr 2024 03:03:22 GMT
server: cloudflare
etag: "4fb71bab826f1bccfdd15bd72fe68f3c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c623e84bbd1-FRA
x-amz-cf-id: c6hprDQRqQMoFsTavWnaS9SCxGHm6QbezyKZNCAnTl6yOXjf53KGag==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 0224_02_LATAM-Malware-Update.jpg
www.crowdstrike.com/wp-content/uploads/2024/02/ 589 KB
0 12ms
12ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2024/02/0224_02_LATAM-Malware-Update.jpg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856540b7b80cc68706c9977f03d3fb567f2a424f8d13400acb1318713567ddd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:16 GMT
via: 1.1 551a3a9c2bf1e2158a9f24897afe2b8c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: heXY07HWCKJGLPjVlOubBZP9glYpYDtJ
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 602905
last-modified: Sat, 20 Apr 2024 03:00:32 GMT
server: cloudflare
etag: "e491a85442ca3003c9c7237bd43c72c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ee9b5bbd1-FRA
x-amz-cf-id: gX2rNeZIj54gNUDbIbVGEQLU_ET8l5VzIvhylztrBCZhM-7mmbrMzg==
expires: Thu, 12 Jun 2025 21:14:16 GMT

GET
H2 200 GTR_BlogImage_1060x698-1.jpg
www.crowdstrike.com/wp-content/uploads/2024/02/ 104 KB
0 12ms
12ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2024/02/GTR_BlogImage_1060x698-1.jpg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725372600b9f890713ebb3a41322fa90345111904e54345285c1674d4350e39d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: yQolcLx55eqaSke3IBBIUSNK.PGAMuMV
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 106997
last-modified: Sat, 20 Apr 2024 03:00:48 GMT
server: cloudflare
etag: "8abf62a4083103ec76baf13bb6060d15"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ffb83bbd1-FRA
x-amz-cf-id: -MuLz6Hl0PQlwvfK7cQkv419c3yGcsLuA6B-LJ-Oswmbq3FT7PDUeA==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 1123_08_Insider-Vulnerabilities.jpg
www.crowdstrike.com/wp-content/uploads/2023/12/ 92 KB
0 12ms
12ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2023/12/1123_08_Insider-Vulnerabilities.jpg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6dee6c73c3fffab45a1d559044b3806b79ce98c1370945608a1121f3badea14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
via: 1.1 abd012b9637ad93b7c9aa82d2cfb262c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: rCy.p.jWVh1ysXaA3ny40Ws9mPbOsJwS
x-amz-cf-pop: ZRH55-P1
cf-polished: degrade=85, origSize=422581
x-cache: Hit from cloudfront
content-length: 94294
last-modified: Sat, 20 Apr 2024 03:08:20 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7aa08aae96f17829f6cc7c9219e787ca"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 89560c5ffb86bbd1-FRA
x-amz-cf-id: kp0yxppn7dgahSnZISSyfxRRsfF6SUn75_T5Lom0R4Pw7TeQrUzDxw==
expires: Thu, 12 Jun 2025 21:14:17 GMT

