trial.cobaltstrike.com Open in urlscan Pro
104.20.50.67  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response trial.cobaltstrike.com/	15 KB 5 KB	480ms 456ms	Document text/html	104.20.50.67 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.20.50.67 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ea21b85f3358f0c7e34eefe1a6b27576e7bdc6d6b18cfd9f121838148b208aab Request headers :path / accept-encoding gzip, deflate upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 :authority trial.cobaltstrike.com :scheme https :method GET Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:37 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 200 set-cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577; expires=Fri, 08-Feb-19 10:09:37 GMT; path=/; domain=.cobaltstrike.com; HttpOnly session=c02dbc86-1c03-4839-88fa-22afc270dfd1;EXPIRES=Fri, 08-Feb-2019 10:09:33 GMT; PATH=/ cf-ray 3e9dcb5ebc0526c6-FRA
GET H2	200	reset.css www.cobaltstrike.com/css/	750 B 705 B	799ms 19ms	Stylesheet text/css	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.cobaltstrike.com/css/reset.css Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6007e789b7f0c04474fd41a25af73a5654c213ec3af878bf6e94d8f233fbffb7 Request headers :path /css/reset.css pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority www.cobaltstrike.com referer https://trial.cobaltstrike.com/ :scheme https :method GET Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT content-encoding gzip cf-cache-status HIT server cloudflare status 200 etag W/"13415132b68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css content-range 0-998/999 cache-control public, max-age=86400 cf-ray 3e9dcb667bbf970c-FRA expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	style.css www.cobaltstrike.com/css/	7 KB 2 KB	800ms 21ms	Stylesheet text/css	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.cobaltstrike.com/css/style.css Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 08aa72fac3d52f497d6158d4e796190cc31152cc1ac8808723d9eb7197e37da8 Request headers :path /css/style.css pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority www.cobaltstrike.com referer https://trial.cobaltstrike.com/ :scheme https :method GET Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT content-encoding gzip cf-cache-status HIT server cloudflare status 200 etag W/"137fd0a6550" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css content-range 0-10316/10317 cache-control public, max-age=86400 cf-ray 3e9dcb667bc0970c-FRA expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	main.js Show response www.cobaltstrike.com/js/	196 B 295 B	799ms 19ms	Script application/octet-stream	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.cobaltstrike.com/js/main.js Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d6d0973cd5e62f94a02ce5e8e3d7cbc0c96ee154d5c8d0ce8047a729a31f5eb1 Request headers :path /js/main.js pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority www.cobaltstrike.com referer https://trial.cobaltstrike.com/ :scheme https :method GET Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "13415132b68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/octet-stream content-range 0-195/196 cache-control public, max-age=86400 cf-ray 3e9dcb667bc1970c-FRA content-length 196 expires Fri, 09 Feb 2018 10:09:38 GMT
GET S	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.5.2/	84 KB 29 KB	6ms 5ms	Script text/javascript	216.58.207.74 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol SPDY Server 216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s25-in-f10.1e100.net Software sffe / Resource Hash 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Sun, 04 Feb 2018 04:46:31 GMT content-encoding gzip x-content-type-options nosniff age 364986 status 200 alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 30082 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 04 Feb 2019 04:46:31 GMT
GET H2	200	logo.png www.cobaltstrike.com/images/	41 KB 41 KB	12ms 12ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/logo.png Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8ab8446370cd0672b068a02511886aacfce36f2ba8a3018fdff3c15dadeaae1d Request headers :path /images/logo.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://trial.cobaltstrike.com/ :scheme https :method GET Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-41939/41940 cache-control public, max-age=86400 cf-ray 3e9dcb669c08970c-FRA content-length 41940 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	download.png www.cobaltstrike.com/images/	2 KB 2 KB	387ms 387ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/download.png Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d4d2c304d4c6cc15f5a1cd73a532b2b6dc01b5f72a5c3344584bd4f8e5b5ae9e Request headers :path /images/download.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://trial.cobaltstrike.com/ :scheme https :method GET Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-2263/2264 cache-control public, max-age=86400 cf-ray 3e9dcb669c09970c-FRA content-length 2264 expires Fri, 09 Feb 2018 10:09:38 GMT
