hstechdocs.helpsystems.com
Open in
urlscan Pro
99.84.140.94
Public Scan
Effective URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?csh...
Submission: On February 02 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by Amazon on May 11th 2022. Valid for: a year.
This is the only time hstechdocs.helpsystems.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.18.14.56 104.18.14.56 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
48 | 99.84.140.94 99.84.140.94 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2404:6800:400... 2404:6800:4004:811::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4004:821::200e | 15169 (GOOGLE) (GOOGLE) | |
8 | 2404:6800:400... 2404:6800:4004:826::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2404:6800:400... 2404:6800:400a:804::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2404:6800:400... 2404:6800:4004:826::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:825::2006 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:81c::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:822::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:810::2016 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4004:825::2003 | 15169 (GOOGLE) (GOOGLE) | |
74 | 12 |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-94.nrt57.r.cloudfront.net
hstechdocs.helpsystems.com |
ASN15169 (GOOGLE, US)
fonts.googleapis.com | |
jnn-pa.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
48 |
helpsystems.com
hstechdocs.helpsystems.com |
1 MB |
8 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 76 |
835 KB |
6 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
79 KB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 jnn-pa.googleapis.com — Cisco Umbrella Rank: 189 |
32 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 214 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21 |
20 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87 |
24 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 229 |
1 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
15 KB |
1 |
cobaltstrike.com
1 redirects
www.cobaltstrike.com |
443 B |
74 | 10 |
Domain | Requested by | |
---|---|---|
48 | hstechdocs.helpsystems.com |
hstechdocs.helpsystems.com
|
8 | www.youtube.com |
hstechdocs.helpsystems.com
www.youtube.com |
4 | jnn-pa.googleapis.com |
www.youtube.com
|
4 | fonts.gstatic.com |
fonts.googleapis.com
www.youtube.com |
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | www.google-analytics.com |
hstechdocs.helpsystems.com
www.google-analytics.com |
1 | i.ytimg.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | fonts.googleapis.com |
hstechdocs.helpsystems.com
|
1 | www.cobaltstrike.com | 1 redirects |
74 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
opensource.org |
labs.f-secure.com |
github.com |
www.insomniacsecurity.com |
ryhanson.com |
labs.mwrinfosecurity.com |
www.outflank.nl |
outflank.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hstechdocs.helpsystems.com Amazon |
2022-05-11 - 2023-06-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043
Frame ID: 1489860F16432CB5B29F2928EAAB38FA
Requests: 53 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/7FqCDWRMm4A
Frame ID: 0B2C4E2D8E90F353F00F6FDA535AD2DF
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
External C2Page URL History Show full URLs
-
https://www.cobaltstrike.com/help-externalc2
HTTP 301
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
- https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue... Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- <link[^>]+foundation[^>"]+css
RequireJS (JavaScript Frameworks) Expand
Detected patterns
- require.*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: 3-clause BSD license
Search URL Search Domain Scan URL
Title: Custom Command and Control (C3)
Search URL Search Domain Scan URL
Title: F-Secure Labs
Search URL Search Domain Scan URL
Title: external_c2_framework
Search URL Search Domain Scan URL
Title: Jonathan Echavarria
Search URL Search Domain Scan URL
Title: ExternalC2 Library
Search URL Search Domain Scan URL
Title: Ryan Hanson
Search URL Search Domain Scan URL
Title: Tasking Office 365 for Cobalt Strike C2
Search URL Search Domain Scan URL
Title: MWR Labs
Search URL Search Domain Scan URL
Title: Shared File C2
Search URL Search Domain Scan URL
Title: Outflank BV
Search URL Search Domain Scan URL
Title: use a file/share for command and control
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.cobaltstrike.com/help-externalc2
HTTP 301
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
- https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/listener-infrastructue_external-c2.htm?cshid=1043 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.cobaltstrike.com/help-externalc2 HTTP 301
- https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index.htm
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
88 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
10 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
20 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.config.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
