urlscan.io logo urlscan.io
SecurityTrails logo

hstechdocs.helpsystems.com Open in urlscan Pro
99.84.140.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cobaltstrike.com/help-externalc2
Effective URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?csh...
Submission: On February 02 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 74 HTTP transactions. The main IP is 99.84.140.94, located in United States and belongs to AMAZON-02, US. The main domain is hstechdocs.helpsystems.com.
TLS certificate: Issued by Amazon on May 11th 2022. Valid for: a year.
This is the only time hstechdocs.helpsystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.18.14.56 (None, )

ASN13335 (CLOUDFLARENET, US)
www.cobaltstrike.com
48    99.84.140.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-94.nrt57.r.cloudfront.net
hstechdocs.helpsystems.com
5    2404:6800:4004:811::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
jnn-pa.googleapis.com
2    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2404:6800:400a:804::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2404:6800:4004:825::2006 (Australia)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2404:6800:4004:81c::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2404:6800:4004:810::2016 (Australia)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
48 helpsystems.com
hstechdocs.helpsystems.com
1 MB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
835 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
79 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 189
32 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
static.doubleclick.net — Cisco Umbrella Rank: 214
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
24 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 229
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 cobaltstrike.com
www.cobaltstrike.com
443 B
74 10
Domain Requested by
48 hstechdocs.helpsystems.com hstechdocs.helpsystems.com
8 www.youtube.com hstechdocs.helpsystems.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google-analytics.com hstechdocs.helpsystems.com
www.google-analytics.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.googleapis.com hstechdocs.helpsystems.com
1 www.cobaltstrike.com 1 redirects
74 13
Subject Issuer Validity Valid
hstechdocs.helpsystems.com
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Frame ID: 1489860F16432CB5B29F2928EAAB38FA
Requests: 53 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7FqCDWRMm4A
Frame ID: 0B2C4E2D8E90F353F00F6FDA535AD2DF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

External C2

Page URL History Show full URLs

  1. https://www.cobaltstrike.com/help-externalc2 HTTP 301
    https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
  2. https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

83 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

2365 kB
Transfer

4734 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cobaltstrike.com/help-externalc2 HTTP 301
    https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
  2. https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.cobaltstrike.com/help-externalc2 HTTP 301
  • https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Request Chain 57
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.htm
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/
Redirect Chain
  • https://www.cobaltstrike.com/help-externalc2
  • https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12fe0abd29df3cb40f74a957e7a47ffdecf3f7bf37f413b7115faa2459e3c4c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
1226
content-type
text/html
date
Thu, 02 Feb 2023 02:20:52 GMT
etag
"be015274f698ca345454b883a6f46a75"
last-modified
Mon, 21 Nov 2022 22:51:26 GMT
server
AmazonS3
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
x-amz-cf-id
jfzoJH5r8d_-E3EaDvCBu8jfXl_YJpQb6BNDLzYCfZPUdYtRINyaTw==
x-amz-cf-pop
NRT57-C3
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
2W.6LgeDd1MP5Nonq99gsoSafeNtzaiZ
x-cache
Miss from cloudfront

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
792f732c5b6e2639-NRT
content-type
text/html
date
Thu, 02 Feb 2023 02:20:50 GMT
location
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm#cshid=1043
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlaGmtlHVHqTceORcHboglYPS%2FvtEStyhSnMnJRbBI5UvTszKdHbNvUJW0c9aN0sBUJed0i9C79I6nF7Q6g%2BFGUE08aVPb6tp252UNRQ9kwVgyKJ1oclD%2BpH18GZXZV9nhKCxsS4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/jquery.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
o5SJHxCLxUx8kg2_eUhmlWdbdFvQFsec
date
Wed, 01 Feb 2023 08:06:53 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"001af2052881c691d04fa77b25417a19"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
89622
x-amz-cf-id
DI8ik2XdsnJ8Yiw4PcroJAw93Et-tiYbHuRHktqvh8_CMn3b4aoc1w==
plugins.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/plugins.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
KMtX6GtXnxjBPK7O8BqH.ATVNVEnJm_z
date
Thu, 02 Feb 2023 01:23:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52175
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"d644b250a1d355b0608ee2a3b1109d9e"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
10689
x-amz-cf-id
0K-Ty-fgSpDCrkm_cw8BG3qjAZzElEoQ7TRaMpUbl3WCLIVb19lKdA==
require.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
EF_MSWwU4msnD1sjz4K9WFEh37V1CyJl
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65637
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"628bedaba6207d17730b80862faf8c6f"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
20484
x-amz-cf-id
pmTbsvrhNHVAyVumSwzFrkKDloWsBpDWmH670YBKO8COnABoEn7utA==
require.config.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		58 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.config.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69df1928650b1168844762c3f1c7200cbc37e5af0e1086b5ddab662d80972415

