www.cobaltstrike.com Open in urlscan Pro
104.18.14.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cobaltstrike.com/
Effective URL:
https://www.cobaltstrike.com/
Submission: On February 02 via manual (February 2nd 2023, 12:34:36 pm UTC) from IN — Scanned from DE

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 62 HTTP transactions. The main IP is 104.18.14.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.cobaltstrike.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 10th 2022. Valid for: a year.

This is the only time www.cobaltstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.15.56 104.18.15.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	104.18.14.56 104.18.14.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.227.219.116 13.227.219.116	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
16	52.222.236.93 52.222.236.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 1	52.222.139.7 52.222.139.7	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:8000:4:d683:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.98 13.227.219.98	16509 (AMAZON-02) (AMAZON-02)
1	54.82.139.21 54.82.139.21	14618 (AMAZON-AES) (AMAZON-AES)
62	10

1 104.18.15.56 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.18.14.56 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.219.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-116.ams54.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.236.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-93.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-7.ams50.r.cloudfront.net

static.helpsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:8000:4:d683:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fortra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-98.ams54.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.139.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-139-21.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cobaltstrike.com 1 redirects www.cobaltstrike.com	904 KB
23	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2908 consent-pref.trustarc.com — Cisco Umbrella Rank: 15217 consent-st.trustarc.com — Cisco Umbrella Rank: 30157	218 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1468 ka-p.fontawesome.com — Cisco Umbrella Rank: 3405	96 KB
3	gstatic.com fonts.gstatic.com	70 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 30347	2 KB
1	fortra.com static.fortra.com	158 KB
1	helpsystems.com 1 redirects static.helpsystems.com	265 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	66 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1001 B
62	9

	Domain	Requested by
27	www.cobaltstrike.com	1 redirects www.cobaltstrike.com
16	consent-pref.trustarc.com	consent.trustarc.com www.cobaltstrike.com consent-pref.trustarc.com prefmgr-cookie.truste-svc.net
6	consent.trustarc.com	www.cobaltstrike.com consent.trustarc.com
5	ka-p.fontawesome.com	kit.fontawesome.com www.cobaltstrike.com
3	fonts.gstatic.com	fonts.googleapis.com
1	prefmgr-cookie.truste-svc.net	www.cobaltstrike.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	static.fortra.com	www.cobaltstrike.com
1	static.helpsystems.com	1 redirects
1	www.googletagmanager.com	www.cobaltstrike.com
1	fonts.googleapis.com	www.cobaltstrike.com
1	kit.fontawesome.com	www.cobaltstrike.com
62	12

This site contains links to these domains. Also see Links.

Domain
download.cobaltstrike.com
cobalt-strike.github.io
www.fortra.com
www.coresecurity.com

Subject Issuer	Validity	Valid
www.cobaltstrike.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-04-10`	a year	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.cobaltstrike.com/
Frame ID: 530E587F362A941A5E8DDF10D22EF284
Requests: 42 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: D3857F1703FCF45696F00B9CF0878E35
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: C16A1EF8F226AC9CA46B9B2341779F7C
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 305AB91B62BC1CAE8FA4CD3F920AED45
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
Frame ID: C38996D14E206CDB6214ADC10C5742F2
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: F8648D2C710DBB266E1DF887F94EC225
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 592769022EAE6A0343824FBD6EBEF7A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cobalt Strike | Adversary Simulation and Red Team Operations

Page URL History Show full URLs

http://www.cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

1514 kB
Transfer

2996 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://download.cobaltstrike.com/download
Title: Download

Search URL Search Domain Scan URL

URL: https://cobalt-strike.github.io/community_kit/
Title: Community Kit

Search URL Search Domain Scan URL

URL: https://www.fortra.com/

Search URL Search Domain Scan URL

URL: https://www.coresecurity.com/?__hstc=173638140.7cd4c336b7db51dc41ba94289a7e8945.1629149018896.1629339131200.1629385064224.7&__hssc=173638140.17.1629385064224&__hsfp=1865500357
Title: Core Security

