hstechdocs.helpsystems.com Open in urlscan Pro
143.204.215.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cobaltstrike.com/help-beacon
Effective URL:
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Submission: On July 29 via api (July 29th 2022, 7:50:23 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 48 HTTP transactions. The main IP is 143.204.215.41, located in United States and belongs to AMAZON-02, US. The main domain is hstechdocs.helpsystems.com.
TLS certificate: Issued by Amazon on May 11th 2022. Valid for: a year.

This is the only time hstechdocs.helpsystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:964b		13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	143.204.215.41 143.204.215.41		16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e		15169 (GOOGLE) (GOOGLE)
48	2

1 2606:4700:4400::ac40:964b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net

hstechdocs.helpsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	helpsystems.com hstechdocs.helpsystems.com	2 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	cobaltstrike.com 1 redirects www.cobaltstrike.com	242 B
48	3

	Domain	Requested by
46	hstechdocs.helpsystems.com	hstechdocs.helpsystems.com
2	www.google-analytics.com	hstechdocs.helpsystems.com www.google-analytics.com
1	www.cobaltstrike.com	1 redirects
48	3

This site contains no links.

Subject Issuer	Validity	Valid
hstechdocs.helpsystems.com Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Frame ID: 171AF475A2F2F35C127050A386496652
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Post Exploitation

Page URL History Show full URLs

https://www.cobaltstrike.com/help-beacon HTTP 301
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main... Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1931 kB
Transfer

1940 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cobaltstrike.com/help-beacon HTTP 301
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm Page URL
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.cobaltstrike.com/help-beacon HTTP 301
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.htm Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/
Redirect Chain

https://www.cobaltstrike.com/help-beacon
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm

906 B
1 KB

40ms
8ms

Document
text/html

143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17744f438b991c79f1a3da5a44d4ba5025938c4aed57eddfef6e54b60b4234dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 82111
content-length: 906
content-type: text/html
date: Thu, 28 Jul 2022 21:01:49 GMT
etag: "b563e589950673c73e9f9e4186293e2d"
last-modified: Mon, 16 May 2022 21:51:30 GMT
server: AmazonS3
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: F_4ogsIlBF6jWRURiW_nQjAl9OHW1xlWwXznuzVO2vV-iB8_xaNaFQ==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: _BGMcmxKTvRLzf83Luy2D_63jC37HzhZ
x-cache: Hit from cloudfront

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 732861ff1c4891ed-FRA
content-type: text/html
date: Fri, 29 Jul 2022 19:50:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm#cshid=1085
server: cloudflare

GET
H2 200 jquery.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 88 KB
88 KB 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/jquery.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: P86z61m0jhSzTRwOf5CX067Gfi6jsZa1
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "001af2052881c691d04fa77b25417a19"
last-modified: Mon, 16 May 2022 21:48:36 GMT
server: AmazonS3
age: 42057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:23 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 89622
x-amz-cf-id: MqF_gDSmMeW-qqPTc_e3wiV781u1nyY1Shw7XKXhW0n6BeFS8dhBcg==

GET
H2 200 plugins.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 10 KB
11 KB 9ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/plugins.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:50 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:37 GMT
server: AmazonS3
age: 82110
etag: "d644b250a1d355b0608ee2a3b1109d9e"
x-cache: Hit from cloudfront
x-amz-version-id: l89KTdPF_D1Ib5SxSBlrMeo6GW9h8Ofp
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 10689
x-amz-cf-id: vsct3khVQXiHgd9mLHP7WXfK99fPtrkEv-4jLtNhBVwjtlhMo9Tlew==

GET
H2 200 require.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 20 KB
20 KB 10ms
10ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: AizMcOmN_2XUiKaq1LJ6pCawhWeTSNbk
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "628bedaba6207d17730b80862faf8c6f"
last-modified: Mon, 16 May 2022 21:48:39 GMT
server: AmazonS3
age: 42057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:23 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 20484
x-amz-cf-id: GsfODUpjD2l1z-40O2Tm3tjHs2cKjlAUBwXeCH0QDvFJqWbsSp6Yhw==

GET
H2 200 require.config.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 58 B
461 B 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.config.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dedbc2bb49d9b4507b1234143ca55b586183b6e97ae935185299a3aa2f2d4d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:50 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:39 GMT
server: AmazonS3
age: 82110
etag: "c3717e2f2dba2b1b85ca54ab897ea5f6"
x-cache: Hit from cloudfront
x-amz-version-id: jbqoYjCIamwlbgzE6MIFoRPyWCzeySfc
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 58
x-amz-cf-id: samDgQI8MQxYU8GJfLL6MP7Me_837p9dwzV7XyZeU1JYFDOxMlwCKA==