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
j3ty1wSCZGZvQOvmmnfQA_kMLrNnCd0q
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65637
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"22ab07d68d1e52635af6f1bd8267a42e"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
58
x-amz-cf-id
2Gfltt_kiLNWYy5YhC5T-bWrGWao6P4fbYZ_rXUciZpqPBDjua6bUw==
MadCapAll.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		240 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:17 GMT
x-amz-version-id
woVsPZb75faHspEJ8hXWpiX0Euk_tYK4
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52175
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:17 GMT
etag
"a626b1957ef3256014ff1a17fbde6554"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
246089
x-amz-cf-id
JFl6J3KUP0nFz0fgnJuB6J0rskyRI77obl8RzozB6YLe-lZu7OGwBQ==
HelpSystem.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/HelpSystem.xml
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df0ae40d429f0d8a51a63e89ffaba72c0408748ff96dca3cd00700ad224e9b0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:19 GMT
x-amz-version-id
Cghj9WTAd1b7V1VWCv7wvURN0DbHcLDQ
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52173
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"e44606535278f5659414a6a04505c9c6"
x-amz-server-side-encryption
AES256
content-type
text/xml
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
1488
x-amz-cf-id
DlLtz3kne7CWcLUbuDv89ds1mi1wINck_2t_dbS7dO0mQ8QXXThD9w==
Breakpoints.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		64 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Breakpoints.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:36:27 GMT
x-amz-version-id
y465BqGT.t0e_lLRWJqVPrPi0mpH6V9i
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
85465
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"4ad085a7d23bb1f99cfc1d0f101ff6f1"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
64
x-amz-cf-id
irC5taR4NQw4LXXuHpjdUCtFz08BvhQGv2oDD-CKQPBu1YYWUdF2vQ==
Language.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Language.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6702ffe23e3f07e8f54a0265df9d70ee7f6df72846a84bd929aec787b6f2cf19

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:36:28 GMT
x-amz-version-id
hB_.t6KT_zwYci45m4HZbhkHnu7kvHwF
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
85464
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"73ba6639ce67e2ec91a412291be67088"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2298
x-amz-cf-id
-BdGZpib5KdVhXi6nXs-rVqro-29OdOeU1PyvoSzrAIQE8hUiIErjw==
Alias.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Alias.xml
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
sIV11R2Nimk_bEMl24O8RHSPh96NZMRk
date
Thu, 02 Feb 2023 00:59:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
4878
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"831037988c5d343e01cf1dd3365ea6a6"
content-type
text/xml
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
12866
x-amz-cf-id
lK9aXOC3ocQO8XLCbmVZFBvURjq5jyLnfLzsMQzRO7Jw_44X9oBDJQ==
transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/transparent.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
SPf7TL3uHXqj7skNwhui3ZoxIzQn0_ax
date
Thu, 02 Feb 2023 01:23:37 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52171
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 15 Oct 2020 22:10:28 GMT
etag
"50085591b69ee0da3fa16386d95d0f9d"
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
832
x-amz-cf-id
bq7jtXS8xIOXAxISX3vnjTMHlfHCCb6P7IjXXXIlDuzHBqHmguNYeA==
Cobalt_Strike_UG_TOC.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:21 GMT
x-amz-version-id
zX0puXyBrREoim6A8Kx91UU1fidWMzRC
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:24 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52171
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"bc66f26c747e1d3477c25b5c069ad147"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2450
x-amz-cf-id
2tQsnsAqLfnI6FQaJgU89QKJAwXL5cy9g8XyM6rLQM3uNUXSeGvQ9A==
Primary Request listener-infrastructue_external-c2.htm
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/ 		22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2367dc71254904b9769c9d147e67c8bcadd6c4e30cd83ab638786bfecbaada42

Request headers

Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
22503
content-type
text/html
date
Thu, 02 Feb 2023 02:20:53 GMT
etag
"41c7aeb2d0003506c7961717a305e4ba"
last-modified
Mon, 21 Nov 2022 22:51:36 GMT
server
AmazonS3
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
x-amz-cf-id
raS-vPIL6wTH6CoHcKAzhLhbz2IZZ50iLsCtjCPBIHX4EVZG4VnDpQ==
x-amz-cf-pop
NRT57-C3
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:38 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
Fyc5QfWNqWzK9piV8VscRihrR3ZZpKii
x-cache
Miss from cloudfront
Cobalt_Strike_UG_TOC_Chunk0.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC_Chunk0.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
uE46XxX0lypJlzwQexIdmSmJCzF4ZtNa
date
Thu, 02 Feb 2023 01:23:39 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:24 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52170
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"53e889bb5510d871c3c799e1f3a122f5"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
16245
x-amz-cf-id
x-HTXoP57Y3YElsXqSfrHRdYgRGi7Skw7uOyDVh1HogCpQvJcLGM4g==
Slideshow.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Slideshow.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
907a8e7e872c30786840066a4ec22623849cdedc20bccdc6147dfae3792f7888