Search URL Search Domain Scan URL

URL: https://www.fortra.com/impressum?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.fortra.com/privacy-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fortra.com/cookie-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://static.helpsystems.com/cobalt-strike/img/bg-1.png HTTP 301
https://static.fortra.com/cobalt-strike/img/bg-1.png

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cobaltstrike.com/
Redirect Chain

http://www.cobaltstrike.com/
https://www.cobaltstrike.com/

48 KB
12 KB

503ms
482ms

Document
text/html

104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 68a0b9d929a714c3e242ebb4400453772d274e2adbd1c03bb37f2047a728a92c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7932f6200e549b6a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 12:34:31 GMT
link: <https://www.cobaltstrike.com/wp-json/>; rel="https://api.w.org/" <https://www.cobaltstrike.com/wp-json/wp/v2/pages/8928>; rel="alternate"; type="application/json" <https://www.cobaltstrike.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iB6fxR3H%2FPIpSlXELvYXVZU5IdAyf0%2BQ%2FGt1GWBpmRNwJytNnESu%2B%2BKr39XwLc9fkeWWT%2Fo%2B4nolqRr7PEzKaSfJ4t%2FpHgFnd3FK9MIGyLJCtsTd86jK6SZx6jhXd7%2FG2vWQyqs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

CF-RAY: 7932f61fcc019b43-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 02 Feb 2023 12:34:31 GMT
Expires: Thu, 02 Feb 2023 13:34:31 GMT
Location: https://www.cobaltstrike.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 116ms
53ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

2f9561b879ab22ffb94d2cdfea0315997c8cf6bcd0d9002404400d1d0d18d354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 4170
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
timing-allow-origin: *
x-amz-cf-id: 9iX2JzIRVckQCHbPMF8SefpRy4oR81MPETfeDNYDtrvxf0iO0VyQXA==
expires: Thu, 02 Feb 2023 13:34:31 GMT