GET
H2 200 Falcon-Script-Control-Blog-1.jpg
www.crowdstrike.com/wp-content/uploads/2021/04/ 946 KB
947 KB 130ms
117ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/04/Falcon-Script-Control-Blog-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c340f71394a49ae1128b951ba1294016f904244d53b10e03ce3563e80a415e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: o8QCKuhgBuBdLKHBlgERLKUK5wyKIFNH
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 968319
last-modified: Thu, 06 Jun 2024 20:46:03 GMT
server: cloudflare
etag: "8942427803429931b1bb25fb6609a2ec-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e86bbd1-FRA
x-amz-cf-id: MIYtj2z0C2nVXcvrSQBP_UUn-CHJDAVsPHVCy-1wsGvWo0QgCfWQQA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2022/11/ 792 KB
793 KB 118ms
106ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/11/XXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcefb4393c7136a6a3485631af8eebc3aef8e902d520c7b60a4757b9ccbabf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: AIc2nuhdHdFVU97jyjt9nDN35BqxzIn7
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 810899
last-modified: Thu, 06 Jun 2024 20:46:21 GMT
server: cloudflare
etag: "566134bd7bd51455c57a56f0e2931258-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e88bbd1-FRA
x-amz-cf-id: -jdfgjdj7gQYLG_tJXmDEIBxJ6DgB07ol5os7QF1QifjvPi2WpWYVg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2023/02/ 603 KB
604 KB 144ms
132ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994ac1af3cb99d4eea7d683e7eccdd56c05ec63dcbce830130590e7beacb1e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: k3JG4x0tAE3b5V0w8jI0nABTBz.pR6La
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 617363
last-modified: Thu, 06 Jun 2024 20:46:22 GMT
server: cloudflare
etag: "d25e598fe985128b0022a38d18ffc021-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e89bbd1-FRA
x-amz-cf-id: SsjKoYCQiVIz9FRnqfQQzRfEeS1rb8CK6mT-cWxgVddyBgSti9uy4Q==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0823_01_MSFT-Windows-Restart-Manager.jpg
www.crowdstrike.com/wp-content/uploads/2023/08/ 325 KB
326 KB 160ms
150ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/08/0823_01_MSFT-Windows-Restart-Manager.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a742520f207eaf53843360c5b72e8df2bfd55a2153361c8235281f38f0d666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: pTAQMUogw_jJQyxACFOsl_9EPqZ2rVaK
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 332841
last-modified: Thu, 06 Jun 2024 20:46:23 GMT
server: cloudflare
etag: "4208951930ac32a38c488d81b98bc45b-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c623e8abbd1-FRA
x-amz-cf-id: LmjZuaz7E7JYXp2yrRYD9AO-2BdWRi6tDigeY1QtwJqvxwuq2fYeeA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 24-CrowdTour-Blog-Main-Image-scaled.jpg
www.crowdstrike.com/wp-content/uploads/2024/05/ 291 KB
292 KB 160ms
150ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/05/24-CrowdTour-Blog-Main-Image-scaled.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465e01822cf44a4473e0ce07f5d669d730a20d2549a9e5a73d00fa76b7ad40e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 4ucJAlMjAHl7NzAoUF_JdL_cHXG318vy
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 297933
last-modified: Mon, 20 May 2024 15:32:08 GMT
server: cloudflare
etag: "3b3b3774ec637d15682034a1ff465bfd-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ecbbbd1-FRA
x-amz-cf-id: rFINHp9tQf0T8IT1__WHcAqDzitehcm3aezVRZsb5KMw2CCgWcfFeg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698.jpg
www.crowdstrike.com/wp-content/uploads/2023/02/ 759 KB
760 KB 146ms
136ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/02/1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5bb911d804e4d1f86f3ba3c7c91679115a598c6131b48d535e62d5fb4546b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: oaDzYnYFcIsE887jI3WzW0HePnYxcXP6
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 777012
last-modified: Mon, 20 May 2024 15:32:15 GMT
server: cloudflare
etag: "cce4b4e5706071a714de5d5b4b942f14-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ecdbbd1-FRA
x-amz-cf-id: fMDqextNUO95p3iBgnZQcYMM5N_Zpye47TTyX0YMq5JXLtjugFi8Ig==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0524_01_RSA-Cloud-GK-MS.png
www.crowdstrike.com/wp-content/uploads/2024/05/ 14 KB
14 KB 160ms
151ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/05/0524_01_RSA-Cloud-GK-MS.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666b6ca60b6430028bc4b1aa778f0b3afc40a6c4a162660fa6777f5043728a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: WK.3wcyAIXVBOSpyKuRblxTwv2f2BGe1
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 13922
last-modified: Mon, 20 May 2024 15:32:16 GMT
server: cloudflare
etag: "d07ae82b6894897e251a63805e00b2af-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ecebbd1-FRA
x-amz-cf-id: 8z5mASduDVzW52oRFHARsuZuWLA-0bolZhINHvVBpte-bGVrH7czlg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0324_01_Flow-Security_Acquisition.jpg
www.crowdstrike.com/wp-content/uploads/2024/03/ 19 KB
19 KB 178ms
169ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/03/0324_01_Flow-Security_Acquisition.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130a995d67fcc6db4eb38729f7b2d751e4d01b3a0ec2baf598053936fb712e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cb0d3a2bdc5300e2d139e111e94efe5a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: W2OfoXZGSLilPifLFXw4Rr7oFbWqy7ub
x-amz-cf-pop: ZRH55-P1
cf-polished: degrade=85, origSize=63210
x-cache: Hit from cloudfront
content-length: 19380
last-modified: Mon, 20 May 2024 15:32:17 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c2d35f578c18ef562d0784f8c190b5a9-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ed3bbd1-FRA
x-amz-cf-id: LnNy2Sc082sxwxsO1nwGO-geAwJ4x7n4aHzsr3MJi0p0EqygcTBl_w==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Blog_0520_08-1.jpeg
www.crowdstrike.com/wp-content/uploads/2021/06/ 150 KB
151 KB 145ms
137ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/06/Blog_0520_08-1.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2500308cf1ee7b69cd097b34fc38dbf44fc531f2d24d56bc448a94fef905a0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0f391c2597a5d33716c9422eacf66306.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: F.NcdsUH4XbjcJwTNkRRUYDg8LwbT4zU
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 153874
last-modified: Tue, 11 Jun 2024 21:22:20 GMT
server: cloudflare
etag: "e841e4395058829456592d41d68a2622-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ed4bbd1-FRA
x-amz-cf-id: 9VIbsf5XysGCoJDveW3ESsjOxcsd0bz01dIJfQypFMjZNycOcARPKQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 SPIDER-adversary-blog-main-image.jpg
www.crowdstrike.com/wp-content/uploads/2024/03/ 1 MB
1 MB 177ms
169ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/03/SPIDER-adversary-blog-main-image.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc464eb98bf5a4bf45bbca487ae2c1fdd199900266cc5796f7c9403b7a5c774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: TdlJ0zt2G1.j6pidueNa39vRD0H4NBD6
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 1108311
last-modified: Fri, 14 Jun 2024 16:10:59 GMT
server: cloudflare
etag: "87bc03c762a64cbae95fd154a1b82915-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ed6bbd1-FRA
x-amz-cf-id: 1pOjTPRziUBb4ooW5cjQmHSHBqaXdy3QkmSkk7X1mUk8AdlF3jq0KQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0122_03_IR_Tracker_for_DFIR_Community.jpg
www.crowdstrike.com/wp-content/uploads/2023/10/ 842 KB
843 KB 202ms
194ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/10/0122_03_IR_Tracker_for_DFIR_Community.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b3229cb8fe777ae631f22a6ff09b54455847487152035ce7fe6797bc5f15a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c325bcaec82bfa9f1a033070b385ab14.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: k0lBkOTqnXff1vU2wHeEA..sqVWYZy4u
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 861794
last-modified: Tue, 11 Jun 2024 21:22:22 GMT
server: cloudflare
etag: "41c46e95502aedc2aac95128cacc4ebd-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ed7bbd1-FRA
x-amz-cf-id: UCQYzafbWEjkqx_KvOD0yBecR4P_RkDlGNhlZfuxRLd1I1Mx6gA5BQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Blog_1060x698-1.jpeg
www.crowdstrike.com/wp-content/uploads/2022/12/ 514 KB
515 KB 142ms
134ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/12/Blog_1060x698-1.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a5cfc7e447908f18e0fba4593b53c63f31e27c82a84dbcb7394406540094ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: JWcu4AcB2rWoXC7oQ0KA1M0f6IplJyfZ
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 526197
last-modified: Tue, 28 May 2024 18:17:45 GMT
server: cloudflare
etag: "bf58c20509cca7236ba9e8ceeced1287-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ed8bbd1-FRA
x-amz-cf-id: 5ui_zpIEHDi0XKVn2jsh1mKMk0_K-OQZjrGXcmYbjLMYq7c-oU3i8w==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg
www.crowdstrike.com/wp-content/uploads/2024/04/ 74 KB
75 KB 146ms
138ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/04/0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 cce339e34372cea758a4181fcf4e7c14.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 0LOCDjquVEU.xTFWahlx05kp75FT7d82
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 76202
last-modified: Tue, 28 May 2024 18:17:55 GMT
server: cloudflare
etag: "8cbb31e9cfb45bfe1a87d4f5f2d17247-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626edabbd1-FRA
x-amz-cf-id: nj8NM1gfXmJ7BmTwQzLS4P-mRImqrSdQv4npBxAW2M9fux7p4SMu-w==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 1023_03_Compromising-Identity-Provider-Federation.jpg
www.crowdstrike.com/wp-content/uploads/2023/11/ 57 KB
58 KB 199ms
192ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2023/11/1023_03_Compromising-Identity-Provider-Federation.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5ec87cda7124201fb8da2fb6d26b66b4a57c4deab8dfbb7ad56a06471fb673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: MDe09Tq7DFvupoFVj2sl.MFkTyKqcUXg
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 58737
last-modified: Tue, 28 May 2024 18:17:56 GMT
server: cloudflare
etag: "f0fb34839cfea571c64cea7dc6d83c97-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626edbbbd1-FRA
x-amz-cf-id: f5THOiIniVshubhOL2wYz8doE-9TksZRbCSKbS2_fpppStkS9viKDA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0124_02_FalconFund-Partners-with-Aembit.jpg
www.crowdstrike.com/wp-content/uploads/2024/01/ 306 KB
306 KB 204ms
197ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/01/0124_02_FalconFund-Partners-with-Aembit.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127f3af41355cac536fbe3b6d68dc9a897f26a2e3b048b6caf58195bedb17d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 892b66fb24658030c9f86276c7abeda4.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: ljnhWz7w5KWoXt_FhQOP2gMuWxx0q14G
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 312984
last-modified: Tue, 28 May 2024 18:17:56 GMT
server: cloudflare
etag: "bd69a0dca2f45f29886e3de77637556f-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626edcbbd1-FRA
x-amz-cf-id: EPU0LK42J7kyE1QhETaZXio31gCKiytSHA6xX3WRba4fm6HOxp89eg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0524_03_SOC-Survival-Guide-Personas.png
www.crowdstrike.com/wp-content/uploads/2024/05/ 1 MB
1 MB 131ms
125ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/05/0524_03_SOC-Survival-Guide-Personas.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0842e5aeb51c48cfe9f27f26b1855cea516abecf1c015d815ff7f7bebd607d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0bc2333fffd653246981521608e29ea0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: us4tLFZLovnCgxR1Fm.nLioT2NjGmle7
age: 43
x-amz-cf-pop: CDG55-P2
cf-polished: origSize=1385759
x-cache: Hit from cloudfront
content-length: 1288634
last-modified: Mon, 17 Jun 2024 18:28:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "4e4c5e3d47f87f8c13eb48a43602cd34-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626edfbbd1-FRA
x-amz-cf-id: M9LorniPjaBABTC3GxUNiGXCaGt8YDkuQXmCrLSTf_JoT30yevtPUQ==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 0324_02_Next-Gen_SIEM.jpg
www.crowdstrike.com/wp-content/uploads/2024/03/ 545 KB
546 KB 202ms
196ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/03/0324_02_Next-Gen_SIEM.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e46cfd048e264a12e9b9457ee8bf9e3501f1bbf169794722dd8b8b62981952a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 892b66fb24658030c9f86276c7abeda4.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: 9..6KZ_cXWwiJPs8_nzTcs1CHSUPZ1Ol
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 558432
last-modified: Mon, 17 Jun 2024 18:29:00 GMT
server: cloudflare
etag: "78a1ea70c100801e19deb21db541706c-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ee1bbd1-FRA
x-amz-cf-id: wUea2Oxv7KnrCrPijxFGmQvWuHyGVlvMQnu9Uez1A-GzeH3k5G5iKA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Blog_1060x698-2.jpeg
www.crowdstrike.com/wp-content/uploads/2021/09/ 908 KB
909 KB 152ms
147ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2021/09/Blog_1060x698-2.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d701066eb4b5e08ea151794e234546f6b11f467d101adf7276eaac2c85f39079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: RfPsHRBntEVGPCldIia34eog2lnjLxXF
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 929436
last-modified: Mon, 17 Jun 2024 18:29:01 GMT
server: cloudflare
etag: "18d34b7b319565442104264eb7f89ab8-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ee4bbd1-FRA
x-amz-cf-id: sLzb_2TFHDHH1f9i9FB_oPd7EuNKHDlriqaD3lVj0wNPzDXsqja6zA==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Blog_1060x698-21-1.jpg
www.crowdstrike.com/wp-content/uploads/2020/10/ 905 KB
906 KB 197ms
191ms Image
image/jpeg 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2020/10/Blog_1060x698-21-1.jpg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82e0066ecc77c031603093e852687d0383e65d7ef0c02d5c01addbe6457dc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: .X3c1SlzyiIGxO8t1oWhqTzFcjuckMoS
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 926444
last-modified: Tue, 11 Jun 2024 18:29:45 GMT
server: cloudflare
etag: "676d6f9b9ab970196689c3374ff0694d-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ee5bbd1-FRA
x-amz-cf-id: M1Al3xxxEi7aUHF9o6cKvs9xn6a_RldmpLVDrO4R37RLKYbcY852og==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 Identity-protection-for-government-blog-main-image.png
www.crowdstrike.com/wp-content/uploads/2024/02/ 577 KB
578 KB 157ms
151ms Image
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2024/02/Identity-protection-for-government-blog-main-image.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f964049bf626621ac6978012a037273f46e0957dc02efddcb8f0e67a29e37dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: XJc4jtljWXM2Y2Pc32AqkLr7NRKNq2P_
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
content-length: 590947
last-modified: Tue, 11 Jun 2024 18:29:47 GMT
server: cloudflare
etag: "cd5515e94b6ded1fc76e93ce2463dd74-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c626ee6bbd1-FRA
x-amz-cf-id: w6WOokdg9KZKb5K13hdnjlisbFnDgoGVemhjuNTH_2Q7fg9yOrx1yg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 122ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jun 2024 21:14:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: F20TBl4H0Ve0XQkn9zXQrNEI5uzXtr/Z0LZCpUiUrWnKIff6YkrnKtmgVvTT8eSQbFRWUhMXZt/IL4j3KyyD3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
77 KB 159ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