GET
H2 200 MadCapAll.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 240 KB
241 KB 10ms
10ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: lxZ9w82pKlLGIQXIo_X_pvwhmsNeoUpI
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "a626b1957ef3256014ff1a17fbde6554"
last-modified: Mon, 16 May 2022 21:48:37 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 246089
x-amz-cf-id: ZOO7cWeJBq4TABpFog4iipC8_KoftKtUfvskPqImmomiOA2wSemlyQ==

GET
H2 200 HelpSystem.xml Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 2 KB
2 KB 8ms
8ms XHR
text/xml 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/HelpSystem.xml
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52486d857b8ae2e13ad4957a866bdd325523282c5446a28c9359450693427efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:51 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:46 GMT
server: AmazonS3
age: 82109
etag: "ff0b711116ae0a69fda3406db989c92b"
x-cache: Hit from cloudfront
x-amz-version-id: bCsS04DGBNfsVkg89Cy1Y3OR8c_Riy_Q
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/xml
content-length: 1565
x-amz-cf-id: aUZOLJZ-ALlqZpRBKw2VE8kmLDpiQ6Bb1O0BOXuoVyLfl4LMxMDUZQ==

GET
H2 200 Breakpoints.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 64 B
466 B 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Breakpoints.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:43 GMT
server: AmazonS3
age: 82106
etag: "4ad085a7d23bb1f99cfc1d0f101ff6f1"
x-cache: Hit from cloudfront
x-amz-version-id: y6VTpvPP.iNHR5BX0Fa9TB5uFKhUfP58
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 64
x-amz-cf-id: jfz453wzUEtthzKMRZDf5lttqs1kjS0JS0Xn1a88eZOLZEygWFQ29A==

GET
H2 200 Language.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 2 KB
3 KB 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Language.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 589e57556b5f022f1f6411d293f5088f50440a7f6ef4f749d72798bd274feeca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 5el43JrNvVWMPi5Y2.ZOVhdUMCXkUPgj
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "841586495ee37dc9346d193281058059"
last-modified: Mon, 16 May 2022 21:51:47 GMT
server: AmazonS3
age: 52192
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 05:20:28 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2542
x-amz-cf-id: H8B1iOjMOWqm3_LyBJP36NZRBIh7u2mzft2582oVSFcczEAtWvDAGA==

GET
H2 200 Alias.xml
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 12 KB
13 KB 8ms
8ms XHR
text/xml 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Alias.xml
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:42 GMT
server: AmazonS3
age: 82106
etag: "3b267a50a24c313c793002da9e77771d"
x-cache: Hit from cloudfront
x-amz-version-id: L9wi2HNy88eE9WYNEJPDfjnDsxGOQo8Z
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/xml
content-length: 12786
x-amz-cf-id: k_qCuqwmW4XQLNVPYK2ekx8QykpO4FlGVoKOgjdUKM6glPsv1mtwjw==

GET
H2 200 transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ 832 B
1 KB 13ms
13ms Image
image/gif 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/transparent.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:46:54 GMT
server: AmazonS3
age: 82106
etag: "50085591b69ee0da3fa16386d95d0f9d"
x-cache: Hit from cloudfront
x-amz-version-id: 2JWLPbI6OGkXsc60tu8pjSl9A59vtp6h
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 832
x-amz-cf-id: m7KP_-S2dN-gIhll0OyzuxtUTVq4DHwEeL5Xukl6mgznFAqV5GeZMQ==

GET
H2 200 Cobalt_Strike_UG_TOC.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 2 KB
3 KB 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: dHjC14380joquCNF7fHMv2GOfHTtH5su
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "8a7cac41173aca2a66a7d8b0cf6d11e4"
last-modified: Mon, 16 May 2022 21:48:34 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2438
x-amz-cf-id: k6TbYOBJHyeUa793LAEHLShUZsS_O5TTlLsJs4YBXTVjN_u650OPUA==

GET
H2 200 Primary Request post-exploitation_main.htm Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/ 18 KB
18 KB 22ms
22ms Document
text/html 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ab0fdcd64fe9a4c0f602086f82f065cf272eb366a54dbeaa911018c707ffb73