GET
H2 200 style.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 94 KB
13 KB 30ms
28ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=15.0.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377d87945daf159f87a1eec8af680a79aa658f957a89cd40eeacc907bd92a0ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 17:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 617196
etag: W/"63cec25f-179e9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVBhWl6VKelQTRz2FgvwWdeKEx8IJzOU4ifOqMocUbF%2BeUyFAMjnCbFCKrYzMSJP89NwFcuAQN4j9Vjs3IMIn1lMeb3EH%2FfWcPXNGw4ZoAzjDYqJ1PnEr5OxVYEr5qluskmkxq5e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a1f9b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 theme.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 3 KB
1 KB 29ms
27ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=15.0.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 17:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 617196
etag: W/"63cec25f-a2e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kauNbA%2BOYpSH94YCO6OYR%2F%2FA4BJV59P9CqDKGyUS5ojlNY%2Fe%2B8lZcdtFbPWRmsJhWvxqriuXO8mSbVWxgcQ%2BkAIwcpcxocZrZezczpPMMxWSo2XY2xsVES2UmyG7cdA74Ns%2F3U%2Fw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a209b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 classic-themes.min.css
www.cobaltstrike.com/wp-includes/css/ 217 B
505 B 28ms
26ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 05:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543374
etag: W/"6361fec0-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Om4%2FkugsjeP8AAu2Jx%2BBmo%2FPATVY2AlL%2BT4dMpRwwwZIcwKJQMekgdoXUc2o0E8mFPdpKAOvmCCMKSc1Rfd9QloZbWy0cJ3HPyd6GXyPOFi6vCUknE8Vttsr%2BeIxvImBs3s2YKC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a219b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 menu-image.css
www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 29ms
27ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 624374
etag: W/"6361affc-d0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJp4uFK56JzZMdCOrUMJGMZxL6qxX43URGccWSy%2B5uth1v9E%2FSeDyfo0up0bnv0GZpR1j%2F5fcwCXEnYvdcjWyDaG1LgwrJtbTqVzpyod2UVUVyeaTEZlLUvZ68iXOKHFW4erdATY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a229b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 dashicons.min.css
www.cobaltstrike.com/wp-includes/css/ 58 KB
35 KB 22ms
20ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539318
etag: W/"6361aff4-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NvXAIbb7qiYsWqvWyc2y7HO82CCilAr7Au9zdNJhwrm6QTjEchAA3IjVl90zk21D5va2JPGtTNN39rlRzr4l%2BxepHXjIfHYcc%2B0MrPySWxGua3JQHw3d9NF1AEhO%2BHWtsounZjO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a239b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 main.min.css
www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/ 211 B
525 B 19ms
17ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/main.min.css?ver=5.2.3
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 617196
etag: W/"6361affa-d3"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12DPPMZ4pC0zfig8iQWhhA3G2ECVYLCxHqEix83UptWCCJYGMpl0qQHmkvVBzyONTPwMZRn%2FKVGSyCs59wJM1PZdeIG2SX%2BVaHEm4yWUocLHSW3L%2FEctkWKA5NfQtsahBt4Z%2BTpP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a249b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 child-theme.min.css
www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/ 358 KB
51 KB 29ms
28ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf627256fb3cadccf0da8de3947f51a76873a76584dbaf65d394e079c5e3ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 617196
etag: W/"6361affa-59990"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVcAXOK1nMKinOA4Rn2IBBwTZgEs7r41tul27oz40Ri9FsRuvU%2FhedxWn1GOcrHvw4RqhniE5Og4sgX7%2BUGKrxdrIJiMN4avLhrMcgu1lUimJl%2BbBlx43wSRpGovNrcLVFAw9DQ8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a259b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 jquery.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 88 KB
31 KB 20ms
18ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 05:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 643750
etag: W/"6361fec1-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLwJ%2B%2Fgy6lQ0%2FLzYEO9qNUilAmEO5BMEcISgKp3f9bCGoeP4sqs0jf0ny74MGfoIrpkAQ75uRxIa2FXeTSq0Zie39AG6sCOO5M1tuAI8hzbV88unH6%2FZD08JEXDHuHXhUN5Ccbap"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a269b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 11 KB
4 KB 29ms
28ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 615107
etag: W/"6361aff3-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAUc2QfLmNhNuheMmRbk0N%2Bb%2Bt%2B9O5pa7snbFObekAn%2Fyuyd%2FGzopOLT7jXViSWOAZMQZWumPzL6E7m1nJx82yenWK07m86jKqZNMtyI8Wpbe%2BQhnG%2FSPkzBgL%2BClQcwwlKexuwm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a289b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 mmenu.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 69 KB
18 KB 29ms
27ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mmenu.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 643750
etag: W/"6361affa-1122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0obm%2BK3ltd0Advv1JUTIcOxE4y%2FjUN7rcNFjSe0fiOXZMQBcrNujSrR77WejfSjmUc8ChvzkaZ4%2BdAyi41bLczyXi8Jnvz5DzMKvufYTVMXkYv67c3SyLnVXTHyJLaKJxezmzFqu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a299b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 mburger.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 6 KB
2 KB 35ms
34ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mburger.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543299
etag: W/"6361affa-19ec"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYh67TFN3FBhE5kAO9Bfhb72CvFSW3YVMqAqFf18PEPpFESmoqw54D7c8CYp1ybDX%2BXofQSMGxVEK%2B2YcIPOZRZt3IzLj2B3VZ4wtCvc8gybOCe6dpI%2FbvSeyedvMdNYOhw8WV4T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a309b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 mhead.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 2 KB
1 KB 34ms
33ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mhead.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 643750
etag: W/"6361affa-964"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssbTOuxfriwdz0Ni1EgaDuM2cLTVk1kjK%2FbDpzdToqQEVxPMwFzvqMhCUS89bpqI92rju%2FHLoCqIvjgHQ9ab%2BsQVRRL3c3v7miCczh11OPPbPPGgqT%2FKJPQ2JSuXUMTN6Rvi57Fh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6231a329b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 dcf00ad2d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 64ms
23ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/dcf00ad2d4.js