281afd5d65352e080be89bd3e334e43e7359378956701741d539e6184563e167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jun 2024 21:14:17 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 165ms
76ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc050003a767b23097b3f9566be0c33c3655ded698e06605e4b6708ee7f7cc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 17 Jun 2024 21:14:17 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 137ms
43ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 40b522ba0c42bc154c07f1dfb1da32f5a59e88a72b129503ce43a92af8d65688

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:17 GMT
via: 1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 524
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718357031
x-77-cache: HIT
x-cache: HIT
x-age: 3591
x-accel-date: 1718655266
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3Bw4AAAwBJRPCMQH3iAIAAA
x-accel-expires: @1718658866
x-77-age: 3591
last-modified: Fri, 14 Jun 2024 09:03:07 GMT
server: CDN77-Turbo
etag: W/"64de7d99264c38237071808da9ac4fa9"
x-77-nzt-ray: cf8787277df0db2329a77066b60dee1a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: zgv3NqbSD9u9ieg-Ljf180AUB6U__-7nSK_WGo1wpiyGu26y_YBzpA==

GET
H2 200 RC369f56a228fd49358259b1def8e172b2-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 2 KB
1 KB 46ms
46ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RC369f56a228fd49358259b1def8e172b2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7ad87250c3347bc33c2f564324cf2703456a67232037f4f94c16466c2749a259

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1022
expires: Mon, 17 Jun 2024 22:14:17 GMT

GET
H2 200 footer-privacy-nav.json Show response
www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/ 670 B
611 B 100ms
99ms Fetch
application/json 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/footer/footer-privacy-nav.json

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-content/themes/main-theme/dist/scripts/components/footer-navigation.min.js?ver=1708658992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eda05fa3bffe9499012fd70f4e296d97d91026b0db3682b2d12be64f005f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: DEEyp.quUZUQiejSlg9zZdXmPlZ1Nw5.
age: 166
x-amz-cf-pop: FRA60-P7
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 18:34:49 GMT
server: cloudflare
etag: W/"e32196cf2ac9305f69d8209ccfd1afb9"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=14400
cf-ray: 89560c62bf24bbd1-FRA
x-amz-cf-id: uqN80JtqvXD0qfQOBkwZu7WyO59pZTfoAPf81rtvZ1TzujP7y1IcZg==
expires: Tue, 18 Jun 2024 01:14:17 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 430 KB
105 KB 60ms
60ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ekgyiOgvSPjNzcyXVUS11Q==
age: 21832
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106739
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:28 GMT
server: cloudflare
etag: 0x8DC3E996ED117D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c62b81b972b-FRA

GET
H2 200 RCd7a7cb79654c4bd6b05f15e6d2bee662-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 4 KB
2 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RCd7a7cb79654c4bd6b05f15e6d2bee662-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c339ae2e0bf27fe07749a66253583596b8b4992ef32fe3063d2c624f525f6985

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1374
expires: Mon, 17 Jun 2024 22:14:17 GMT

GET
H2 200 RC53059e847e054c9dbde2ee394fc1558b-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 376 B
504 B 55ms
53ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RC53059e847e054c9dbde2ee394fc1558b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d9877e01e464b5699302756ab2e3aa5d6bd3dc9a13e065e34bec66f7a0406234

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 245
expires: Mon, 17 Jun 2024 22:14:17 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 66 KB
18 KB 792ms
307ms Script
application/javascript 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 00:42:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "666b9204-10980"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 18315
expires: Mon, 17 Jun 2024 21:14:18 GMT

GET
H3 200 widget_app_base_1718355665557.js Show response
cdn.userway.org/widgetapp/2024-06-14-09-01-05/ 153 KB
44 KB 128ms
60ms Script
application/javascript 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: ead403526c70847efef68c7e0efaf4b063d0c5b98141f3f8f665bab47932022c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:17 GMT
via: 1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 523
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718356602
x-77-cache: HIT
x-cache: HIT
x-age: 302255
x-accel-date: 1718356602
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3r5wEAAwBJRPCLgH32gAAAA
x-accel-expires: @1744276384
x-77-age: 302255
last-modified: Fri, 14 Jun 2024 09:03:01 GMT
server: CDN77-Turbo
etag: W/"275bdc0f3762d3a5d1c4f38199964968"
x-77-nzt-ray: f6587a1d9e7587c829a770666cbbd622
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 8BtnfjHOVw3YPvFRnwnQWrJ3aWKRNesXALRpI9BUCnOHClor-NEP5g==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/ 66 KB
16 KB 63ms
62ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bee15b7c-b632-450e-9003-9c8b60b3b978/b2193cd5-8954-4870-b8f7-b3be5ea49b82/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84d80292bc4853823a35693f016d26ceeeac38e04aee5d286d933b8973b7d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 53675
content-md5: xaZTIOTutEqwYe5ZTb4YkA==
content-length: 16506
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 15:51:18 GMT
server: cloudflare
etag: 0x8DC2CAB9E1369F9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7679f21b-201e-0028-3f94-5e582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c641b4c3657-FRA
expires: Tue, 18 Jun 2024 21:14:17 GMT

GET
H2 200 950083805267950 Show response
connect.facebook.net/signals/config/ 6 KB
3 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/950083805267950?v=2.9.158&r=stable&domain=www.crowdstrike.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2889f6f49c4217a87fd42c60f3886b7e86e027ca6683af98383711283d5ed4ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Jun 2024 21:14:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2475
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=63, mss=1297, tbw=63533, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: i4TmwVR3EQ+YpDeuPjsGaWkfKg+64mvBpE7O5U5tgBsKQO5kIkpFxwMo8VreheHeYOMgJ9oWrQL7fkl4d0s/9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/590f65a6/www-widgetapi.vflset/ 24 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/590f65a6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 18:53:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8237
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 04:19:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Jun 2025 18:53:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 368 KB
118 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKTET1D58V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfaf5f01a93e9cd021ba3c1c755385bc6f5cb989b1d652c93fefb6d0f34c5513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 121051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jun 2024 21:14:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 368 KB
118 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-797629828&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12037336&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

904d17a0c9012c9ac159b18997aff78c18808fde90764ecbd59fc9894091e622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 121114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jun 2024 21:14:17 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 13 KB
3 KB 55ms
54ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BhDz7QN6NZvDbVeQXXKKbA==
age: 3959
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:21 GMT
server: cloudflare
etag: 0x8DC3E996A8D0BAE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e3691e93-f01e-0082-3057-79783d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c64cc4e3657-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 63 KB
13 KB 59ms
58ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +VcLy0Fhvi3ZWKBwz9NNzQ==
age: 9009
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13587
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:24 GMT
server: cloudflare
etag: 0x8DC3E996C0939E8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f82a588d-e01e-007a-42aa-7024c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c64cc533657-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 58ms
57ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 16722
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: efe512ab-a01e-006b-72aa-70be77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89560c64cc553657-FRA