Request headers

Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40134
content-length: 18218
content-type: text/html
date: Fri, 29 Jul 2022 08:41:25 GMT
etag: "a9802ec3205f1f65c818d5289ffdfda9"
last-modified: Mon, 16 May 2022 21:49:20 GMT
server: AmazonS3
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: ivMtpjnZAf59txSS41EbxR2CsnLlzB6makcwnZDwcyqfSYH1DtThxQ==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Q3XgpNDAoGqR_gW51pkd2c67qWAvraEu
x-cache: Hit from cloudfront

GET
H2 200 Cobalt_Strike_UG_TOC_Chunk0.js
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 16 KB
16 KB 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC_Chunk0.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:02:03 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:35 GMT
server: AmazonS3
age: 82097
etag: "dbb37b8539036223d42a8a02b870b558"
x-cache: Hit from cloudfront
x-amz-version-id: 4nzN3yChwYZLCs2_AwL_iRFFdSHt_pCl
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 16164
x-amz-cf-id: CGJ0RbjJjP4Z2IeuWzlQMkwhd7t2_V_1Gv-SmU3znR5Dq1dfFM_48w==

GET
H2 200 Slideshow.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 5 KB
5 KB 10ms
8ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Slideshow.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 907a8e7e872c30786840066a4ec22623849cdedc20bccdc6147dfae3792f7888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: rREDOt0eKo4aHQJOYGzcoQelGn1QjHfX
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "1211b07a15a80a14cba65d45aaaf732d"
last-modified: Mon, 16 May 2022 21:47:23 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 4649
x-amz-cf-id: Xt6bvRFeG8p3KtFJs5c1mjFnmAcf2p4nuGaNRd1kBemN5tgeEZHPag==

GET
H2 200 TextEffects.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 17 KB
17 KB 11ms
8ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/TextEffects.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cda5089fa7c598fa745f5d81cfbc30187cfa9fa17ff8716baf9fa7ba1722938d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:24 GMT
server: AmazonS3
age: 82105
etag: "8c610442517fd95c8cdea70d98608f69"
x-cache: Hit from cloudfront
x-amz-version-id: T.FHXUhFAQRK5gXo4w8OrbkPCKStZrIW
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 17003
x-amz-cf-id: y82CVNxFYVhcxjhwPRGxS629fthfVjX_GNXD37f-VT-ACUPjsLW-sg==

GET
H2 200 Topic.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/ 12 KB
12 KB 11ms
9ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Topic.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ac1e87deb34dabbf7489456d28cf2788e5338be398f7c20148f45aeb1e3b0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:25 GMT
server: AmazonS3
age: 82105
etag: "7d589412d4287fd1d8a49bc45bbe1dbd"
x-cache: Hit from cloudfront
x-amz-version-id: 6zyCKG2GkefFH7grBX_noI.DJju413ML
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 11925
x-amz-cf-id: iDQcT-lBKpkvh0AvSjd0YRHAeacM7AGamf8Q8Pa9etRrfCvLddDt_Q==

GET
H2 200 Styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 13 KB
14 KB 11ms
9ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Styles.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04af8660ffde8ceb2bb206f7bc39ccd1cff10d9dc7e0cc146472f0a8fa8a85ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:05 GMT
server: AmazonS3
age: 82105
etag: "c218dbd528e2e251e24c2ec861f2c881"
x-cache: Hit from cloudfront
x-amz-version-id: s9sjMGxJlO07XFpSCzHCkPTX.nhQ4kIm
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 13593
x-amz-cf-id: GX6f74yqESbmiKO3o5CGqJwtjnWauOPTF4gkeijyOECGqit4AZJ28A==

GET
H2 200 Tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 366 B
761 B 11ms
10ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Tablet.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54a07208f16224d3a0d59db883e4e086f5d8b9bffc905b70645b3609b7d0c840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:05 GMT
server: AmazonS3
age: 82105
etag: "40809da8040894bc4a05c73a13b467d6"
x-cache: Hit from cloudfront
x-amz-version-id: LhnaNJHv5RWMNUBQpdXRMqk.3V48SrAN
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 366
x-amz-cf-id: AVkmGinpjZLLr6RVbpIXrRjkeQpFEFVAl6hih20UtVIUiDPAsROy9w==