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
ILEqrXFPsaUjx1jsi8RtOUa.Ucr2t_ML
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 15 Oct 2020 22:10:28 GMT
etag
"1211b07a15a80a14cba65d45aaaf732d"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
4649
x-amz-cf-id
P2UdqVHH7RvVF2iXxnAF54HiktYSRC2Kk8A89BZR7pEG2GLhifsijA==
TextEffects.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/TextEffects.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cda5089fa7c598fa745f5d81cfbc30187cfa9fa17ff8716baf9fa7ba1722938d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
V_CbUgFA8wSWZ5OEDWkAh3z6yDpzMLPk
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"8c610442517fd95c8cdea70d98608f69"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
17003
x-amz-cf-id
v28UORh0I6aoOgxNtSVRhaJHAocjULFvIy-S7BY4Dw8-nNoUpTp9kQ==
Topic.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 		12 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Topic.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0f7e0093b88c8fcf03fa104678f17bdc3c17274c4dac88fc679ad39a1819a80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
FAaSFRO9fPrRgiowrP0mWnYt0_FvXalO
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"5850cc69942162bf8c06f7c4adabef24"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
12436
x-amz-cf-id
U0ZvamJm7vNZZVXo8uXvbSsZ6bPng8QltkNSbsu2FCVm1FAseFhuYw==
Styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Styles.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04af8660ffde8ceb2bb206f7bc39ccd1cff10d9dc7e0cc146472f0a8fa8a85ac

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
znoI8g39WWK59jE_pOLlwdbpJokLz_KT
date
Wed, 01 Feb 2023 08:06:53 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65639
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 26 Jul 2021 21:54:16 GMT
etag
"c218dbd528e2e251e24c2ec861f2c881"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
13593
x-amz-cf-id
HwNOruXkOmX4fmGqhaqPI6X9lNlFFXl9ROukS1D2HH9g7Fj6vc8tVQ==
Tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 		366 B
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Tablet.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54a07208f16224d3a0d59db883e4e086f5d8b9bffc905b70645b3609b7d0c840

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
_5E..dJKkZUpjl7tEXzttasr_N7GAl7V
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"40809da8040894bc4a05c73a13b467d6"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
366
x-amz-cf-id
GgPZmbmLWqPeGLA-Y1yPPchUr1ZcXtUth9ZR9lU7TWMqde1jqMAaYg==
Mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 		105 B
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Mobile.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
431f9715c23f40305b0f3d03a407a6f21e3f97579d490fd56585a0844a36960c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:15 GMT
x-amz-version-id
5Z6QGUt4oxT0tiKi3u6W7Gh18N0rBBQF
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"ddc8b86d2e3cc1388b02357bb7a10e02"
x-amz-server-side-encryption
AES256
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
105
x-amz-cf-id
xox422KDxrWjqtFI71IpDBqQELQBBJxNrMBkLcN_J5X3VG0owrvE4w==
foundation.6.2.3.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/foundation.6.2.3.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d2d9f0002583aeda0e46f8fa4ef37ec30d3dc102942ff8f884c4cd98ed4999

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:15 GMT
x-amz-version-id
395Fp4sKZwrcgnFNeiwky1AF_9gxv24m
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-meta-cb-modifiedtime
Thu, 15 Oct 2020 22:10:28 GMT
etag
"470c2b18ffc080f79566e5b227f0544b"
x-amz-server-side-encryption
AES256
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
52745
x-amz-cf-id
_dN-TdsBUnT-zBzZHcm1781dfhAwvVebXwhZNzxwGjmGmNQ1CJ9FEQ==
styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5dc552324f5a3166c2d6f2e1ee7fc4868e45143cf63c3dac835dbd1b1eefd55