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f433b7fd1447fb9ebd43603275f772c6f79825242cc1d827998bd80207a8efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7932f6235d849128-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FxZkAXVDTmPnUy8x6xGi

GET
H2 200 fortra-skyblue-tm.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
987 B 22ms
20ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fortra-skyblue-tm.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 11 Jan 2023 16:12:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539318
etag: W/"63bedff5-5ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7vmi3ZlXAiWOvEhHxdIUY6y6k4YDPl%2Fe64MHFfFNJlhX%2F7A675k6ym3gkIZdZjNn6luodNcr3BoAobJbnEDoCsAvXCUihujwESF2vjjqgajrcNHvIAYbLlsOLfEaszFoulj4mGE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a479b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 cobalt-strike-dark-bg.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 11 KB
3 KB 23ms
22ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/cobalt-strike-dark-bg.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539317
etag: W/"63d2cff8-2c1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l4fI%2BFxjobo%2BJOHuHa7oDL6Lt56uCWTI2vpKZXjYK8MTqQJi7jG8niSny32e1pSVuvhCiaLnJkU5XejggAibeLJqh24KKr%2FkUXTXtb%2FQ7UnZ%2FidGHT6hC7cl1Y4nji%2B7rNJgKZk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a489b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 fta-delta-white.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 297 B
550 B 22ms
21ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fta-delta-white.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 539318
etag: W/"6361affa-129"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U3c3Z19Z6OYU3LgPN3ZhyZ6B8T6bszgVIqHM2Lre%2F6VS%2FIkqOdSjRc2dhJnpUTSFD5QZ8l95OjsdDlspHzgdzuNgVXVsA%2FdmA4mjZQSeoA2%2FX3rArJaXC5h1%2FAnDOOSf%2BfiqABN"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a499b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 Cobalt-strike-anime-guy.png
www.cobaltstrike.com/wp-content/uploads/2022/10/ 235 KB
235 KB 26ms
24ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2022/10/Cobalt-strike-anime-guy.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70232
content-length: 240291
last-modified: Thu, 26 Jan 2023 19:09:41 GMT
server: cloudflare
etag: "63d2cff5-3aaa3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BxYb1p%2FPaVIhAcOSLmkrG1%2FAQbvsUK%2BgU5q3%2FbnA1Zb7YBH4XblJY26mCodsj1tyxd%2FAQRNJLg1Z68Rb9oakvt%2BYi0QPMORkJUlJVu7W6KhsZrKZi6zt7tvq%2Bo9frNokHWqRIBW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7932f6232a4b9b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 pricing.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 2 KB
1 KB 21ms
20ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/pricing.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 610715
etag: W/"6361affa-6a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFnm11oXYkjx258ACemm%2BF1FxHLbpCkMZUj73Rx2vGD2kuERvqSr9hxiagHI972nBdGMsqr2cR5l1mb8Ff8gc85UeQ7TZf3AiUTo0FwQzij26y3viEhXK5EnFMbFUuXBMASiRy%2F6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a4d9b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 in-touch.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
1 KB 37ms
35ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/in-touch.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 610715
etag: W/"6361affa-4f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C7vQPBjcNKMKGV5RBdfw9UIBTLAHu7SQppFpaLlBRANAOjJ8eUeh3zjonSj1b3qG%2BEXJMDe1SUdRrdpQ0y%2FRnxVYTekWHo2MFxgkPZyY1IpUI0emWC4D%2B%2FrS0e1AqTa93djGkez"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a4e9b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 demo.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
1 KB 34ms
33ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/demo.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 70232
etag: W/"63d2cff8-5a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Eo%2BYENETSPyGKR7qrOIbZ9JQGGSxHwZ%2BDruLfBp7XD2OUckEKuBmEUKTa9kM4Jz7y8e00mAtsJr3Pd27fYoMmK94X0VXAC473MY8CUgsjE72Rh6j4VS%2FqjulSDwTjZEyQ3LICjx"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a4f9b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 ssba.js Show response
www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ 3 KB
2 KB 23ms
21ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1674840148
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:22:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 497136
etag: W/"63d40854-c26"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTxDHTCSY04vHhlaBHdg0bOLGGdCTX%2BbMRzrnoyEq7OxBGfqKOSX5l6BZbaJKRBZW50SqBpRP%2Fo06nRlJEJsBP5dpPR8M8x3XqDhNtDbQuPSBNv6e2OFP5ySCIF5t6fP1mBbcIpX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a439b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 child-theme.min.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 83 KB
24 KB 21ms
19ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/child-theme.min.js?ver=5.9.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 643749
etag: W/"6361affa-14cdc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKZIZXH1Y%2FMgV%2BjxRwAQvLlohC8jV%2BPyiq75kRnPd0uOqSFjvCD20dsyzRJoU8BfSOQQ%2BrmP9aVb%2FWSWPrks4LyAVYlCFzeQLu%2FZU1T2XMWnuMm5i3lqEeEROCAns00D9TeU95mc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6232a459b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cobaltstrike.com/wp-includes/js/ 18 KB
5 KB 22ms
19ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 23:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543299
etag: W/"6361aff3-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZKSZ6AKnyq1jcBDDtEIYS%2Fj7y%2FP7Ugh3pPeFd7w4qGgNpI0AVOqsHMY6HBeTHFWK9rYRFH1uROR%2F0oSnUpDnQu7f5VKw8t0rb0%2BHlTLfQK2RreNSj453ycfl8MwXvHw6JR5ZRp%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7932f6233a609b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1001 B 142ms
51ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 11:18:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 12:34:31 GMT