GET S	200	analytics.js Show response www.google-analytics.com/	35 KB 14 KB	6ms 6ms	Script text/javascript	172.217.22.46 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol SPDY Server 172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s16-in-f14.1e100.net Software Golfe2 / Resource Hash f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 13 Nov 2017 20:19:12 GMT server Golfe2 age 1605 date Thu, 08 Feb 2018 09:42:53 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 14597 expires Thu, 08 Feb 2018 11:42:53 GMT
GET H2	200	body-bg.jpg www.cobaltstrike.com/images/	190 KB 190 KB	353ms 352ms	Image image/jpeg	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/body-bg.jpg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash afecd5e18467063cc3502c0a8b08cf9784eed95003b218e134e7b64f6b79328d Request headers :path /images/body-bg.jpg pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg content-range 0-194714/194715 cache-control public, max-age=86400 cf-ray 3e9dcb66ac47970c-FRA content-length 194715 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	header-filler.jpg www.cobaltstrike.com/images/	36 KB 36 KB	390ms 389ms	Image image/jpeg	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/header-filler.jpg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e16eef6e0842af5876381478565d6e7ee4d8d03e80a7a378fe875089d009883f Request headers :path /images/header-filler.jpg pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg content-range 0-36776/36777 cache-control public, max-age=86400 cf-ray 3e9dcb66ac48970c-FRA content-length 36777 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	nav-bar.png www.cobaltstrike.com/images/buttons/	7 KB 7 KB	11ms 10ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/buttons/nav-bar.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 14b1adf18e1820e18a114499d2890bd7198d4f76983ae75fbad856e8acc373fe Request headers :path /images/buttons/nav-bar.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-7296/7297 cache-control public, max-age=86400 cf-ray 3e9dcb66ac4a970c-FRA content-length 7297 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	inner-download-now.png www.cobaltstrike.com/images/buttons/	23 KB 23 KB	368ms 367ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/buttons/inner-download-now.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dad076141e6b2ee9cbda8f90fb0f0cc4864fca66a42c87c7cf1dc8c250f92f28 Request headers :path /images/buttons/inner-download-now.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-23783/23784 cache-control public, max-age=86400 cf-ray 3e9dcb66ac4b970c-FRA content-length 23784 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	inner-nav.png www.cobaltstrike.com/images/buttons/	56 KB 56 KB	349ms 349ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/buttons/inner-nav.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6836a42fd2154f83bda16bf5281d07ff06e203f99da44ea8cd7f67db6d6ebfaa Request headers :path /images/buttons/inner-nav.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-57369/57370 cache-control public, max-age=86400 cf-ray 3e9dcb66ac4c970c-FRA content-length 57370 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	content-m.png www.cobaltstrike.com/images/	10 KB 11 KB	366ms 366ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/content-m.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 01a15f7b925fea1236cb579cc7999e13d17b81642c42e5e3c42782813cf6aa3d Request headers :path /images/content-m.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-10701/10702 cache-control public, max-age=86400 cf-ray 3e9dcb66ac4d970c-FRA content-length 10702 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	text-bg.gif www.cobaltstrike.com/images/	819 B 897 B	364ms 364ms	Image image/gif	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/text-bg.gif Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7e188ce20ec98dc68e6325bddb607f097fee0429824e472bd087cd46d2fe0c69 Request headers :path /images/text-bg.gif pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status REVALIDATED server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif content-range 0-818/819 cache-control public, max-age=86400 cf-ray 3e9dcb66ac4f970c-FRA content-length 819 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	content-b.png www.cobaltstrike.com/images/	4 KB 4 KB	9ms 8ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/content-b.