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:15 GMT
x-amz-version-id
jRzNELuZI2yUFdBx2CvfdUzuA0FPCDwl
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:39 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"c715ea633afee40e1f28c1c0ff68cd6d"
x-amz-server-side-encryption
AES256
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
25272
x-amz-cf-id
4QGj_pn-HMVlPVtqUqsW0GbI7valxnMm2RXEF13Rlqp2H6DFikUrBw==
tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/tablet.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53cd63412cf6a3363aaa76848338e65ac46397388646495c4958c607094041bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
uoZbgJS2OYsRAC9QJ3MTu1v5nPWUoyRS
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:39 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"c2ca2cf1f2973715448156b578d0759b"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
10713
x-amz-cf-id
EM0XKMI1-mYK26iIzWsTAlFgqMnve4Wl2k8dMxtMXi7S7sQi6nmYWQ==
mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/mobile.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95bd7dd591469b031987b4a920c50ee0ca38359ebdc9dc4d47155e510c6a2b1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Z4ldKS09ELmW6Pq.musv7T8olS2NVFyv
date
Wed, 01 Feb 2023 08:06:53 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65639
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"057ddf9f9032c2448a26c7fb0b9f3bfc"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
7782
x-amz-cf-id
dI0I6O6YwQFSmqUXWCw9k-BqX7FJNHUR6oGyaz69Ue5sDjoLtCdsDQ==
corp_main.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4769ff3f0104d49a4c7f1fcd36f090def35c5811427936c5e73fdefa1e327da2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
XS0uqFiIN87Ol8bJqxIyR.zVh1a.PyiY
date
Thu, 02 Feb 2023 01:23:33 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:53 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52178
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:15 GMT
etag
"a7ade7df6d91b52634725a26877ea58f"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
16586
x-amz-cf-id
fZ4AuQotXudItLkBGz3qK61kls6H29WbNWKXBWjZEpvm9cBPdSE3Kg==
jquery.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/jquery.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
o5SJHxCLxUx8kg2_eUhmlWdbdFvQFsec
date
Wed, 01 Feb 2023 08:06:53 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65639
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"001af2052881c691d04fa77b25417a19"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
89622
x-amz-cf-id
vrNgX1yyuDM3xY2RuU6Y8IUt9rD7rNzqTaTJWg1RITD6Hd0dENeBWw==
purify.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/purify.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8085fad7ca10d1a9b7431a4ca40080550e73670110d6d665e2d3b12903536ca0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:17 GMT
x-amz-version-id
b1lvt5Khzvvfpr6rdbcij0HDho3bt_b1
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52176
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"c36b1526203b23a39460e54586951b75"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
15433
x-amz-cf-id
sGwtkYOW3foMmLXI0Y_sJmCbsuqIG2u8UOndzb3nlaI1TJjowj8S1w==
require.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
EF_MSWwU4msnD1sjz4K9WFEh37V1CyJl
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"628bedaba6207d17730b80862faf8c6f"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
20484
x-amz-cf-id
npaE1O5hIbmUCrw6qghVlEbDPjpOZQtKYxi9l2T-wyCfUk3Pv8d2aw==
require.config.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		58 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.config.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69df1928650b1168844762c3f1c7200cbc37e5af0e1086b5ddab662d80972415

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
j3ty1wSCZGZvQOvmmnfQA_kMLrNnCd0q
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"22ab07d68d1e52635af6f1bd8267a42e"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
58
x-amz-cf-id
U7eNEY-VUZ8IGHMtI5zHleVk_G5WzXdD63BzZN7brTLJL6-DdQyKkQ==
foundation.6.2.3_custom.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		121 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/foundation.6.2.3_custom.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85cc4b524366e88b27e3f2fb26b59acbb7f327011615a1abfa4e7a7220be5f20

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
p1MiARigl1xsjcmYln5SBBjOoObpfVG6
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"44ea9cd6ee71409e30b9ea0668972544"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
123414
x-amz-cf-id
lOI601_8F9Ilf4TmG-U_TcqQenpn9ezraP5ZeMaYMz84SyHUmAJV6w==
plugins.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/plugins.min.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
KMtX6GtXnxjBPK7O8BqH.ATVNVEnJm_z
date
Thu, 02 Feb 2023 01:23:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52176
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:16 GMT
etag
"d644b250a1d355b0608ee2a3b1109d9e"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
10689
x-amz-cf-id
ED0imCJQdZbNSlkNxZdqADD5VkAylTVNXKceCK_Pbyx0cxC6MFcFEg==
MadCapAll.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 		240 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:17 GMT
x-amz-version-id
woVsPZb75faHspEJ8hXWpiX0Euk_tYK4
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52176
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:17 GMT
etag
"a626b1957ef3256014ff1a17fbde6554"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
246089
x-amz-cf-id
LJjMr0CBuzsW-Ud3XxyxGWa44lZJrJGZhud9Y7wSWzBki7hiw1Qiwg==
modernizr.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/masterpages/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/masterpages/modernizr.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0aecc28f89e1994a928a7c982bd847c6606bbc19ee3c6e2287ed717ca04d369