GET
H2 200 v1.7-10255 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
23 KB 16ms
15ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 11:53:55 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 2436
x-cache: Hit from cloudfront
pragma: public
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: _l8U6gGNqDebFioaK0P6kfRaGvxRJY50IMOFu9qX0W9-uyfJHTi_qw==
expires: Sat, 04 Mar 2023 11:53:55 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame D385 7 KB
2 KB 44ms
15ms Document
text/html 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 02 Feb 2023 12:33:56 GMT
expires: Sat, 04 Mar 2023 12:33:56 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
x-amz-cf-id: OWuvwyTG_0tJeCRx7vw4KEHRtTHHds6iHmv8kvUi07kXh7IgSc875w==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
430 B 76ms
47ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&c=5ddc

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 12:34:31 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: XL19JzBqLRRcfJr_5N1HEMzUL-xgHuGf4wNufCyUA63L7sAxgCAoFQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
consent-pref.trustarc.com/ Frame C16A 0
0 59ms
8ms Document
text/html 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19695
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 07:10:48 GMT
etag: W/"5147-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: Dvb5rsO4kZlRDO5qtuCOu8483t9jvBV_mpLzRQ_Et3Wq8fbo2Cux2w==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
529 B 53ms
52ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.9347627047002067

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
timing-allow-origin: *
x-amz-cf-id: T49O3jxjF6j5L4QeQpprey3QCveSBzAfMSyp6F9XI8UiCIB5CZVohw==
expires: Thu, 02 Feb 2023 13:34:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
66 KB 145ms
60ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN4FLFJ