GET
H2 200 RC698dc8385de1411c824b73d0b3be0648-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 626 B
580 B 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RC698dc8385de1411c824b73d0b3be0648-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6ee9f378b220867a02fa579fc9611348c11057c131c4806b811459c2bdb9ab44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 322
expires: Mon, 17 Jun 2024 22:14:17 GMT

POST
H2 200 dyvvHf6oG0 Show response
api.userway.org/api/tunings/ 2 KB
2 KB 627ms
213ms XHR
application/json 2600:1f14:5db:eb00:aed1:7299:85d3:12bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/dyvvHf6oG0
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:aed1:7299:85d3:12bf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fbf082d1d7a56a1903786495e5261cc036271b5b9c2fa27ac029610fd2253cdd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
etag: W/"76b-hG3qhJOYuSVxdyCxmy8XYGeBnPQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrbf6a71f6034142a
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1899
x-service-version: uw-pr

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 55ms
54ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 9583
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0d8e53d5-e01e-00c1-2e41-bd1833000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89560c653b39972b-FRA

GET
H2 200 HaasGrotDisp-65Medium.woff2
www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/crowdstrike-wp-header/resources/fonts/haas_grot_disp/ 32 KB
33 KB 173ms
173ms Font
font/woff2 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/crowdstrike-wp-header/resources/fonts/haas_grot_disp/HaasGrotDisp-65Medium.woff2

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/crowdstrike-wp-header.css?ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5f3898fe99aab483801a9f4149fc85c0d9e6281aba989b8b085fce8db09710d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/etc.clientlibs/crowdstrike/clientlibs/crowdstrike-wp-header.css?ver=6.4.3
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
x-vhost: crowdstrikewwwvhost
x-cache: HIT
content-length: 32904
x-served-by: cache-dfw-kdfw8210137-DFW
last-modified: Thu, 30 May 2024 18:04:37 GMT
server: cloudflare
x-timer: S1718658692.923906,VS0,VS0,VE3
etag: "806c-619afb3379740-gzip"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://www.crowdstrike.com
cache-control: public, max-age=2592000
access-control-allow-credentials: true
access-control-max-age: 1800
accept-ranges: bytes
cf-ray: 89560c656ad9bbd1-FRA
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
expires: Wed, 17 Jul 2024 21:14:17 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 53ms
52ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 3661
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a6537573-001e-00c0-4999-bd19ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89560c655d0c3657-FRA

GET
H2 200 CS_Logos_2020_InlineRed_b.png
cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/ 23 KB
24 KB 58ms
57ms Image
application/octet-stream 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c109dae9-46f3-4e91-a59e-7844ef645107/cad7e755-8c86-4939-8df1-4d68f074f0fc/53cb332e-5cc4-44a8-9590-9e086136bfe9/CS_Logos_2020_InlineRed_b.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QB/VUZMYBu/LYPsEI/xs+w==
age: 45937
content-length: 24007
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jul 2020 19:10:59 GMT
server: cloudflare
etag: 0x8D82DA9CDE4D646
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: ad5c4809-001e-0086-084e-79f53a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89560c656b75972b-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 56ms
56ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2024 21:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 60145
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8b6924e8-d01e-00af-02c3-bdb11a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89560c656b7b972b-FRA

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU
play.vidyard.com/ 0
2 KB 318ms
239ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.15&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
x-cache: MISS
content-length: 1480
x-served-by: cache-fra-etou8220057-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658858.954964,VS0,VE201
etag: W/"df1-Kf4qqdfPcEPzsfmIAH4PAWjbXjM"
vary: X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
702 B 193ms
72ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
an-x-request-uuid: 730cea2c-e591-4799-82ed-3daec23c7658
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.crowdstrike.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 155ms
147ms XHR
text/html 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-251-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
312 B 271ms
42ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ae1e4f7a09a58b0e8f9f3a0ae0e3e89186ca858e5cdcf31e9405b1cc826bede5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:93::6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718658858367_34901612_269793950_28_979_40_169_219";dur=1
content-length: 19
expires: Mon, 17 Jun 2024 21:14:18 GMT

GET
H2 200 RC8de780f02ed7489ea63027c24b833a79-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 571 B
596 B 53ms
52ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RC8de780f02ed7489ea63027c24b833a79-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f965aa53581b63d9325af898e4b49a029713f7127c7962c2417ec6e5e73a33d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 337
expires: Mon, 17 Jun 2024 22:14:18 GMT

GET
H2 200 uTjAZGHEuZnPioHJ1HZQJU
play.vidyard.com/ Frame F902 0
0 122ms
41ms Document
text/html 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU?disable_popouts=1&v=4.3.15&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1480
content-type: text/html; charset=utf-8
date: Mon, 17 Jun 2024 21:14:18 GMT
etag: W/"df1-Kf4qqdfPcEPzsfmIAH4PAWjbXjM"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600
vary: X-China, accept-language, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-china: 0
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1718658858.459901,VS0,VE1

GET
H2 200 style.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 176 B
301 B 319ms
318ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/style.js?callback=window.VidyardV4.jsonp.style_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8075e644b252872397824d6163fb27e99f9e043afa435c458bf67226b612ca23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 137
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658858.315844,VS0,VE277
etag: W/"b0-dZejGerreyt0E0R/Sr0sCp67hFE"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 177 B
230 B 329ms
329ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/integrations.js?callback=window.VidyardV4.jsonp.integrations_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

875a394bacf884023e57246e4377055ffb403bc95d5e995dd26a5e49994d00e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 133
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658858.315845,VS0,VE289
etag: W/"b1-cH1eIjmMHFCZ08oyVbC4CjNIjpw"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 details.js Show response
play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/ 1 KB
802 B 422ms
422ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/uTjAZGHEuZnPioHJ1HZQJU/details.js?callback=window.VidyardV4.jsonp.details_uTjAZGHEuZnPioHJ1HZQJU.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f37482ceb45e4156eef7adf142d804c88ead3c21801b043660ff3e8f712b115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 632
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658858.316672,VS0,VE378
etag: W/"440-16GC0/1hYkhPkmUKjWAbNdZgrLA"
vary: X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-06-14-09-01-05/locales/ 621 B
1 KB 51ms
50ms XHR
application/json 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 525
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718356607
x-77-cache: HIT
x-cache: HIT
x-age: 302251
x-accel-date: 1718356607
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3q5wEAAwBJRPCLgH32wAAAA
x-accel-expires: @1744276388
x-77-age: 302251
last-modified: Fri, 14 Jun 2024 09:03:01 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: f6587a1d9e758cf42aa7706641e96816
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: -dCML8SLU0BPutI-_hxzKPPc8wh2PtHBHOU3m5OeO-JD1Qrk8MnMMg==

GET
H2 200 RC9977e7e8d24c4505b6cc57623ef571a1-source.min.js Show response
assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/ 2 KB
1021 B 42ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/1318210e1468/RC9977e7e8d24c4505b6cc57623ef571a1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d72cd986aea0/09e1256af957/launch-6cccf53edc18.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 209862f06a26a445813111047f4225658255e9a1ad05177fc81e806a1d1ebc15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 15:17:29 GMT
server: AkamaiNetStorage
etag: "21415139f24e01466aed892217b822b1:1716563849.230458"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crowdstrike.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 762
expires: Mon, 17 Jun 2024 22:14:18 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
710 B 132ms
56ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 12b151d5b8d6b92a46cc0179565c5a619e148092
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-6s-CustomID: WebTag1.0 840a4ffa1a26e59267b6b28298d972e1
Referer: https://www.crowdstrike.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 3816730717057432533
date: Mon, 17 Jun 2024 21:14:18 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.crowdstrike.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 181ms
173ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:18 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 186ms
178ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2212b151d5b8d6b92a46cc0179565c5a619e148092%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22840a4ffa1a26e59267b6b28298d972e1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:18 GMT

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 133ms
45ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.crowdstrike.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.crowdstrike.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Mon, 17 Jun 2024 21:14:18 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 1640107162725864115

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 173ms
172ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A93%3A%3A6%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:18 GMT