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
oWhfDQevg2PpJRjETIbSkEfcvK5nHGWp
date
Wed, 01 Feb 2023 08:06:53 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65639
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 01 Sep 2022 12:51:27 GMT
etag
"f94e4076c81974f5aedecbd1a9af925c"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
17129
x-amz-cf-id
BmNhjtCouG7I19rlqU7ujlLilAeSk_BuRFZLb5mlXSbIWrFS2RJxtA==
external-c2_new-listener_4-5_thumb_300_0.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/external-c2_new-listener_4-5_thumb_300_0.png
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
046cb2256a7a22bc97f512652a4941b02e1ffa6bcd63bd4000afe129cac33aa5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
x-amz-version-id
ydLxnw_VsfQ5vjzdwM0bTjwvxb.s6o1p
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:08 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:22 GMT
etag
"f2379c16bd123b4ce0535a282f4ead06"
x-amz-server-side-encryption
AES256
content-type
image/png
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
22483
x-amz-cf-id
d5OHYD8FQMlTlDhz0gG_BgHdXHqk6OG8pINx2OKQgZ5fI_ihnZBSFw==
transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/transparent.gif
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
SPf7TL3uHXqj7skNwhui3ZoxIzQn0_ax
date
Thu, 02 Feb 2023 01:23:37 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52172
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Thu, 15 Oct 2020 22:10:28 GMT
etag
"50085591b69ee0da3fa16386d95d0f9d"
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
832
x-amz-cf-id
vSuHCgGPn7r6lMONvktDJ7xwQBLYvtKqW21biO1layj535QT_A-biQ==
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono&family=Roboto:wght@300;400;500;600&display=swap
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d9aa0dab1c2906b6de2245ef234cc2317249c437c06efa9dad950cb84290d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Feb 2023 02:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 02:20:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Feb 2023 02:20:52 GMT
styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/styles.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
733dfcbad6bd5a63c9853d9d36de23a55a9c3b2097172ac5a16dafe45c195a55

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:16 GMT
x-amz-version-id
dFKQftU74vSCZG.RqVDaGiJ2cnQ9Kv2K
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52177
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:15 GMT
etag
"da1b7aa431270d140d1a3a67c3862f37"
x-amz-server-side-encryption
AES256
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
8250
x-amz-cf-id
gDs9FVxvCVP8XFcYbMnqvVGBEAbq7pAiYduAVuZfPz7CmG2n015kaQ==
variables.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/variables.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f44df084332082eee5c6eaeac57160c12e198fb2ddd619cbfdf1177f706e9cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
ya2FVC1nhOiG_wvBCJO1tziNUVPA70vV
date
Thu, 02 Feb 2023 01:23:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:54 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52177
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Wed, 02 Nov 2022 21:30:14 GMT
etag
"320d634c55dd8a612d72794bd5e907e0"
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
7549
x-amz-cf-id
LL3sdjT609EFIwjmBp1OwfqfrCurvxfbYLQ_Gm8YWYlq0DYy0o7MHQ==
skin_override.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/skin_override.css
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44bbe1897c80202474d492a3d5ec2417fab1521d7260fce1a9f753da63058f85

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:16 GMT
x-amz-version-id
6svuDNNo7U2mQnUMdTIbtyhWEadfu_0X
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:53 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52177
x-amz-meta-cb-modifiedtime
Thu, 01 Sep 2022 12:51:27 GMT
etag
"eb9970788642d6b3a3f5dc9c70511556"
x-amz-server-side-encryption
AES256
content-type
text/css
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2187
x-amz-cf-id
46bJdscVf28LIYMnQHMYjo3QhPGNaxneUnkAZbWErTbgPpFCxWhIYg==
roboto.ttf
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/roboto.ttf
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/corp_main.css
Origin
https://hstechdocs.helpsystems.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
W1Iqf.X18ndG.J_SjBfUHOegCEQvhLwO
date
Thu, 02 Feb 2023 01:23:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:51:53 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52176
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Wed, 16 Dec 2020 20:17:18 GMT
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
content-type
application/octet-stream
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
162876
x-amz-cf-id
zt4t2zK6ydqORu94BNur-mQA_RVfTQTvzwhJsy0TrEstCDzS6Q40ZQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 00:47:22 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5610
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Feb 2023 02:47:22 GMT
logo-template_Corp2022-skyblue-white.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/logo-template_Corp2022-skyblue-white.png
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
909a723379c690e8810df3a4ede43faad8e27fd12a00966b01c2c6995619a093

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
2Mk_40PBRgedgWGBNK2k5GKernZ7raLc
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"a2acb68a1c3f3f9f8b31bf5392bd46bd"
content-type
image/png
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2313
x-amz-cf-id
si5qLkw2U_t09p2G1d5iRh9x3rNQi0Yx1gxvBi-Xk50BLX5U25VH-Q==
icon-search.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ 		397 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/icon-search.png
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
daf70904ba34bb981e4fa4b3c7677b92a09a6bc5f412ecbfca79c2bccb2a1293