58 B 506 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MadCapAll.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
240 KB 241 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelpSystem.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
1 KB 2 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Breakpoints.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
64 B 512 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Language.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alias.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
13 KB 13 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ |
832 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cobalt_Strike_UG_TOC.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
listener-infrastructue_external-c2.htm
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/ |
22 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cobalt_Strike_UG_TOC_Chunk0.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ |
16 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Slideshow.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TextEffects.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Topic.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ |
12 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ |
13 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ |
366 B 804 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ |
105 B 542 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.6.2.3.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ |
25 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corp_main.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ |
16 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
88 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
purify.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
15 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
20 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.config.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
58 B 508 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.6.2.3_custom.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
121 KB 121 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins.min.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
10 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MadCapAll.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ |
240 KB 241 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/masterpages/ |
17 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
external-c2_new-listener_4-5_thumb_300_0.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ |
832 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
variables.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skin_override.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto.ttf
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/ |
159 KB 160 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-template_Corp2022-skyblue-white.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-search.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ |
397 B 834 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7FqCDWRMm4A
www.youtube.com/embed/ Frame 0B2C |
68 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mcCloseArrow.PNG
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelpSystem.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
1 KB 2 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Breakpoints.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
64 B 511 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Language.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alias.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ |
13 KB 13 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cobalt_Strike_UG_TOC.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cobalt_Strike_UG_TOC_Chunk0.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ |
16 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player.css
www.youtube.com/s/player/dac945fd/ Frame 0B2C |
360 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/dac945fd/www-embed-player.vflset/ Frame 0B2C |
343 KB 107 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C |
2 MB 602 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fetch-polyfill.js
www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/ Frame 0B2C |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame 0B2C Redirect Chain
|
100 B 242 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 0B2C |
29 B 495 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0B2C |
66 KB 31 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C |
119 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
www.google.com/js/th/ Frame 0B2C |
36 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
embed.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/ja_JP/ Frame 0B2C |
26 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 0B2C |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AL5GRJUdLaf5ibH9YjGCnTSLNrPqhvzvwk_tJAjhsrGpkQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0B2C |
839 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sddefault.webp