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da6f92d0984e32a48da07f3e21a1804b9a7380f0b2b08f9f81b04799c81eac73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66944
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 12:34:31 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 34ms
20ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 8319358
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7932f6247ef29128-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 40ms
27ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 971936
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7932f6247ef49128-FRA
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 30ms
16ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 686010
etag: "610ae215-a2b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7932f6247ef09128-FRA
content-length: 2603

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 114ms
31ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 162799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 15:21:12 GMT

GET
H2

200

bg-1.png
static.fortra.com/cobalt-strike/img/
Redirect Chain

https://static.helpsystems.com/cobalt-strike/img/bg-1.png
https://static.fortra.com/cobalt-strike/img/bg-1.png

157 KB
158 KB

164ms
46ms

Image
image/png

2600:9000:2204:8000:4:d683:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fortra.com/cobalt-strike/img/bg-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Server: 2600:9000:2204:8000:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: KhusPF34VVOftPiVFsa7UtvDT_9JL68m
date: Thu, 02 Feb 2023 12:31:40 GMT
via: 1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
x-amz-request-id: JJY0Q8PDRAKS0X8Q
x-amz-cf-pop: AMS50-C1
x-amz-server-side-encryption: AES256
age: 173
x-cache: Hit from cloudfront
content-length: 160799
x-amz-id-2: Ay9dvBS/mxieIIPVFct6xTezYimBnWjxBHE7kW7vfjm4zZasGzCEy0tjHJtazLHTjoL/tgQ2znM=
last-modified: Thu, 18 Feb 2021 20:48:40 GMT
server: AmazonS3
etag: "cfca4bd5e4036da8fe6d3c0ca6303801"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: QfLj3jfKcpwdakR1ec4g7W3M1DWk4IKJR1gSfycRT22vY2Mmr9Rh8Q==

Redirect headers

date: Thu, 02 Feb 2023 12:34:31 GMT
via: 1.1 24562ce7bb1d06e6505e84aac2d66ac6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://static.fortra.com/cobalt-strike/img/bg-1.png
content-length: 0
x-amz-cf-id: dd3blbxj808k-pSZyJvI8qJDd-8TW1VRvAKbWt3K8hUrKTodF0TKuQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 142ms
73ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 135886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 fontawesome-webfont.woff2
www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/ 75 KB
76 KB 21ms
20ms Font
font/woff2 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417156
content-length: 77160
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
server: cloudflare
etag: "63d2cff8-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tr5kRfn%2Bo7BI7uQxKbCnuGpM1cG23LGgqnwaBXSL5sc3ixwo8PEEHb9IyQhiRxjEjq%2Fu8pppyjiOP%2Bl%2Bd1RHWAYWqIrXZV2prlo55LrDAu7%2BdfPkMPlOuuvMHrt2q%2BI76qQA6Vy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7932f6248bf39b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 116ms
60ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:57:19 GMT
x-content-type-options: nosniff
age: 193032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 06:57:19 GMT