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Sqfa3QHYF2et08lJJQpZl2D0gk0.TofF
date
Wed, 01 Feb 2023 08:06:54 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:38 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
65638
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:41 GMT
etag
"135b7e56c2f54f07e5148a37d3ca3d77"
content-type
image/png
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
397
x-amz-cf-id
2UcA4zlivMgOfziWJwxxKRdS8w9aocdr44ISZu_sebg2tJHlhWSA1Q==
7FqCDWRMm4A
www.youtube.com/embed/ Frame 0B2C 		68 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/7FqCDWRMm4A
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75e3b1669261ab3c5c443dcb1535ebd7d3dc0c25cefe16e0ca420207a26f40fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hstechdocs.helpsystems.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 02:20:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
mcCloseArrow.PNG
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/mcCloseArrow.PNG
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Topic.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cefa0e0b413708f8446f7b44d903a81a474b3899047a3efd54af8dd034fbaf8a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Topic.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:20:54 GMT
x-amz-version-id
X7mkCQ1F28l_sYfciMrUPpuRPJWJMiXP
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
x-amz-meta-cb-modifiedtime
Wed, 31 Aug 2022 17:30:18 GMT
etag
"dc9a14fa4f12eacc09fce9b6cb03dc99"
x-amz-server-side-encryption
AES256
content-type
image/png
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
14579
x-amz-cf-id
cU-u4yf9pMifGBVjFehEm29uFa3-KGKEn2BHLy_dmVIYyrb14aXOXg==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono&family=Roboto:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hstechdocs.helpsystems.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 18:49:45 GMT
x-content-type-options
nosniff
age
459067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 18:49:45 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono&family=Roboto:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hstechdocs.helpsystems.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 18:59:12 GMT
x-content-type-options
nosniff
age
458500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 18:59:12 GMT
HelpSystem.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/HelpSystem.xml
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df0ae40d429f0d8a51a63e89ffaba72c0408748ff96dca3cd00700ad224e9b0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:19 GMT
x-amz-version-id
Cghj9WTAd1b7V1VWCv7wvURN0DbHcLDQ
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52174
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"e44606535278f5659414a6a04505c9c6"
x-amz-server-side-encryption
AES256
content-type
text/xml
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
1488
x-amz-cf-id
YbvP0Y8Y4s1jXoTKI_82MoPbHHF9Tx59mZ1alNBtHWT5WaqkPpd4JQ==
Breakpoints.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		64 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Breakpoints.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:36:27 GMT
x-amz-version-id
y465BqGT.t0e_lLRWJqVPrPi0mpH6V9i
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
85466
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:40 GMT
etag
"4ad085a7d23bb1f99cfc1d0f101ff6f1"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
64
x-amz-cf-id
YQt_1kPii8LD3HOu9janvgHt0ku33aMQX2KdTOaTONR4OYCTqgvaxw==
Language.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Language.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6702ffe23e3f07e8f54a0265df9d70ee7f6df72846a84bd929aec787b6f2cf19

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 02:36:28 GMT
x-amz-version-id
hB_.t6KT_zwYci45m4HZbhkHnu7kvHwF
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
85465
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"73ba6639ce67e2ec91a412291be67088"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2298
x-amz-cf-id
Jq-YiEvpzYY_68UPYzXKAiVhAEbBBZuGWnTDD6WiZ39pnsuSo4W57g==
Alias.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Alias.xml
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2918bea67a65862fe99e04afd0442ae572965359ac2992cf92947ae385c40d5b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
sIV11R2Nimk_bEMl24O8RHSPh96NZMRk
date
Thu, 02 Feb 2023 00:59:34 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
4879
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"831037988c5d343e01cf1dd3365ea6a6"
content-type
text/xml
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
12866
x-amz-cf-id
SoN8Wa8iq7ZG7MzGOPydSU73eLTnMkQ2aJ8TSLHLe4U7XaU4P45KDA==
Cobalt_Strike_UG_TOC.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b18a9d1f7d22d2f354be0b5736ec77cbfea2fd2d9d77339e29cc9771809d3cca