GET
H2 200 Mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/ 105 B
499 B 12ms
10ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Components/Mobile.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 431f9715c23f40305b0f3d03a407a6f21e3f97579d490fd56585a0844a36960c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:04 GMT
server: AmazonS3
age: 82105
etag: "ddc8b86d2e3cc1388b02357bb7a10e02"
x-cache: Hit from cloudfront
x-amz-version-id: TWkcfTzG9xLDHe2TkJmxrfdsm30zjamw
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 105
x-amz-cf-id: a-ggEiYyhXwM18AU4pRKyREdkK-dN9Wf3FQxR29ZfDzsKGK-SpT-Jw==

GET
H2 200 foundation.6.2.3.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 52 KB
52 KB 12ms
10ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/foundation.6.2.3.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57d2d9f0002583aeda0e46f8fa4ef37ec30d3dc102942ff8f884c4cd98ed4999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:26 GMT
server: AmazonS3
age: 82105
etag: "470c2b18ffc080f79566e5b227f0544b"
x-cache: Hit from cloudfront
x-amz-version-id: i4D20bCSYiwMljV4vFIylrnnVXxzFZKM
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 52745
x-amz-cf-id: jV4fwg8NEwkuSpomnUyz1Gj1DRDfaJY8l9luAtdZArZO_l12-bV2JQ==

GET
H2 200 styles.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 25 KB
26 KB 12ms
11ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0055c5e30812b2149c5c1224793dce79fb99aeb8decd8945a3a90ee87077f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:27 GMT
server: AmazonS3
age: 82105
etag: "198963c8cb04e7480cebb3468f36afc6"
x-cache: Hit from cloudfront
x-amz-version-id: SStSxkdUfhjqiu637LxJyUEJA7aCT2zp
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 25695
x-amz-cf-id: FwvI3f1i9jsyWmcANQO7dGI1tnicix3hBb33COA7JbasOqMqzkNn-g==

GET
H2 200 tablet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 11 KB
11 KB 12ms
11ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/tablet.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59011dc7bce6a0e0365047cfeaeca41e1c0d316dca0f36a458a62a502f510b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:28 GMT
server: AmazonS3
age: 82105
etag: "d9f656a28549ccd78c2503c685d4795d"
x-cache: Hit from cloudfront
x-amz-version-id: n_2xKgLjbYWu0r1KIijvZMaDSDzUU_8m
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 10977
x-amz-cf-id: ePqCplPZFU-xQ73_UHirvs1ps1QaUB3E9x29-y001tql1MmvYYtkYQ==

GET
H2 200 mobile.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/ 8 KB
8 KB 12ms
11ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/mobile.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f45d411b2415903c8f00c11fe35065b826219545e2ae39f26d6789e85b8340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:27 GMT
server: AmazonS3
age: 82105
etag: "eaf7cd400668f50373371f866ca5b4f7"
x-cache: Hit from cloudfront
x-amz-version-id: Qg5EcMSvRjTpEar409IGbwTAjnbW3pGJ
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 8161
x-amz-cf-id: m5IvgdESV9dXaI5CRPHxysU6VZwMLR7pHAGT2Wl1UjeIV2DkC8KUdQ==

GET
H2 200 hs-main.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 17 KB
18 KB 16ms
15ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfd7e0c79d10dd51b27aaa813f1d83dfe5b146894c08bae799aa777f9a146203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:19 GMT
server: AmazonS3
age: 82105
etag: "ff4451806a5cf1ab0c3734368f97997e"
x-cache: Hit from cloudfront
x-amz-version-id: TOAb9.J8UFTAaH7ctSfMbewV54CspS1y
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 17797
x-amz-cf-id: TrGLm8SDVtlvlsaVITkIHyrdjhO8Txnwv9UgHmjQCfMot9brHTesXw==

GET
H2 200 jquery.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 88 KB
88 KB 16ms
15ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/jquery.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: P86z61m0jhSzTRwOf5CX067Gfi6jsZa1
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "001af2052881c691d04fa77b25417a19"
last-modified: Mon, 16 May 2022 21:48:36 GMT
server: AmazonS3
age: 42057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:23 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 89622
x-amz-cf-id: tJBhb5T2qvlyDiGJyD4tWMYLj8z5hHSWqGL6E-___pbMo84YL-FLdA==

GET
H2 200 purify.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 15 KB
15 KB 9ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/purify.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8085fad7ca10d1a9b7431a4ca40080550e73670110d6d665e2d3b12903536ca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: DeeKvJM9WTSkRRojT6kQFhJeWD2LxHFN
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "c36b1526203b23a39460e54586951b75"
last-modified: Mon, 16 May 2022 21:48:38 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15433
x-amz-cf-id: nSvCEMADzo0YzELi-Xvl197N2VpCQgC-iO1nsOAHTrXA9NjeUr0E_Q==