GET
H2 200 features-screenshot-1.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 100 KB
100 KB 29ms
28ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/features-screenshot-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70216
content-length: 101947
last-modified: Thu, 26 Jan 2023 19:09:42 GMT
server: cloudflare
etag: "63d2cff6-18e3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf1ic7M8eUXZdVm61XW53NLSb%2Bu7T3%2Bu2Eh6BkkiPFQAXENpXKAkurxMyrvDIRVXZAmvb7Gk5dDtbP1S6VzAy0u35PDxOxMZbNuhh8qNEJNDMJnHRmnfJ5zNvheGQ6OQXJVF%2BH%2FV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7932f624ac189b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 comics-cover.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 283 KB
284 KB 22ms
21ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/comics-cover.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 617202
content-length: 289802
last-modified: Tue, 01 Nov 2022 23:47:03 GMT
server: cloudflare
etag: "6361aff7-46c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFjfEyfLqqDvebkQ6oFih7lo%2BdT9xfBKFPJS29nCpCHy6%2FBHKX7Nad6MZSpiBWRAdmVXLBco4b9SpDZtnVgRJ1wgHZmsBpjq2oTZs66Ta%2Fg16TYN%2B7bGp141RH96GWWVIdtDhGKK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7932f624ac199b6a-FRA
expires: Fri, 02 Feb 2024 12:34:31 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 305A 5 KB
3 KB 9ms
9ms Document
text/html 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mmenu.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19695
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 07:10:48 GMT
etag: W/"5147-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: yrb9_3x4_1tv_AHPRGYY49oKPKjrSjNZtnw5Obga9P-vwcdd79BGlQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 305A 5 KB
3 KB 37ms
37ms Script
application/javascript 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"4867-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: B3hZhiK4RvJH4vpjpfuMNzpqW28iWOgU3EPbsiD6waJ-RuSwApG09w==
expires: Thu, 02 Feb 2023 12:34:30 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 305A 20 KB
5 KB 60ms
15ms Script
text/javascript 13.227.219.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-98.ams54.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Jan 2023 16:44:11 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 2231420
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: vyQIvZ2LnwzUMfxox6tj2PfBIMeOq7gGViRQXO52iLOE47_lvtOteg==
expires: Mon, 06 Feb 2023 16:44:11 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 305A 3 KB
3 KB 8ms
8ms Image
image/gif 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 00:50:14 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 42257
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"2608-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 582oes9d-4uE9Q_oPdYMNyctLYH_2OLyGBw5TWHz7j8GfQXf9TFwig==

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 19 KB
19 KB 21ms
20ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
server: cloudflare
age: 525174
etag: "610ae35f-4d48"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7932f6252fb09128-FRA
content-length: 19784

GET
H2 200 pro-fa-solid-900-5.11.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 12 KB
12 KB 33ms
33ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.11.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:41 GMT
server: cloudflare
age: 29228045
etag: "610ae361-2f70"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7932f6252fb89128-FRA
content-length: 12144

GET
H2 200 9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C389 139 KB
46 KB 9ms
9ms Document
text/html 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1323055
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
etag: W/"142492-1672992016000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: KbtmCCsb3YZJoTXW8WyC9HeZhQPJasaFTXM67MOElC8cz4xyIQ4H-Q==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 305A 969 B
1 KB 34ms
34ms XHR
application/json 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: ALwOZZM0KBiJdXVUTdIWO5KG60hw051Jo6phbmTs_V20NmH3XSe49g==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 305A 48 B
623 B 33ms
33ms XHR
application/json 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