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:51:21 GMT
x-amz-version-id
zX0puXyBrREoim6A8Kx91UU1fidWMzRC
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:24 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52172
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"bc66f26c747e1d3477c25b5c069ad147"
x-amz-server-side-encryption
AES256
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2450
x-amz-cf-id
MOWBlAlcphD-RA5wNz2B7EJWnQtp1deIra7b7TgWm4uX5PvAjExzZA==
collect
www.google-analytics.com/j/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1727601016&t=pageview&_s=1&dl=https%3A%2F%2Fhstechdocs.helpsystems.com%2Fmanuals%2Fcobaltstrike%2Fcurrent%2Fuserguide%2Fcontent%2Ftopics%2Flistener-infrastructue_external-c2.htm%3Fcshid%3D1043&ul=en-us&de=UTF-8&dt=External%20C2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=408858893&gjid=723238059&cid=774601642.1675304453&tid=UA-57226932-1&_gid=1951208483.1675304453&_r=1&_slc=1&z=247770006
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hstechdocs.helpsystems.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 02:20:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hstechdocs.helpsystems.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cobalt_Strike_UG_TOC_Chunk0.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC_Chunk0.js?t=638046440806742008
Requested by
Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-94.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d26901c7c68c8ef56959bbf0b5c4e8bd29e0fc93f194a1bc25d15e8830e701e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
uE46XxX0lypJlzwQexIdmSmJCzF4ZtNa
date
Thu, 02 Feb 2023 01:23:39 GMT
via
1.1 08ecf152ae4441414becada758d7b65c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 22:52:24 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
52171
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Mon, 21 Nov 2022 22:14:36 GMT
etag
"53e889bb5510d871c3c799e1f3a122f5"
content-type
application/x-javascript
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
16245
x-amz-cf-id
hb-CCuZuVxaXsK2YGgpYFiXWipA3rn3wI_uShhOZYzV5-h8eIYDjAA==
www-player.css
www.youtube.com/s/player/dac945fd/ Frame 0B2C 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdea712f7fa78d05c22445fca3113c61dbc4430adc496ace58a72dd601870251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
207086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49943
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:49:26 GMT
www-embed-player.js
www.youtube.com/s/player/dac945fd/www-embed-player.vflset/ Frame 0B2C 		343 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20fe3b7758001893052f543475659ed408f077a1a756057b5f2bddb42df38053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
207086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109695
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:49:26 GMT
base.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C 		2 MB
602 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de4d8ccef2163887cd294e436292c8f4208a47e41b0c16f6f8c1462396f9da77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
207086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616339
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:49:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/ Frame 0B2C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
207086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:49:26 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 0B2C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b40767fae84dbf63aba24efc71262e2805e627084b1632cdc73683a4e1fa3438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Feb 2023 02:20:52 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 0B2C 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:06:19 GMT
x-content-type-options
nosniff
age
873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Feb 2023 02:21:19 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Feb 2023 02:20:53 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0B2C 		66 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f9208b57e8a584e02ddc8c95cea35a8aa4f092c5008f329c2516db3695e089f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31235
x-xss-protection
0
remote.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5c213deb16a0ad4e361367533405176e4798f67883e9783cf8eea4acd4791ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 13:12:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
47283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37409
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Feb 2024 13:12:49 GMT
hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
www.google.com/js/th/ Frame 0B2C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
288901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14417
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 18:05:51 GMT
embed.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b182cec569ea38a576e10331af891da8880e1eb5542c84b2699d1c0a7f7211b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 07:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
153158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8448
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 Jan 2024 07:48:14 GMT
truncated
/ Frame 0B2C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJUdLaf5ibH9YjGCnTSLNrPqhvzvwk_tJAjhsrGpkQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0B2C 		839 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJUdLaf5ibH9YjGCnTSLNrPqhvzvwk_tJAjhsrGpkQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2fe8d6d0491a622c30cd7ec90500715981b5ba82b8e101b373c10313c1a5d9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 23:58:51 GMT
x-content-type-options
nosniff
server
fife
age
8522
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
839
x-xss-protection
0
expires
Thu, 02 Feb 2023 23:58:51 GMT
sddefault.webp
i.ytimg.com/vi_webp/7FqCDWRMm4A/ Frame 0B2C 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/7FqCDWRMm4A/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2016 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6250037c75ace2c15ed9e201a1fc48a8fe946e82f8e70615d0773850a7197f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23834
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Feb 2023 04:20:53 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B2C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:07:46 GMT
x-content-type-options
nosniff
age
54786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 11:07:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B2C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FqCDWRMm4A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 19:10:53 GMT
x-content-type-options
nosniff
age
25799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 19:10:53 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0B2C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 02:20:53 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0B2C 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fdf885a6606a21a00cbd1c8a09f58bcc85333e82cc2effa71af6db144c5f4ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Feb 2023 02:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Feb 2023 02:20:53 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/109/ Frame 0B2C 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/109/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 05:29:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 15:07:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 02 Feb 2023 05:29:04 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 0B2C 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time
1675304455185
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/7FqCDWRMm4A
X-YouTube-Client-Version
1.20230129.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtzVm9pcGFQQ3hFdyiEvOyeBg%3D%3D
X-YouTube-Ad-Signals
dt=1675304452792&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 02 Feb 2023 02:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery object| html5 object| Modernizr function| yepnope string| GoogleAnalyticsObject function| ga function| DOMPurify function| requirejs function| require function| define function| _createClass function| _classCallCheck object| Foundation object| MadCap object| _HelpSystem boolean| handled object| data object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| _Init