i.ytimg.com/vi_webp/7FqCDWRMm4A/ Frame 0B2C |
23 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B2C |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B2C |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0B2C |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0B2C |
90 B 134 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/eureka/clank/109/ Frame 0B2C |
50 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 0B2C |
28 B 50 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery object| html5 object| Modernizr function| yepnope string| GoogleAnalyticsObject function| ga function| DOMPurify function| requirejs function| require function| define function| _createClass function| _classCallCheck object| Foundation object| MadCap object| _HelpSystem boolean| handled object| data object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| _Init6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.helpsystems.com/ | Name: _ga Value: GA1.2.774601642.1675304453 |
|
.helpsystems.com/ | Name: _gid Value: GA1.2.1951208483.1675304453 |
|
.helpsystems.com/ | Name: _gat Value: 1 |
|
.youtube.com/ | Name: YSC Value: XBwGVLZM3iA |
|
.youtube.com/ | Name: DEVICE_INFO Value: ChxOekU1TlRNM056Z3pOREUxTkRjMU5qUXlOQT09EIS87J4GGIS87J4G |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: sVoipaPCxEw |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hstechdocs.helpsystems.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.cobaltstrike.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.18.14.56
2404:6800:4004:810::2016
2404:6800:4004:811::200a
2404:6800:4004:81c::2004
2404:6800:4004:821::200e
2404:6800:4004:822::2001
2404:6800:4004:825::2003
2404:6800:4004:825::2006
2404:6800:4004:826::2002
2404:6800:4004:826::200e
2404:6800:400a:804::2003
99.84.140.94
046cb2256a7a22bc97f512652a4941b02e1ffa6bcd63bd4000afe129cac33aa5
04af8660ffde8ceb2bb206f7bc39ccd1cff10d9dc7e0cc146472f0a8fa8a85ac
12fe0abd29df3cb40f74a957e7a47ffdecf3f7bf37f413b7115faa2459e3c4c4
1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31
20fe3b7758001893052f543475659ed408f077a1a756057b5f2bddb42df38053
2367dc71254904b9769c9d147e67c8bcadd6c4e30cd83ab638786bfecbaada42
2918bea67a65862fe99e04afd0442ae572965359ac2992cf92947ae385c40d5b
2f44df084332082eee5c6eaeac57160c12e198fb2ddd619cbfdf1177f706e9cd
2fe8d6d0491a622c30cd7ec90500715981b5ba82b8e101b373c10313c1a5d9db
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf885a6606a21a00cbd1c8a09f58bcc85333e82cc2effa71af6db144c5f4ac
431f9715c23f40305b0f3d03a407a6f21e3f97579d490fd56585a0844a36960c
44bbe1897c80202474d492a3d5ec2417fab1521d7260fce1a9f753da63058f85
4769ff3f0104d49a4c7f1fcd36f090def35c5811427936c5e73fdefa1e327da2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f
53cd63412cf6a3363aaa76848338e65ac46397388646495c4958c607094041bc
54a07208f16224d3a0d59db883e4e086f5d8b9bffc905b70645b3609b7d0c840
57d2d9f0002583aeda0e46f8fa4ef37ec30d3dc102942ff8f884c4cd98ed4999
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6250037c75ace2c15ed9e201a1fc48a8fe946e82f8e70615d0773850a7197f39
64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f
6702ffe23e3f07e8f54a0265df9d70ee7f6df72846a84bd929aec787b6f2cf19
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f
69df1928650b1168844762c3f1c7200cbc37e5af0e1086b5ddab662d80972415
733dfcbad6bd5a63c9853d9d36de23a55a9c3b2097172ac5a16dafe45c195a55
75e3b1669261ab3c5c443dcb1535ebd7d3dc0c25cefe16e0ca420207a26f40fc
7f9208b57e8a584e02ddc8c95cea35a8aa4f092c5008f329c2516db3695e089f
8085fad7ca10d1a9b7431a4ca40080550e73670110d6d665e2d3b12903536ca0
84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4
85cc4b524366e88b27e3f2fb26b59acbb7f327011615a1abfa4e7a7220be5f20
8df0ae40d429f0d8a51a63e89ffaba72c0408748ff96dca3cd00700ad224e9b0
907a8e7e872c30786840066a4ec22623849cdedc20bccdc6147dfae3792f7888
909a723379c690e8810df3a4ede43faad8e27fd12a00966b01c2c6995619a093
9d9aa0dab1c2906b6de2245ef234cc2317249c437c06efa9dad950cb84290d43
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b182cec569ea38a576e10331af891da8880e1eb5542c84b2699d1c0a7f7211b2
b18a9d1f7d22d2f354be0b5736ec77cbfea2fd2d9d77339e29cc9771809d3cca
b40767fae84dbf63aba24efc71262e2805e627084b1632cdc73683a4e1fa3438
b5c213deb16a0ad4e361367533405176e4798f67883e9783cf8eea4acd4791ea
b5dc552324f5a3166c2d6f2e1ee7fc4868e45143cf63c3dac835dbd1b1eefd55
c0aecc28f89e1994a928a7c982bd847c6606bbc19ee3c6e2287ed717ca04d369
c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551
c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b
c95bd7dd591469b031987b4a920c50ee0ca38359ebdc9dc4d47155e510c6a2b1
cda5089fa7c598fa745f5d81cfbc30187cfa9fa17ff8716baf9fa7ba1722938d
cefa0e0b413708f8446f7b44d903a81a474b3899047a3efd54af8dd034fbaf8a
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d26901c7c68c8ef56959bbf0b5c4e8bd29e0fc93f194a1bc25d15e8830e701e5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daf70904ba34bb981e4fa4b3c7677b92a09a6bc5f412ecbfca79c2bccb2a1293
de4d8ccef2163887cd294e436292c8f4208a47e41b0c16f6f8c1462396f9da77
e0f7e0093b88c8fcf03fa104678f17bdc3c17274c4dac88fc679ad39a1819a80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fdea712f7fa78d05c22445fca3113c61dbc4430adc496ace58a72dd601870251