GET
H3 200 remediation_1718355665557.js Show response
cdn.userway.org/widgetapp/2024-06-14-09-01-05/remediation/ 99 KB
28 KB 44ms
44ms Script
application/javascript 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/remediation/remediation_1718355665557.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5521d5d6e5aebb210f782c2e25a0d23a52d4271c91a747d8344664d74aedbcb8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 c76f57c516237f120f723cde4dab446e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 510
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718356605
x-77-cache: HIT
x-cache: HIT
x-age: 302253
x-accel-date: 1718356605
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3rZwEAAwBnJIhHwH32gAAAA
x-accel-expires: @1744276387
x-77-age: 302253
last-modified: Fri, 14 Jun 2024 09:03:01 GMT
server: CDN77-Turbo
etag: W/"e8867ecacfeb568c78f7ad4d9861f453"
x-77-nzt-ray: f6587a1d9e75090f2aa77066260ad233
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: MDlv7hcnHSFfXKvyq2XFrYl2hYV-zDYUXCit3gekJHZ9hEmgVNOUSA==

GET
H3 200 tiCxkRCFofUy0tum.json Show response
cdn.userway.org/remediations/consolidated/2376540/ 801 KB
105 KB 47ms
47ms XHR
application/json 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2376540/tiCxkRCFofUy0tum.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 72f3d82984ded4dd2b102a3fb022f933041f524868a77cb95e207dee517a2d41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 164
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718357749
x-77-cache: HIT
x-cache: HIT
x-age: 301109
x-accel-date: 1718357749
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3NZgEAAwBJRPCLgH3gAQAAA
x-accel-expires: @1749892597
x-77-age: 301109
last-modified: Fri, 14 Jun 2024 04:09:11 GMT
server: CDN77-Turbo
etag: W/"b0f38eb9d1938478f5178968e395ca49"
x-77-nzt-ray: f6587a1d9e75180f2aa7706629ceda33
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: 1uj5M66pZ9klbiVBbB6sXHFiKuI6n7jUIm41XnuvC9FNm_uaqOnpFA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 50ms
45ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 483
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718357033
x-77-cache: HIT
x-cache: HIT
x-age: 301825
x-accel-date: 1718357033
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3AZsEAAwBisclxAH3iQIAAA
x-accel-expires: @1744276384
x-77-age: 301825
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: cf8787277df0db232aa77066f34d9636
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: Yibfy0Edg7w5asWmgV9ZN4piRIOKFyQA7f-b7R9suv4bOtiS27zbWw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 49ms
46ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 483
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718357032
x-77-cache: HIT
x-cache: HIT
x-age: 301826
x-accel-date: 1718357032
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3ApsEAAwB1GY4EQH3iAIAAA
x-accel-expires: @1744276384
x-77-age: 301826
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: cf8787277df0db232aa77066e400a436
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: ISeb8TEGVAqGvUEa91cmzDhpZ2aD1dTF0Zf5BdmZcbO42VacHtjYNQ==

GET
H2

200

Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cdn.vidyard.com/thumbnails/35463232/
Redirect Chain

https://play.vidyard.com/uTjAZGHEuZnPioHJ1HZQJU.jpg
https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg

33 KB
0

0ms
0ms

Image
image/jpeg

18.173.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
Protocol: H2
Server: 18.173.154.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-12.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 01 Jun 2024 06:42:22 GMT
x-amz-version-id: QGXgB9JdNTswT6IKoF.GZknfwb5se2Rd
via: 1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: MUC50-P3
age: 1434715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33683
last-modified: Fri, 31 Mar 2023 12:15:17 GMT
server: AmazonS3
etag: "0e24161b84477ff1a391dd5b79e03422"
vary: Origin
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 4320KRFQKzXxr_3_ri9tCq08pqdZdD8MQaYNDDBIWm7a1X1D_STW8w==

Redirect headers

date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 2214810
x-cache: HIT
content-length: 102
x-served-by: cache-fra-etou8220075-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1718658859.920798,VS0,VE1
vary: Accept, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.vidyard.com/thumbnails/35463232/Zd_33y9mi1mwMQnmVSPTTLoShftqFuU_.jpg
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-06-14-09-01-05/paid/ 60 KB
22 KB 98ms
97ms Script
application/javascript 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/widget_app_base_1718355665557.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9731c1a890ffb984b3bd85421a8ad751ecf485c215d4dbb80f204231d80964fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Origin: https://www.crowdstrike.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 508
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718356605
x-77-cache: HIT
x-cache: HIT
x-age: 302253
x-accel-date: 1718356605
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3rZwEAAwBnJIhHwH32gAAAA
x-accel-expires: @1744276387
x-77-age: 302253
last-modified: Fri, 14 Jun 2024 09:03:06 GMT
server: CDN77-Turbo
etag: W/"f82df0f1d48c6daca0c1ca2bf4507de9"
x-77-nzt-ray: f6587a1d9e75f2142aa77066b0e7963a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: eo5pTcflIluev5A5xQLZTrdyACNuISJxG-NWnwOy4xtEMDO7hoUy7g==

GET
H3 200 tiCxkRCFofUy0tum.json Show response
cdn.userway.org/remediations/consolidated/2376540/ 801 KB
0 0ms
0ms Fetch
application/json 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2376540/tiCxkRCFofUy0tum.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 72f3d82984ded4dd2b102a3fb022f933041f524868a77cb95e207dee517a2d41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:18 GMT
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 164
x-amz-server-side-encryption: AES256
x-accel-date-max: 1718357749
x-77-cache: HIT
x-cache: HIT
x-age: 301109
x-accel-date: 1718357749
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3NZgEAAwBJRPCLgH3gAQAAA
x-accel-expires: @1749892597
x-77-age: 301109
last-modified: Fri, 14 Jun 2024 04:09:11 GMT
server: CDN77-Turbo
etag: W/"b0f38eb9d1938478f5178968e395ca49"
x-77-nzt-ray: f6587a1d9e75180f2aa7706629ceda33
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: 1uj5M66pZ9klbiVBbB6sXHFiKuI6n7jUIm41XnuvC9FNm_uaqOnpFA==

GET
H2 200 favicon-96x96.png
www.crowdstrike.com/wp-content/uploads/2018/09/ 3 KB
3 KB 125ms
125ms Other
image/png 2606:4700::6810:b576
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/uploads/2018/09/favicon-96x96.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b576 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3863b23eb007d405fd80924f499fa54a178bc0a8009496c104271f3cf6732642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9a04c6aa4d3f25ed242a525a7658d9ac.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: xzQ50oa4JIywxLj5hARZkgDJ9YqHXEhx
x-amz-cf-pop: AMS58-P1
x-cache: Hit from cloudfront
content-length: 2800
last-modified: Mon, 04 Mar 2024 19:01:37 GMT
server: cloudflare
etag: "4a45a80764ed940d22195c87571e4162-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89560c6d0d4ebbd1-FRA
x-amz-cf-id: 3cgN-rbobEb6YIBwWa_fnUFaU6Em7uKeZ5kG3zdJIxvUh7I-ga-uNA==
expires: Tue, 18 Jun 2024 01:14:19 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 173ms
172ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A18%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:19 GMT

GET nav_menu_helper_1718355665557.js
cdn.userway.org/widgetapp/2024-06-14-09-01-05/remediation/ 0
0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 179ms
179ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:20 GMT

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/ Frame 0
0 321ms
211ms Preflight 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fc109dae9-46f3-4e91-a59e-7844ef645107%2Fcad7e755-8c86-4939-8df1-4d68f074f0fc%2F53cb332e-5cc4-44a8-9590-9e086136bfe9%2FCS_Logos_2020_InlineRed_b.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fplay.vidyard.com%2FuTjAZGHEuZnPioHJ1HZQJU.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fthemes%2Fmain-theme%2Fdist%2Fimages%2Flogos%2Fcrowdstrike%2FRedLogoCS.svg%22%2C%22alt%22%3A%22CrowdStrike%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2018%2F08%2FEdward-Gonam-Qatar-Blog2-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2019%2F01%2Fvideo-ATTCK2-1.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2019%2F12%2FIR-Video-Blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2020%2F10%2FBlog_1060x698-21-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F01%2FKernel-attack-Blog_1060x698-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F03%2Fpatch-tuesday-blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F04%2FFalcon-Script-Control-Blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F06%2FBlog_0520_08-1.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2Fbreaches-stop-here-post-cta.jpeg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2FCS_Free_Trial_blog_300x600_final.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2Fred-falcon.svg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F09%2FBlog_1060x698-2.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBlog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F02%2F0222_03_Falcon_Platform_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F10%2F1022_08_Small-Business-Rethink-Cybersecurity_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F11%2FXXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F12%2FBlog_1060x698-1.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2F0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.crowdstrike.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
date: Mon, 17 Jun 2024 21:14:20 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WqEQAACAElE8IxAAA
x-77-nzt-ray: 4c15622421ed635a2ca770664cc5942d
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-608f37d5