GET
H2 200 require.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 20 KB
20 KB 9ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: AizMcOmN_2XUiKaq1LJ6pCawhWeTSNbk
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "628bedaba6207d17730b80862faf8c6f"
last-modified: Mon, 16 May 2022 21:48:39 GMT
server: AmazonS3
age: 42057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:23 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 20484
x-amz-cf-id: nB5NYlHBAZNLhlkDnZUQqUntWGSRVU0cq9AUsGJgs-LmVs2BCxCj_Q==

GET
H2 200 require.config.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 58 B
460 B 12ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.config.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dedbc2bb49d9b4507b1234143ca55b586183b6e97ae935185299a3aa2f2d4d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:50 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:39 GMT
server: AmazonS3
age: 82110
etag: "c3717e2f2dba2b1b85ca54ab897ea5f6"
x-cache: Hit from cloudfront
x-amz-version-id: jbqoYjCIamwlbgzE6MIFoRPyWCzeySfc
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 58
x-amz-cf-id: EQnaWKZgKcWdNrnLs0rB7Px1_5WlVzfAmKxe29qYeM9HBygbvR1fAw==

GET
H2 200 foundation.6.2.3_custom.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 121 KB
121 KB 11ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/foundation.6.2.3_custom.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85cc4b524366e88b27e3f2fb26b59acbb7f327011615a1abfa4e7a7220be5f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:35 GMT
server: AmazonS3
age: 82105
etag: "44ea9cd6ee71409e30b9ea0668972544"
x-cache: Hit from cloudfront
x-amz-version-id: I4Y1_fNKE8S_26SG3xBphb0H2C9U7jHR
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 123414
x-amz-cf-id: mpMu7u4A-pAO6nE3WgBlv3jHs3pYAFFujtc987mIarZfAtMGDnIxyA==

GET
H2 200 plugins.min.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 10 KB
11 KB 12ms
10ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/plugins.min.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:50 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:37 GMT
server: AmazonS3
age: 82110
etag: "d644b250a1d355b0608ee2a3b1109d9e"
x-cache: Hit from cloudfront
x-amz-version-id: l89KTdPF_D1Ib5SxSBlrMeo6GW9h8Ofp
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 10689
x-amz-cf-id: MvEioC4I9T9YHsfv2j3IEYvI7oqyEIlXORnvb1VmYyvRw7kJzWu66g==

GET
H2 200 MadCapAll.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/ 240 KB
241 KB 12ms
10ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: lxZ9w82pKlLGIQXIo_X_pvwhmsNeoUpI
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "a626b1957ef3256014ff1a17fbde6554"
last-modified: Mon, 16 May 2022 21:48:37 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 246089
x-amz-cf-id: WTjHS0ihtG_SoEe5TBAygK630odY1ErdBkgJGXdIB5HRdKKPPOJQSQ==

GET
H2 200 modernizr.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/masterpages/ 17 KB
17 KB 15ms
15ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/masterpages/modernizr.js
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0aecc28f89e1994a928a7c982bd847c6606bbc19ee3c6e2287ed717ca04d369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:55 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:19 GMT
server: AmazonS3
age: 82105
etag: "f94e4076c81974f5aedecbd1a9af925c"
x-cache: Hit from cloudfront
x-amz-version-id: 8jprC6ITo2RYx2BUiSupmnac8VbzK.g3
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 17129
x-amz-cf-id: uFau8zRG-fSa-d2TmOlUn4Kb12pFDlMAKv57_JJ09EYPuGXAXjKQnQ==

GET
H2 200 post-exploit_beacon-conslole_thumb_300_0.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/ 15 KB
15 KB 28ms
26ms Image
image/png 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/post-exploit_beacon-conslole_thumb_300_0.png
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f10d13ab4408541d78a8922bef0ba22c89cd1cb71135f731e8e746caaa8cec60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 29 Jul 2022 08:41:26 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:49:59 GMT
server: AmazonS3
age: 40134
etag: "af128e9ba239ee64d91cf71ff3dca902"
x-cache: Hit from cloudfront
x-amz-version-id: xPTMavXyzji3Tuw8Y5I9N2k6b7mCV_43
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 15079
x-amz-cf-id: SgrNTni07-k9BI4zrBaeaRJ0qu7t9oaiW2vTYsT5WW-rn7Pjw1RC_g==