48876e6936f0e0d6d9430613f8291aa3611b88a96c0c6a4edb695d2b3321bd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: ROmBK38FHBC2Qxwk4lfDCJpul6q6SFp8yj4n943Z9MXpvNMLjHrgFA==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 305A 28 KB
7 KB 35ms
34ms Stylesheet
text/css 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:34:31 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"29043-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: lAGssxcKyMPv2KHH8zjBSUkmUkGn2kYn7i9P5rUAU94pZK-K4qeBdQ==
expires: Thu, 02 Feb 2023 12:34:30 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 305A 254 KB
87 KB 8ms
8ms XHR
application/javascript 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:02:59 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1323092
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"259669-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: cLzXg83g2wVdiWHfiVhtAo6TuV-muK6oO0PuCf7Nbw_KFRWS-eJUaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 305A 19 KB
8 KB 8ms
8ms XHR
application/javascript 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:11 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1323081
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"19787-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: nWnTs-NakVv1EU89KWWCq_h4roCuifKAWdMtVVial11N1kC2DvbyiA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame F864 5 KB
2 KB 327ms
104ms Document
text/html 54.82.139.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.139.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-139-21.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 12:34:32 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 305A 786 B
913 B 32ms
31ms XHR
application/json 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6de57940f4e65bfbdfedf90150068a0880d58e70e6328ca55ca1bdc2d7f9301a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 02 Feb 2023 12:34:32 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 321
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: U8Pt9EUH5-SOpBcGq4T2CMHLhXreFVJuDF44bvgk-AKUO1EEb7abvg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 305A 24 KB
7 KB 35ms
35ms XHR
application/json 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 02 Feb 2023 12:34:32 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6347
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: bX1n-OEMPF6hQD3uos79kDCfPmx-7GLrys4STFgmrm4rTcpbFqdMIQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 305A 4 KB
5 KB 8ms
8ms Image
image/png 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:21:47 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 25968
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: _vIDkTzFD3aQg4WevX_itwCciyRF7Sl7Lx4YHi71yo0_6xqO-uUA6g==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 305A 7 KB
4 KB 8ms
8ms XHR
application/javascript 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:12 GMT
content-encoding: gzip
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1323080
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"7220-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: zLDDCwzls5Yaq_lljdQ55SGiFKbKgCh__TELBPRiJlARdMrY7KHpVA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 305A 3 KB
1 KB 15ms
14ms Image
image/svg+xml 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Thu, 02 Feb 2023 11:41:53 GMT
content-encoding: gzip
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 3159
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: O1sY18HVVg26pNH_eM91HLqAyw8BR7Ujh4hOdBfuT6dNKfLrqae-eQ==
expires: Sat, 04 Mar 2023 11:41:53 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 5927 2 KB
1 KB 8ms
8ms Document
text/html 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42256
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 00:50:16 GMT
etag: W/"2008-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: MO0M7CLnN_6j7zhgo_hOKj8n2rQqhIcFI--uw_Ak4K_WLoeByJxGCQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 305A 4 KB
5 KB 10ms
9ms Image
image/png 52.222.236.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-93.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:21:47 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 25969
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: eZxYsJl3lzUVnwWD233QJbCwhjLgTCCfn8r2_8ledhkVKUqaKJfVEQ==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cobaltstrike.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
prefmgr-cookie.truste-svc.net/	1970-01-20 09:22:21	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 09:22:21	Name: token_test Value: Thu Feb 02 2023 12:34:32 GMT+0000 (GMT)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
prefmgr-cookie.truste-svc.net
static.fortra.com
static.helpsystems.com
www.cobaltstrike.com
www.googletagmanager.com
104.18.14.56
104.18.15.56
13.227.219.116
13.227.219.98
2600:9000:2204:8000:4:d683:27c0:93a1
2606:4700::6812:1634
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2008
52.222.139.7
52.222.236.93
54.82.139.21
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd
0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff
19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429
224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2f9561b879ab22ffb94d2cdfea0315997c8cf6bcd0d9002404400d1d0d18d354
377d87945daf159f87a1eec8af680a79aa658f957a89cd40eeacc907bd92a0ef
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
48876e6936f0e0d6d9430613f8291aa3611b88a96c0c6a4edb695d2b3321bd48
554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bf627256fb3cadccf0da8de3947f51a76873a76584dbaf65d394e079c5e3ced
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f433b7fd1447fb9ebd43603275f772c6f79825242cc1d827998bd80207a8efb
63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781
68a0b9d929a714c3e242ebb4400453772d274e2adbd1c03bb37f2047a728a92c
6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d
6de57940f4e65bfbdfedf90150068a0880d58e70e6328ca55ca1bdc2d7f9301a
6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb
903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33
9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9
a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
da6f92d0984e32a48da07f3e21a1804b9a7380f0b2b08f9f81b04799c81eac73
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f
f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8
f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10

www.cobaltstrike.com Open in urlscan Pro 104.18.14.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

42 %IPv6

9 Domains

12 Subdomains

10 IPs

3 Countries

1514 kBTransfer

2996 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cobaltstrike.com Open in urlscan Pro
104.18.14.56 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

1514 kB
Transfer

2996 kB
Size

3
Cookies

62 HTTP transactions
0 data transactions