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/ Frame 0
0 631ms
522ms Preflight 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2FGeneric_Blogs_Intel_Alert_Adversary_1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2Fimage1-1.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2FScreenshot-2023-03-29-at-1.41.47-PM.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F04%2F0522_11_Falcon_ID-Threat-Protection_Fed-State-Local_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F08%2F0823_01_MSFT-Windows-Restart-Manager.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F10%2F0122_03_IR_Tracker_for_DFIR_Community.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F10%2F0921_06_Telecomm_LightBasin.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F11%2F1023_03_Compromising-Identity-Provider-Federation.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F12%2F1123_08_Insider-Vulnerabilities.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F01%2F0124_02_FalconFund-Partners-with-Aembit.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2F0224_02_LATAM-Malware-Update.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2FGTR_BlogImage_1060x698-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2FIdentity-protection-for-government-blog-main-image.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2F0324_01_Flow-Security_Acquisition.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2F0324_02_Next-Gen_SIEM.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2FSPIDER-adversary-blog-main-image.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F04%2F0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F04%2F0424_01_Protecting-High-Profile-Employee-Info_Dark-Web.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_01_RSA-Cloud-GK-MS.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_03_SOC-Survival-Guide-Personas.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_05_Dominoes.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F24-CrowdTour-Blog-Main-Image-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F06%2Fxdr-wave-blog-image-1068x698-headline-3.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.crowdstrike.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
date: Mon, 17 Jun 2024 21:14:21 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WqEQAACAGckiEnAAA
x-77-nzt-ray: 4c15622421ed635a2ca77066c8c48d2d
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-608f37d5

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/ 5 KB
1 KB 236ms
236ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fc109dae9-46f3-4e91-a59e-7844ef645107%2Fcad7e755-8c86-4939-8df1-4d68f074f0fc%2F53cb332e-5cc4-44a8-9590-9e086136bfe9%2FCS_Logos_2020_InlineRed_b.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fplay.vidyard.com%2FuTjAZGHEuZnPioHJ1HZQJU.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fthemes%2Fmain-theme%2Fdist%2Fimages%2Flogos%2Fcrowdstrike%2FRedLogoCS.svg%22%2C%22alt%22%3A%22CrowdStrike%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2018%2F08%2FEdward-Gonam-Qatar-Blog2-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2019%2F01%2Fvideo-ATTCK2-1.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2019%2F12%2FIR-Video-Blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2020%2F10%2FBlog_1060x698-21-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F01%2FKernel-attack-Blog_1060x698-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F03%2Fpatch-tuesday-blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F04%2FFalcon-Script-Control-Blog-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F06%2FBlog_0520_08-1.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2Fbreaches-stop-here-post-cta.jpeg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2FCS_Free_Trial_blog_300x600_final.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F07%2Fred-falcon.svg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F09%2FBlog_1060x698-2.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBlog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F02%2F0222_03_Falcon_Platform_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F10%2F1022_08_Small-Business-Rethink-Cybersecurity_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F11%2FXXXX_Falcon-LogScale-So-Fast_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2022%2F12%2FBlog_1060x698-1.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F0123_11_DLL-Sideloading_Advanced-Memory-Scanning_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F0223_01_Audits-Centralized-Log-Mgmt_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F02%2F1122_01_Darkside-Ai-vs-Adversaries_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2F0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1e08da4e3ada8c605edf85edec61d7f9e0764d377d148286d61298cda4a63d79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:21 GMT
content-encoding: gzip
x-77-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-service-version: img-dscr-srv-608f37d5
x-77-nzt: EggBw7WqEQFBCAElE8IxAUE
server: CDN77-Turbo
etag: W/"1472-7KCBxry7aQ6YYkg+FMXEc0o21BI"
x-77-nzt-ray: 4c15622421ed635a2ca77066a5fe343a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=604800
vary: Accept-Encoding
access-control-allow-headers: *

GET
H3 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/ 5 KB
1 KB 47ms
47ms Fetch
application/json 156.146.33.138
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/dyvvHf6oG0/2376540/BvBnLxcgsitibG0n/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2FGeneric_Blogs_Intel_Alert_Adversary_1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2Fimage1-1.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F03%2FScreenshot-2023-03-29-at-1.41.47-PM.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F04%2F0522_11_Falcon_ID-Threat-Protection_Fed-State-Local_Blog_1060x698.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F08%2F0823_01_MSFT-Windows-Restart-Manager.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F10%2F0122_03_IR_Tracker_for_DFIR_Community.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F10%2F0921_06_Telecomm_LightBasin.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F11%2F1023_03_Compromising-Identity-Provider-Federation.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2023%2F12%2F1123_08_Insider-Vulnerabilities.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F01%2F0124_02_FalconFund-Partners-with-Aembit.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2F0224_02_LATAM-Malware-Update.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2FGTR_BlogImage_1060x698-1.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F02%2FIdentity-protection-for-government-blog-main-image.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2F0324_01_Flow-Security_Acquisition.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2F0324_02_Next-Gen_SIEM.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F03%2FSPIDER-adversary-blog-main-image.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F04%2F0322_02_Reinventing_MDRIDP_Blog_1060x698.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F04%2F0424_01_Protecting-High-Profile-Employee-Info_Dark-Web.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_01_RSA-Cloud-GK-MS.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_03_SOC-Survival-Guide-Personas.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F0524_05_Dominoes.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F05%2F24-CrowdTour-Blog-Main-Image-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.crowdstrike.com%2Fwp-content%2Fuploads%2F2024%2F06%2Fxdr-wave-blog-image-1068x698-headline-3.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.138 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: e34e7ea42e1be5b4c758877a7faddff6c58c744c5410e6c1965318c6ffa05453

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 17 Jun 2024 21:14:21 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1718631472
alt-svc: h3=":443"; ma=86400
x-service-version: img-dscr-srv-608f37d5
x-77-nzt: EggBnJIhiAFBDAGckiEnAff9agAA
x-accel-expires: @1719236272
x-77-age: 27389
server: CDN77-Turbo
etag: W/"13cc-f//LPFUYOb7XYu/x3AZyBp69bZM"
x-77-nzt-ray: f6587a1d1f6d68962da7706649372811
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=604800
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 2376540 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 200ms
200ms Fetch
application/json 2600:1f14:5db:eb00:aed1:7299:85d3:12bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2376540
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:aed1:7299:85d3:12bf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:21 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 2376540 Show response
api.userway.org/api/br-links/v0/links/ 12 KB
3 KB 202ms
201ms Fetch
application/json 2600:1f14:5db:eb00:aed1:7299:85d3:12bf
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2376540
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-14-09-01-05/paid/remediation-tool.js?ts=1718355665557
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:aed1:7299:85d3:12bf Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5746d3d3e64d46bca6c478a9a05b27640fa2f9cd29f99b3106ebed16721248d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:14:21 GMT
content-encoding: gzip
etag: W/"2fd3-aq/jAx2iiQ7oKMn2R5rcJxRPvv4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
x-service-version: apps-ddb67952