GET
H2 200 project_stylesheet.css
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/ 3 KB
3 KB 9ms
9ms Stylesheet
text/css 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/project_stylesheet.css
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a0bf3badc393a3b7b9a55768d641cdcf16d4c2768688f31f0b3dbaf085d2b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:56 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:20 GMT
server: AmazonS3
age: 82104
etag: "c8dafa368c2058a3dc76d5a8e9c0f81c"
x-cache: Hit from cloudfront
x-amz-version-id: MQ.v6BviRb0AqL.aeSn0ZeJzyeMbD5xp
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
content-length: 3102
x-amz-cf-id: X_FFQy2-oiX3UpVVzlkjiM7Rod8B8M3MwcNKFXnuVP7DX76ZKN-J-Q==

GET
H2 200 lato.ttf
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/ 593 KB
595 KB 9ms
9ms Font
binary/octet-stream 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/lato.ttf
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd

Request headers

Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Origin: https://hstechdocs.helpsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:56 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:29 GMT
server: AmazonS3
age: 82103
etag: "6d4e78225df0cfd5fe1bf3e8547fefe4"
x-cache: Hit from cloudfront
x-amz-version-id: yMvLnDkxwPOv2NFaxT_ASp9qs4gZofVd
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 607720
x-amz-cf-id: AxVngXGDNCrxKuGUT5yMYMYyRlx0dwkoAxNcibB0C555pl65kY-iSg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2899
date: Fri, 29 Jul 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 21:02:00 GMT

GET
H2 200 hs-logo-cobalt-white.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ 2 KB
2 KB 10ms
9ms Image
image/png 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/hs-logo-cobalt-white.png
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b21fc5a07e3e94b294df99230dd92ac01b0fcb3261d87520b201f24eb2350300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:59 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:46:57 GMT
server: AmazonS3
age: 82101
etag: "0e373328e1b0ba04a7054150d2a1e9b4"
x-cache: Hit from cloudfront
x-amz-version-id: 7iDSR3XrWDORpVPy84Ox0e4RsOfHdYRK
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1944
x-amz-cf-id: rQvX_CmU8N-BBMjWzaKHoptvW5_CaMcN1tQ2aN3fTZpaN6eZ94MHCA==

GET
H2 200 icon-search.png
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/ 397 B
792 B 12ms
11ms Image
image/png 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/Images/icon-search.png
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daf70904ba34bb981e4fa4b3c7677b92a09a6bc5f412ecbfca79c2bccb2a1293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Fluid/stylesheets/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: IHt9QsndxqnwOE6kZdQi51ZVlPGBN4wX
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "135b7e56c2f54f07e5148a37d3ca3d77"
last-modified: Mon, 16 May 2022 21:47:00 GMT
server: AmazonS3
age: 42055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Fri, 29 Jul 2022 08:09:25 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 397
x-amz-cf-id: SX0KTvgrfs-gtht9YlGzWiKPzJ2rBr6kFcMI3v_mlmnni0lhLV1DUQ==

GET
H2 200 roboto.ttf
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/ 159 KB
160 KB 15ms
14ms Font
binary/octet-stream 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/fonts/roboto.ttf
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/resources/stylesheets/hs-main.css
Origin: https://hstechdocs.helpsystems.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:59 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:47:02 GMT
server: AmazonS3
age: 82101
etag: "ac3f799d5bbaf5196fab15ab8de8431c"
x-cache: Hit from cloudfront
x-amz-version-id: fXVGzZtlbpJzsnRit6MWpYDQU1YkLZPH
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 162876
x-amz-cf-id: HA0A3Bj4hGb9ydFPAgvRRS3CV7uNUU6mn-ZxDRYi0bTHEPUhvAeV9w==