6 Cookies

Domain/Path Name / Value
.helpsystems.com/ Name: _ga
Value: GA1.2.774601642.1675304453
.helpsystems.com/ Name: _gid
Value: GA1.2.1951208483.1675304453
.helpsystems.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: XBwGVLZM3iA
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU1TlRNM056Z3pOREUxTkRjMU5qUXlOQT09EIS87J4GGIS87J4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: sVoipaPCxEw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hstechdocs.helpsystems.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.cobaltstrike.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.18.14.56
2404:6800:4004:810::2016
2404:6800:4004:811::200a
2404:6800:4004:81c::2004
2404:6800:4004:821::200e
2404:6800:4004:822::2001
2404:6800:4004:825::2003
2404:6800:4004:825::2006
2404:6800:4004:826::2002
2404:6800:4004:826::200e
2404:6800:400a:804::2003
99.84.140.94
046cb2256a7a22bc97f512652a4941b02e1ffa6bcd63bd4000afe129cac33aa5
04af8660ffde8ceb2bb206f7bc39ccd1cff10d9dc7e0cc146472f0a8fa8a85ac
12fe0abd29df3cb40f74a957e7a47ffdecf3f7bf37f413b7115faa2459e3c4c4
1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31
20fe3b7758001893052f543475659ed408f077a1a756057b5f2bddb42df38053
2367dc71254904b9769c9d147e67c8bcadd6c4e30cd83ab638786bfecbaada42
2918bea67a65862fe99e04afd0442ae572965359ac2992cf92947ae385c40d5b
2f44df084332082eee5c6eaeac57160c12e198fb2ddd619cbfdf1177f706e9cd
2fe8d6d0491a622c30cd7ec90500715981b5ba82b8e101b373c10313c1a5d9db
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf885a6606a21a00cbd1c8a09f58bcc85333e82cc2effa71af6db144c5f4ac
431f9715c23f40305b0f3d03a407a6f21e3f97579d490fd56585a0844a36960c
44bbe1897c80202474d492a3d5ec2417fab1521d7260fce1a9f753da63058f85
4769ff3f0104d49a4c7f1fcd36f090def35c5811427936c5e73fdefa1e327da2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f
53cd63412cf6a3363aaa76848338e65ac46397388646495c4958c607094041bc
54a07208f16224d3a0d59db883e4e086f5d8b9bffc905b70645b3609b7d0c840
57d2d9f0002583aeda0e46f8fa4ef37ec30d3dc102942ff8f884c4cd98ed4999
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6250037c75ace2c15ed9e201a1fc48a8fe946e82f8e70615d0773850a7197f39
64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f
6702ffe23e3f07e8f54a0265df9d70ee7f6df72846a84bd929aec787b6f2cf19
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f
69df1928650b1168844762c3f1c7200cbc37e5af0e1086b5ddab662d80972415
733dfcbad6bd5a63c9853d9d36de23a55a9c3b2097172ac5a16dafe45c195a55
75e3b1669261ab3c5c443dcb1535ebd7d3dc0c25cefe16e0ca420207a26f40fc
7f9208b57e8a584e02ddc8c95cea35a8aa4f092c5008f329c2516db3695e089f
8085fad7ca10d1a9b7431a4ca40080550e73670110d6d665e2d3b12903536ca0
84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4
85cc4b524366e88b27e3f2fb26b59acbb7f327011615a1abfa4e7a7220be5f20
8df0ae40d429f0d8a51a63e89ffaba72c0408748ff96dca3cd00700ad224e9b0
907a8e7e872c30786840066a4ec22623849cdedc20bccdc6147dfae3792f7888
909a723379c690e8810df3a4ede43faad8e27fd12a00966b01c2c6995619a093
9d9aa0dab1c2906b6de2245ef234cc2317249c437c06efa9dad950cb84290d43
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b182cec569ea38a576e10331af891da8880e1eb5542c84b2699d1c0a7f7211b2
b18a9d1f7d22d2f354be0b5736ec77cbfea2fd2d9d77339e29cc9771809d3cca
b40767fae84dbf63aba24efc71262e2805e627084b1632cdc73683a4e1fa3438
b5c213deb16a0ad4e361367533405176e4798f67883e9783cf8eea4acd4791ea
b5dc552324f5a3166c2d6f2e1ee7fc4868e45143cf63c3dac835dbd1b1eefd55
c0aecc28f89e1994a928a7c982bd847c6606bbc19ee3c6e2287ed717ca04d369
c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551
c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b
c95bd7dd591469b031987b4a920c50ee0ca38359ebdc9dc4d47155e510c6a2b1
cda5089fa7c598fa745f5d81cfbc30187cfa9fa17ff8716baf9fa7ba1722938d
cefa0e0b413708f8446f7b44d903a81a474b3899047a3efd54af8dd034fbaf8a
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d26901c7c68c8ef56959bbf0b5c4e8bd29e0fc93f194a1bc25d15e8830e701e5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daf70904ba34bb981e4fa4b3c7677b92a09a6bc5f412ecbfca79c2bccb2a1293
de4d8ccef2163887cd294e436292c8f4208a47e41b0c16f6f8c1462396f9da77
e0f7e0093b88c8fcf03fa104678f17bdc3c17274c4dac88fc679ad39a1819a80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fdea712f7fa78d05c22445fca3113c61dbc4430adc496ace58a72dd601870251