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 171ms
171ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A20%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:21 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 172ms
171ms Image
image/gif 23.61.251.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=840a4ffa1a26e59267b6b28298d972e1&svisitor=null&visitor=b9602a4b-654e-4da0-8894-3d5dc5a75c02&session=3eb67c03-6d1e-469f-87a9-4733ddc69e9f&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2017%20Jun%202024%2021%3A14%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22On%20March%2029%2C%202023%2C%20CrowdStrike%20observed%20unexpected%20malicious%20activity%20emanating%20from%20a%20legitimate%2C%20signed%20binary%2C%203CXDesktopApp%20%E2%80%94%20a%20softphone%20application%20from%203CX.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrowdStrike%20Prevents%203CXDesktopApp%20Intrusion%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&pageViewId=b01aa267-cfd7-4687-8e47-dbd2c2cc2fd6&an_uid=0&v=1.1.21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.251.14 Miami, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-251-14.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.crowdstrike.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 21:14:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 Jun 2024 21:14:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-14-09-01-05/remediation/nav_menu_helper_1718355665557.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crowdstrike.com/	1970-01-20 21:24:20	Name: __cf_bm Value: Te6DS98z.0jhpsZh9VyP9NzeUW30o14sQWcHa7WJq7Y-1718658856-1.0.1.1-Hq8n6ipcTiMB3aI2IBM7ub8arYYyT7_yosufecgwbOdDMvdAb.zm2eLeLQxrhMpaw2yNagQwb7u38sWk.hDUGA
.crowdstrike.com/	1969-12-31 23:59:59	Name: _csUtms3 Value: %7B%22utm_medium%22%3A%22dir%22%7D
www.crowdstrike.com/	1970-01-20 21:24:20	Name: s_utm_medium Value: dir
.go.crowdstrike.com/	1970-01-20 21:24:20	Name: __cf_bm Value: EwLVR_wDiIAXrxFgINIpCpOl8p9caERWsFa4xNCMFZg-1718658857-1.0.1.1-DtqjfL4R9UP6gz409mLybYRPGUVJdszmrBr3cGkmT87IL38f10BiWfptBGWIhk2iPvkxtCEvYQcw8MyyHV_Q2Q
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Z852fFRiOr4
.youtube.com/	1970-01-21 01:43:30	Name: VISITOR_INFO1_LIVE Value: mkHnK_mQix0
.youtube.com/	1970-01-21 01:43:30	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgMQ%3D%3D
.crowdstrike.com/	1969-12-31 23:59:59	Name: _gcl_au Value: 1.1.376603022.1718658858
.crowdstrike.com/	1970-01-21 06:09:54	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jun+17+2024+23%3A14%3A17+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=4988cdef-5541-4626-87a3-3c18d9f34277&interactionCount=0&landingPath=https%3A%2F%2Fwww.crowdstrike.com%2Fblog%2Fcrowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.adnxs.com/	1970-01-21 07:00:18	Name: receive-cookie-deprecation Value: 1
www.crowdstrike.com/	1970-01-20 21:34:23	Name: _an_uid Value: 0
www.crowdstrike.com/	1970-01-21 07:00:18	Name: _gd_visitor Value: b9602a4b-654e-4da0-8894-3d5dc5a75c02
www.crowdstrike.com/	1970-01-20 21:24:33	Name: _gd_session Value: 3eb67c03-6d1e-469f-87a9-4733ddc69e9f
www.crowdstrike.com/	1970-01-20 21:24:20	Name: _csRef Value: www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri /csp-violation-report-endpoint/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.pathfactory.com https://crowdstrike.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
assets.adobedtm.com
b.6sc.co
c.6sc.co
cdn.addsearch.com
cdn.cookielaw.org
cdn.userway.org
cdn.vidyard.com
cdn77.api.userway.org
connect.facebook.net
epsilon.6sense.com
geolocation.onetrust.com
go.crowdstrike.com
ipv6.6sc.co
j.6sc.co
p.typekit.net
play.vidyard.com
secure.adnxs.com
use.fontawesome.com
use.typekit.net
www.crowdstrike.com
www.googletagmanager.com
www.youtube.com
cdn.userway.org
104.17.74.206
151.101.1.181
151.101.65.181
156.146.33.137
156.146.33.138
18.173.154.12
23.61.251.14
2600:1f14:5db:eb00:aed1:7299:85d3:12bf
2600:9000:225b:1000:a:de52:1580:93a1
2606:4700:3036::6815:1b98
2606:4700:4400::ac40:9b77
2606:4700::6810:b576
2606:4700::6813:b134
2a00:1450:4001:81c::200e
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:587::1e80
2a02:26f0:ab00::214:8e70
2a02:6ea0:c700::18
2a02:6ea0:c700::19
2a03:2880:f083:9:face:b00c:0:3
37.252.171.21
76.223.9.105
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
06adbc033a1a4d6c04306c51945d1661225aa304b703660fd4347e73109802b8
0842e5aeb51c48cfe9f27f26b1855cea516abecf1c015d815ff7f7bebd607d36
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0a5519e5e3a790d684daf67a4888160187a1359dd446b05fa89cbdaabc66221f
0bf90a8569ed246ad28d91458f6771f6934a0c4983243eca5f6accf91d6979cc
0d5ec87cda7124201fb8da2fb6d26b66b4a57c4deab8dfbb7ad56a06471fb673
0d616ec0b06b0da8f53e9f291e1873edca40739f641c7499525040750072b0b1
0dbd9ca47f4fd338efab8e6f5188a6de45cf390f04cfaea4a65abc47635550c6
0dc50522b78336540aa02fc54fdf855c8726e0eaecb627d116d28b40b34abaeb
0dcb4b8f8926bf46fb35389caec38cf06c566048372f67646d40efce85e24346
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
0f1c1c319dae1d32ef2feaa657e6d82c5f8fe4c98aa8bbc7ee0aab8b5b9d5d38
0f965aa53581b63d9325af898e4b49a029713f7127c7962c2417ec6e5e73a33d
0f9c2ce6f85c93eed9e3e0917378e13d9ecc30b3690a2c97f9eb013b81244f4b
127f3af41355cac536fbe3b6d68dc9a897f26a2e3b048b6caf58195bedb17d21
130a995d67fcc6db4eb38729f7b2d751e4d01b3a0ec2baf598053936fb712e9c
1456654ae4fa2d7e2daa1e1bcb72e42de117dc4f349c0a822af92ad9fdbce27c
15a5cfc7e447908f18e0fba4593b53c63f31e27c82a84dbcb7394406540094ce
170d7b2dda1cde0aad9938ebc0e3f7f1e08b01221eead69e14784fdb089543b6
1b51ef8f41389200c7afe4b12a7c70fca5b189f7aeee62af8e64ca68b0e77556
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e08da4e3ada8c605edf85edec61d7f9e0764d377d148286d61298cda4a63d79
209862f06a26a445813111047f4225658255e9a1ad05177fc81e806a1d1ebc15
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
232758efb13500589ac9c795477f1dc3fcb16d1c19f5fdb1749dc62de328b212
2500308cf1ee7b69cd097b34fc38dbf44fc531f2d24d56bc448a94fef905a0f5
26c1f5c606c824e1dc3da0982830940f75268925e2febcd5a768f8ae31245286
281afd5d65352e080be89bd3e334e43e7359378956701741d539e6184563e167
2889f6f49c4217a87fd42c60f3886b7e86e027ca6683af98383711283d5ed4ce
28a742520f207eaf53843360c5b72e8df2bfd55a2153361c8235281f38f0d666
29a68c25f979ec7efa0297fa11a0f3690abafae75f9db9f09c282811954f8516
2a1c184d50442cbf6f575454a8801ec64f9e509b76aa5210c35a98bd5207603e
30b5b871c01839552b14a1cc7dfb35614b537418ce89fea5cc89eae614af7ef6
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
384ad6c5085d773700ca45bd99e00f40335779afc64e4715cda26ea57aecfce8
3863b23eb007d405fd80924f499fa54a178bc0a8009496c104271f3cf6732642
3d871b6771dfa1a9115eee87e6dbb038d19387e11f27904622a56ff9bd4d2b84
3e46cfd048e264a12e9b9457ee8bf9e3501f1bbf169794722dd8b8b62981952a