GET
H2 200 HelpSystem.xml Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 2 KB
2 KB 8ms
8ms XHR
text/xml 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/HelpSystem.xml
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52486d857b8ae2e13ad4957a866bdd325523282c5446a28c9359450693427efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:51 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:46 GMT
server: AmazonS3
age: 82109
etag: "ff0b711116ae0a69fda3406db989c92b"
x-cache: Hit from cloudfront
x-amz-version-id: bCsS04DGBNfsVkg89Cy1Y3OR8c_Riy_Q
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/xml
content-length: 1565
x-amz-cf-id: 0usrWbe7dTHSquqmSYIw3MeIrbtuc7qScxKQlXk9kFyMSduS9OEojw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
214 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1289000488&t=pageview&_s=1&dl=https%3A%2F%2Fhstechdocs.helpsystems.com%2Fmanuals%2Fcobaltstrike%2Fcurrent%2Fuserguide%2Fcontent%2Ftopics%2Fpost-exploitation_main.htm%3Fcshid%3D1085&ul=en-us&de=UTF-8&dt=Post%20Exploitation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1526254793&gjid=296549391&cid=553012634.1659124220&tid=UA-57226932-1&_gid=2020602549.1659124220&_r=1&_slc=1&z=968772673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hstechdocs.helpsystems.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 19:50:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hstechdocs.helpsystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Breakpoints.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 64 B
465 B 8ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Breakpoints.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:43 GMT
server: AmazonS3
age: 82106
etag: "4ad085a7d23bb1f99cfc1d0f101ff6f1"
x-cache: Hit from cloudfront
x-amz-version-id: y6VTpvPP.iNHR5BX0Fa9TB5uFKhUfP58
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 64
x-amz-cf-id: oG7vT6cbp1fRr0ExLH5Xux2Gahk5nWZWtiniFS-SSeOvh91quHsdEA==

GET
H2 200 Language.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 2 KB
3 KB 13ms
12ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Language.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 589e57556b5f022f1f6411d293f5088f50440a7f6ef4f749d72798bd274feeca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 5el43JrNvVWMPi5Y2.ZOVhdUMCXkUPgj
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "841586495ee37dc9346d193281058059"
last-modified: Mon, 16 May 2022 21:51:47 GMT
server: AmazonS3
age: 52192
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 05:20:28 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2542
x-amz-cf-id: sdqaFiVWljg9NztIJpdxd6BRonQEe4Uv2CQ-rA6jHUpDLTIO4Oa-BQ==

GET
H2 200 Alias.xml Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/ 12 KB
13 KB 9ms
9ms XHR
text/xml 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Alias.xml
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/MadCapAll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba7cc5f9dde8550e342a8280106db3be3566de0bb32f8aa77de973920296759d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:51:42 GMT
server: AmazonS3
age: 82106
etag: "3b267a50a24c313c793002da9e77771d"
x-cache: Hit from cloudfront
x-amz-version-id: L9wi2HNy88eE9WYNEJPDfjnDsxGOQo8Z
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/xml
content-length: 12786
x-amz-cf-id: fdDcNt7QpINj356NzmSspZ0zitT7VEuGYJwJY_WMgSNCwKHJUODA2Q==

GET
H2 200 transparent.gif
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/ 832 B
1 KB 9ms
8ms Image
image/gif 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Skins/Default/Stylesheets/Images/transparent.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:01:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:46:54 GMT
server: AmazonS3
age: 82106
etag: "50085591b69ee0da3fa16386d95d0f9d"
x-cache: Hit from cloudfront
x-amz-version-id: 2JWLPbI6OGkXsc60tu8pjSl9A59vtp6h
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
content-length: 832
x-amz-cf-id: vabWs3DKh4fOwy1tvtosX1t5SRJ9bD8awk7ALS3N0JbvyfWvYfli4g==

GET
H2 200 Cobalt_Strike_UG_TOC.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 2 KB
3 KB 9ms
8ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 507aea05bc920bbda5389f344dbf85614052ea0750c3b18f212cfa53e81a250b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: dHjC14380joquCNF7fHMv2GOfHTtH5su
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "8a7cac41173aca2a66a7d8b0cf6d11e4"
last-modified: Mon, 16 May 2022 21:48:34 GMT
server: AmazonS3
age: 42056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 29 Jul 2022 08:09:24 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2438
x-amz-cf-id: -ZK0q0nIC9yrI1qnNx8lzJDVOSAggPEp2oqdUNJuZuu4_YqD2X3UzQ==

GET
H2 200 Cobalt_Strike_UG_TOC_Chunk0.js Show response
hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/ 16 KB
16 KB 10ms
10ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Data/Tocs/Cobalt_Strike_UG_TOC_Chunk0.js?t=637878795477476681
Requested by: Host: hstechdocs.helpsystems.com
URL: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/Resources/Scripts/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12c605a492ad024cb54317a06d02bf6924622be60a157267d51ef753dd788f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/post-exploitation_main.htm?cshid=1085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jul 2022 21:02:03 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 21:48:35 GMT
server: AmazonS3
age: 82097
etag: "dbb37b8539036223d42a8a02b870b558"
x-cache: Hit from cloudfront
x-amz-version-id: 4nzN3yChwYZLCs2_AwL_iRFFdSHt_pCl
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 16164
x-amz-cf-id: fjaPF6HilXndHdD4azbGmGCEzNnENO0F57qkGiLd5B6fK-pnVdf9RQ==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| html5 object| Modernizr function| yepnope string| GoogleAnalyticsObject function| ga function| DOMPurify function| requirejs function| require function| define function| _createClass function| _classCallCheck object| Foundation object| MadCap object| _HelpSystem object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| handled object| data boolean| _Init