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 23c5261235244a69b336cf8a554ea6d3d24ebb5a535c360b7ae2bf88e06cc3de Request headers :path /images/content-b.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-3692/3693 cache-control public, max-age=86400 cf-ray 3e9dcb66bc54970c-FRA content-length 3693 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	bottom-links-bg.png www.cobaltstrike.com/images/	303 B 373 B	10ms 9ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/bottom-links-bg.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a79dbc0c2e362f1d1274979bb95fc5531c6bc9c6df5e828913ef78de1adc550e Request headers :path /images/bottom-links-bg.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-302/303 cache-control public, max-age=86400 cf-ray 3e9dcb66bc56970c-FRA content-length 303 expires Fri, 09 Feb 2018 10:09:38 GMT
GET H2	200	bottom-nav.png www.cobaltstrike.com/images/buttons/	3 KB 4 KB	9ms 9ms	Image image/png	104.20.171.46 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.cobaltstrike.com/images/buttons/bottom-nav.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.20.171.46 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 15a2e75a4e3d9c1285b2c1ab6a921520cdbbd3d4dda40672aa442e0e2ad16e63 Request headers :path /images/buttons/bottom-nav.png pragma no-cache cookie __cfduid=de8108a988ec1bb90f46e41e92f0962b01518084577 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.cobaltstrike.com referer https://www.cobaltstrike.com/css/style.css :scheme https :method GET Referer https://www.cobaltstrike.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Thu, 08 Feb 2018 10:09:38 GMT cf-cache-status HIT server cloudflare status 200 etag "14f8cc780a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png content-range 0-3547/3548 cache-control public, max-age=86400 cf-ray 3e9dcb66bc58970c-FRA content-length 3548 expires Fri, 09 Feb 2018 10:09:38 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 101 B	16ms 16ms	Image image/gif	172.217.22.46 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j66&a=902536765&t=pageview&_s=1&dl=https%3A%2F%2Ftrial.cobaltstrike.com%2F&ul=en-us&de=UTF-8&dt=Request%20Trial%20-%20Cobalt%20Strike&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2095422621&gjid=1049757933&cid=979224860.1518084578&tid=UA-12050498-10&_gid=101603966.1518084578&_r=1&z=1712502295 Requested by Host: trial.cobaltstrike.com URL: https://trial.cobaltstrike.com/ Protocol SPDY Server 172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s16-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://trial.cobaltstrike.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers pragma no-cache date Thu, 08 Feb 2018 10:09:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clearText function| writeText function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cobaltstrike.com/	1970-01-18 13:42:50	Name: _gid Value: GA1.2.101603966.1518084578
			.cobaltstrike.com/	1970-01-19 07:12:36	Name: _ga Value: GA1.2.979224860.1518084578
			.cobaltstrike.com/	1970-01-18 13:41:24	Name: _gat Value: 1
			trial.cobaltstrike.com/	1970-01-18 22:27:00	Name: session Value: c02dbc86-1c03-4839-88fa-22afc270dfd1
			.cobaltstrike.com/	1970-01-18 22:27:00	Name: __cfduid Value: de8108a988ec1bb90f46e41e92f0962b01518084577

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
trial.cobaltstrike.com
www.cobaltstrike.com
www.google-analytics.com
104.20.171.46
104.20.50.67
172.217.22.46
216.58.207.74
01a15f7b925fea1236cb579cc7999e13d17b81642c42e5e3c42782813cf6aa3d
08aa72fac3d52f497d6158d4e796190cc31152cc1ac8808723d9eb7197e37da8
14b1adf18e1820e18a114499d2890bd7198d4f76983ae75fbad856e8acc373fe
15a2e75a4e3d9c1285b2c1ab6a921520cdbbd3d4dda40672aa442e0e2ad16e63
23c5261235244a69b336cf8a554ea6d3d24ebb5a535c360b7ae2bf88e06cc3de
6007e789b7f0c04474fd41a25af73a5654c213ec3af878bf6e94d8f233fbffb7
6836a42fd2154f83bda16bf5281d07ff06e203f99da44ea8cd7f67db6d6ebfaa
7e188ce20ec98dc68e6325bddb607f097fee0429824e472bd087cd46d2fe0c69
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ab8446370cd0672b068a02511886aacfce36f2ba8a3018fdff3c15dadeaae1d
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
a79dbc0c2e362f1d1274979bb95fc5531c6bc9c6df5e828913ef78de1adc550e
afecd5e18467063cc3502c0a8b08cf9784eed95003b218e134e7b64f6b79328d
d4d2c304d4c6cc15f5a1cd73a532b2b6dc01b5f72a5c3344584bd4f8e5b5ae9e
d6d0973cd5e62f94a02ce5e8e3d7cbc0c96ee154d5c8d0ce8047a729a31f5eb1
dad076141e6b2ee9cbda8f90fb0f0cc4864fca66a42c87c7cf1dc8c250f92f28
e16eef6e0842af5876381478565d6e7ee4d8d03e80a7a378fe875089d009883f
ea21b85f3358f0c7e34eefe1a6b27576e7bdc6d6b18cfd9f121838148b208aab
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7