40b522ba0c42bc154c07f1dfb1da32f5a59e88a72b129503ce43a92af8d65688
465e01822cf44a4473e0ce07f5d669d730a20d2549a9e5a73d00fa76b7ad40e4
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4d3dab569c7b9e24ba3484873769a6b4a34bd3ab4ef6ff53b1c5a5c60f7d5663
52b269545d8b0251f5f585cfa9572691d8d50a4a55ddcd6c5dd4e5718136e4f5
53f37e1646c902eeb517fdd7079b495af24d247d7a82675b34b360eb829e89f3
5521d5d6e5aebb210f782c2e25a0d23a52d4271c91a747d8344664d74aedbcb8
5570e2804405ac119ae21551a257b2e0157d99c593765a63219ad17b4c4c0abd
5746d3d3e64d46bca6c478a9a05b27640fa2f9cd29f99b3106ebed16721248d7
5b9354ea2d384254df4fb13863b8c2fa6e4c563b2a1d882f20b428bb17a3c5d1
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
666b6ca60b6430028bc4b1aa778f0b3afc40a6c4a162660fa6777f5043728a77
66b3229cb8fe777ae631f22a6ff09b54455847487152035ce7fe6797bc5f15a0
66d65062f0efac879a3ebb5641b4bedc855f5d7e9d600e7bf42762d86bef1600
676e244d03975612f45b1fb2b160c87d6e4ea12bad3e7b54218421880be7aa80
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6953f3cc7d3845188c7a6083b0bd2979134f84cdad0706b958fd074562d82595
6ebe1e4135bb845bd442e32f716d10da89f715f890bdfe4b71354edb5c7f17f8
6ee9f378b220867a02fa579fc9611348c11057c131c4806b811459c2bdb9ab44
6f37482ceb45e4156eef7adf142d804c88ead3c21801b043660ff3e8f712b115
720efb8fa2292817618aa7adee04349152c748927334fe7527bba18a97c0e5b8
725372600b9f890713ebb3a41322fa90345111904e54345285c1674d4350e39d
72f3d82984ded4dd2b102a3fb022f933041f524868a77cb95e207dee517a2d41
74a8d08bfffcc2b091168ebe5d30299c4857f962280f3b214ec64f460587b4c7
7a0535ef3e0a5d1eeb5ba52fc5be0224bf22463e413630d40ccfdaebbaf2c7c1
7ad87250c3347bc33c2f564324cf2703456a67232037f4f94c16466c2749a259
7c0b8d5e9b7d24a63fd54cbf0002f396e8de5c44644eb72556d0c2cb78497c37
8075e644b252872397824d6163fb27e99f9e043afa435c458bf67226b612ca23
810332241127fca1f484b8f71e13d7dc99bde7644e56216fdc777d047fb16a27
856540b7b80cc68706c9977f03d3fb567f2a424f8d13400acb1318713567ddd7
875a394bacf884023e57246e4377055ffb403bc95d5e995dd26a5e49994d00e0
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8af6e0f48351a4c4a6f36ef764dad05c56ad7f621453a55dc02a40fa59f143c9
8c847dce1cd0746b8168211b5b9b41c397aff2b4d94e3eaeacb41eb572ef6b0b
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
904d17a0c9012c9ac159b18997aff78c18808fde90764ecbd59fc9894091e622
932260c413362a1f76334f6bcbab0a6871ec16075439a19381403cf8604cf7a4
969dc9810ae7ff4dda03af2446d050cbfcb0517bf7e75ec5f809bc1b8f0734ff
9731c1a890ffb984b3bd85421a8ad751ecf485c215d4dbb80f204231d80964fc
994ac1af3cb99d4eea7d683e7eccdd56c05ec63dcbce830130590e7beacb1e7c
9cc464eb98bf5a4bf45bbca487ae2c1fdd199900266cc5796f7c9403b7a5c774
9f9f09220578095d79ded54e8c0ee6ef21bc38e86475d2645b8656bbef22bbeb
9fc0876c504ddc0c3b67bc59206bd60843875de01206315a3b26f0ce5301f567
a1746906ad6fe82edd82ef2702815c2cc2a1b4d0545c04c4247a701b6e6e84f6
a1d423b0486bffe04c6dd45d0e7edcb60d20683dd009587830b23ade111b9dcb
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a4c2ccd30648fc09f85414277bd29e17593e43494a15d659d9cbf53954e0fc92
a4de69c4da632c524a487089027651a870ebb73818c4138725db58e87979119f
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
a6dee6c73c3fffab45a1d559044b3806b79ce98c1370945608a1121f3badea14
a752153b260a4c11f612ef2c09a418b23f53972f73aea7111e8a013175833890
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
ae1e4f7a09a58b0e8f9f3a0ae0e3e89186ca858e5cdcf31e9405b1cc826bede5
b25d2319903d6e206b3bd9a7340206ec7d6b603405403130d95a6ffca76a80db
b332a3fa616df968bdd71567cde2fe6031561746f6022d06993bde4001ec2730
b5f4aab24a8400c4ae32c2dcd33086b87def54daea3d4da60e43c1a5c75ac90e
b717457ea6bf116ffcf318685cff6613ca9ac4d9e3bbda3ac1602e65a7841e92
b82e0066ecc77c031603093e852687d0383e65d7ef0c02d5c01addbe6457dc48
b93680a9f50608d09c147af33f3e897a4b376ff3efb696bb062ed2e0f862d819
bee78f076d7ef9d9be92fb1f293909e529c5b61891a52557d51e7183971e02cc
c0bcefb4393c7136a6a3485631af8eebc3aef8e902d520c7b60a4757b9ccbabf
c2fa9f5a02e6f3aff464232bdd7b2203a4b5614d861925b316d61e2b861e67a3
c339ae2e0bf27fe07749a66253583596b8b4992ef32fe3063d2c624f525f6985
c340f71394a49ae1128b951ba1294016f904244d53b10e03ce3563e80a415e28
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cdc86047b2f0af05517559943656bb3268b864a8efc9cf9ad9779206b594903e
ced035236ef87e76d0e300e6c7c507d982c4a48c99a137f3a7fb61a94cb83688
cfaf5f01a93e9cd021ba3c1c755385bc6f5cb989b1d652c93fefb6d0f34c5513
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d1c90bd20c04adf24d97ff015095058b528a293e12533fcc37a6f4b61970785e
d2f11d6ba5320479397de917dca409cb3994fc78534cececad0ddba8ed2fdd4e
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d6a8b2d8de96a693a7f089ff23c3f7aa66ed14718e0d4464a1df1ffb828c8609
d701066eb4b5e08ea151794e234546f6b11f467d101adf7276eaac2c85f39079
d9877e01e464b5699302756ab2e3aa5d6bd3dc9a13e065e34bec66f7a0406234
db69a3d25d8125632acede7426cfaa714390a3a713e8fb38fca4264581341744
dc050003a767b23097b3f9566be0c33c3655ded698e06605e4b6708ee7f7cc15
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde72d130fdb48d147968266f9be78dd02412d8ed80995862f506d9f721f4651
e1c465f39d05ccb409fee2b4c336caffc7eff511bda7b3fbd006cf25f2c31b12
e34e7ea42e1be5b4c758877a7faddff6c58c744c5410e6c1965318c6ffa05453
e36ce51df6d05a63225d449ba07b002ef1c2cd73b946e21e27456b251449712b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bb911d804e4d1f86f3ba3c7c91679115a598c6131b48d535e62d5fb4546b8e
e84d80292bc4853823a35693f016d26ceeeac38e04aee5d286d933b8973b7d7c
e8eda05fa3bffe9499012fd70f4e296d97d91026b0db3682b2d12be64f005f81
ead403526c70847efef68c7e0efaf4b063d0c5b98141f3f8f665bab47932022c
eee66297afe4bfd363c9e7b27978892a34adffde1664ef7509335aff8aa31cc0
f21f8a677f32d29928597f8ed5712286e237b95ef9ab26f3aabd00adea4e8c7c
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f544c0d9d4efe6098073613bd00f1b2260726c0bb4602d3a8dedd47df3c606ce
f5f3898fe99aab483801a9f4149fc85c0d9e6281aba989b8b085fce8db09710d
f8f105a0a91843bdeac95e6aff14d7753ca2aaff00c942cf1bcb1da1025cff4c
f964049bf626621ac6978012a037273f46e0957dc02efddcb8f0e67a29e37dc5
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fbf082d1d7a56a1903786495e5261cc036271b5b9c2fa27ac029610fd2253cdd
fdd307eff5b34a8545d293195aef6e2c025468423ddce8b28d8662c41e2e08ce
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff7bd74fbf924b0b4d706b0b599bde21553542dd428253478448884cb5668a53

www.crowdstrike.com Open in urlscan Pro 2606:4700::6810:b576 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

98 %HTTPS

63 %IPv6

15 Domains

23 Subdomains

25 IPs

3 Countries

19367 kBTransfer

24950 kBSize

14 Cookies

41 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crowdstrike.com Open in urlscan Pro
2606:4700::6810:b576 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

98 %
HTTPS

63 %
IPv6

15
Domains

23
Subdomains

25
IPs

3
Countries

19367 kB
Transfer

24950 kB
Size

14
Cookies

159 HTTP transactions
0 data transactions