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.helpsystems.com/	1970-01-20 22:23:16	Name: _ga Value: GA1.2.553012634.1659124220
			.helpsystems.com/	1970-01-20 04:53:30	Name: _gid Value: GA1.2.2020602549.1659124220
			.helpsystems.com/	1970-01-20 04:52:04	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hstechdocs.helpsystems.com
www.cobaltstrike.com
www.google-analytics.com
143.204.215.41
2606:4700:4400::ac40:964b
2a00:1450:4001:813::200e
04af8660ffde8ceb2bb206f7bc39ccd1cff10d9dc7e0cc146472f0a8fa8a85ac
089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd
12c605a492ad024cb54317a06d02bf6924622be60a157267d51ef753dd788f2a
17744f438b991c79f1a3da5a44d4ba5025938c4aed57eddfef6e54b60b4234dc
1ac1e87deb34dabbf7489456d28cf2788e5338be398f7c20148f45aeb1e3b0b9
1d600a0343eef0b105f4dd86d1b7572306777214a30e5b8d49e91c153d7bca31
2a0bf3badc393a3b7b9a55768d641cdcf16d4c2768688f31f0b3dbaf085d2b12
431f9715c23f40305b0f3d03a407a6f21e3f97579d490fd56585a0844a36960c
4bdcac2c695def051249c6a0a1e7a3afa73dd7c7a4851bc8b75b737d20483e7f
507aea05bc920bbda5389f344dbf85614052ea0750c3b18f212cfa53e81a250b
52486d857b8ae2e13ad4957a866bdd325523282c5446a28c9359450693427efd
54a07208f16224d3a0d59db883e4e086f5d8b9bffc905b70645b3609b7d0c840
57d2d9f0002583aeda0e46f8fa4ef37ec30d3dc102942ff8f884c4cd98ed4999
589e57556b5f022f1f6411d293f5088f50440a7f6ef4f749d72798bd274feeca
59011dc7bce6a0e0365047cfeaeca41e1c0d316dca0f36a458a62a502f510b5a
64a7fd603da4230b3800d0d21aa08c5cec4637ad90c626e768facae1f3017d0f
68bd5e3720f816f94e36e747ea6c5f3f53ab967dc57a7a8142ef96c6958a733f
68f45d411b2415903c8f00c11fe35065b826219545e2ae39f26d6789e85b8340
8085fad7ca10d1a9b7431a4ca40080550e73670110d6d665e2d3b12903536ca0
85cc4b524366e88b27e3f2fb26b59acbb7f327011615a1abfa4e7a7220be5f20
907a8e7e872c30786840066a4ec22623849cdedc20bccdc6147dfae3792f7888
9ab0fdcd64fe9a4c0f602086f82f065cf272eb366a54dbeaa911018c707ffb73
a0055c5e30812b2149c5c1224793dce79fb99aeb8decd8945a3a90ee87077f6d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b21fc5a07e3e94b294df99230dd92ac01b0fcb3261d87520b201f24eb2350300
ba7cc5f9dde8550e342a8280106db3be3566de0bb32f8aa77de973920296759d
c0aecc28f89e1994a928a7c982bd847c6606bbc19ee3c6e2287ed717ca04d369
c62cfb7ba968fd10f832c3a86a7c70b57b0ba3808fc5dcc28fc8cbd39df8b551
c7748e60f79d2388f045945494b231132c83307d7ec1024a5efd701e7b5aec7b
cda5089fa7c598fa745f5d81cfbc30187cfa9fa17ff8716baf9fa7ba1722938d
cfd7e0c79d10dd51b27aaa813f1d83dfe5b146894c08bae799aa777f9a146203
daf70904ba34bb981e4fa4b3c7677b92a09a6bc5f412ecbfca79c2bccb2a1293
dedbc2bb49d9b4507b1234143ca55b586183b6e97ae935185299a3aa2f2d4d50
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f10d13ab4408541d78a8922bef0ba22c89cd1cb71135f731e8e746caaa8cec60