urlscan.io logo urlscan.io
SecurityTrails logo

intel471.com Open in urlscan Pro
3.85.14.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://helpnet.pro/p5mj
Effective URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Submission Tags: falconsandbox
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 14 domains to perform 25 HTTP transactions. The main IP is 3.85.14.242, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is intel471.com.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time intel471.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.7.249.154 14618 (AMAZON-AES)
1 1 2406:da00:ff0... 14618 (AMAZON-AES)
8 3.85.14.242 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:218... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.193.13.185 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
25 13
1    52.7.249.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-249-154.compute-1.amazonaws.com
helpnet.pro
1    2406:da00:ff00::36f3:65ac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.helpnet.pro
8    3.85.14.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-14-242.compute-1.amazonaws.com
intel471.com
1    2a00:1450:4007:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:9000:218d:4200:e:62e2:9140:21 (United States)

ASN16509 (AMAZON-02, US)
d39ec1uo9ktrut.cloudfront.net
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    2a00:1450:4007:819::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4007:819::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.193.13.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-13-185.compute-1.amazonaws.com
lltrck.com
2    2a00:1450:4007:81a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
Domain Requested by
8 intel471.com intel471.com
4 d39ec1uo9ktrut.cloudfront.net intel471.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 lltrck.com intel471.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com intel471.com
1 ws.zoominfo.com intel471.com
1 js.hs-scripts.com intel471.com
1 fonts.googleapis.com intel471.com
1 www.helpnet.pro 1 redirects
1 helpnet.pro 1 redirects
0 track.hubspot.com Failed
0 forms.hubspot.com Failed js.hscollectedforms.net
25 16

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.youtube.com
www.facebook.com
Subject Issuer Validity Valid
intel471.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
lltrck.com
Go Daddy Secure Certificate Authority - G2		 2021-07-25 -
2022-08-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Frame ID: EF5E48248C1A537B3C27143BAACC74FF
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Event Cobalt Strike - A Toolkit for Pentesters… | Intel471.com

Page URL History Show full URLs

  1. http://helpnet.pro/p5mj HTTP 301
    http://www.helpnet.pro/p5mj HTTP 302
    https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

25
Requests

92 %
HTTPS

79 %
IPv6

14
Domains

16
Subdomains

13
IPs

2
Countries

331 kB
Transfer

977 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://helpnet.pro/p5mj HTTP 301
    http://www.helpnet.pro/p5mj HTTP 302
    https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
intel471.com/
Redirect Chain
  • http://helpnet.pro/p5mj
  • http://www.helpnet.pro/p5mj
  • https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
86 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx / Craft CMS SEOmatic
Resource Hash
d84439cd22c5666d2b03dd2e612b8562b2c05613af6a51f87a0db4be05f80880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
intel471.com
:scheme
https
:path
/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 14 Sep 2021 21:23:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; path=/; secure; HttpOnly CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
permissions-policy
interest-cohort=()
x-powered-by
Craft CMS SEOmatic
x-robots-tag
all
link
<https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper>; rel='canonical'
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Cache-Control
no-cache, no-store
Date
Tue, 14 Sep 2021 21:23:23 GMT
Engine
clickmeter.redirect, version 2.0
Expires
-1
Location
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
X-Rate-Limit-Limit
20s
X-Rate-Limit-Remaining
299
X-Rate-Limit-Reset
2021-09-14T21:23:43.9050290Z
Content-Length
0
Connection
keep-alive
css2
fonts.googleapis.com/ 		3 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cabin:wght@400;600;700&display=swap
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a4b5be02f560001aec43c9be44b04a1aa3b3d57b430ed8ba426e1138aea2eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 21:23:34 GMT
server
ESF
date
Tue, 14 Sep 2021 21:23:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Sep 2021 21:23:34 GMT
app.a7e6ca1423255691524e.css
intel471.com/dist/css/ 		66 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intel471.com/dist/css/app.a7e6ca1423255691524e.css
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx /
Resource Hash
70410e6ef71800e93c43f934916a03e1428d5ddf41c15f9c46d7ca38119ed28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/css/app.a7e6ca1423255691524e.css
pragma
no-cache
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 12:16:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6139fb06-108d8"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
plugin.css
intel471.com/freeform/ 		1 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intel471.com/freeform/plugin.css?v=ac7ec6ff2a861f36a476cabb10430036545bc25f
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx / Craft CMS
Resource Hash
213db5cecf97a4c1dcb38e554ac8c8ce3e589c1065cabdcb47864f93f7055c03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/freeform/plugin.css?v=ac7ec6ff2a861f36a476cabb10430036545bc25f
pragma
no-cache
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Sep 2021 21:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 16:11:57 GMT
server
nginx
x-powered-by
Craft CMS
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
public, max-age=604800, must-revalidate
permissions-policy
interest-cohort=()
content-disposition
inline; filename="plugin.css"
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
0
Intel471-Logo-white_bffa016ebaa7817710e036f02d34bdf0.webp
intel471.com/imager/assets/1933/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intel471.com/imager/assets/1933/Intel471-Logo-white_bffa016ebaa7817710e036f02d34bdf0.webp
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx /
Resource Hash
065ab436789f3b86b3537c010eb8815070d1f33f15af3b001b633eaedb5c8b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/imager/assets/1933/Intel471-Logo-white_bffa016ebaa7817710e036f02d34bdf0.webp
pragma
no-cache
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 00:31:26 GMT
server
nginx
etag
"613aa75e-a6c"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
2668
x-xss-protection
1; mode=block
linkedinIcon.svg
d39ec1uo9ktrut.cloudfront.net/Icons/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ec1uo9ktrut.cloudfront.net/Icons/linkedinIcon.svg
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:4200:e:62e2:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6805410e34a528ef58809745d92c6c63262c0c242a492ea504ed11671fb73ee3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 05:34:28 GMT
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jun 2021 18:40:20 GMT
server
AmazonS3
age
1007348
etag
"55117eab1b8667218e741ccf2f650160"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=7948800
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
956
x-amz-cf-id
ja8pTX4oQEODANFtRk6LhoIgCvXeMS9me9lHnH7I7NL5ugW0P0nTgQ==
twitterIcon.svg
d39ec1uo9ktrut.cloudfront.net/Icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ec1uo9ktrut.cloudfront.net/Icons/twitterIcon.svg
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:4200:e:62e2:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baeff7329eafb872fba92d7b9ab8837048751e61c8fac54d549aaa9833093577

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:08:08 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:40:19 GMT
server
AmazonS3
age
1188928
etag
W/"b359fa14601b031717d499f0ffb8e5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
cache-control
max-age=7948800
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
17RKV-InlZm_L5gwBOFdF1Cqz0OkGm4fQM-e2HasheP09TO5OXsiog==
youtubeIcon.svg
d39ec1uo9ktrut.cloudfront.net/Icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ec1uo9ktrut.cloudfront.net/Icons/youtubeIcon.svg
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:4200:e:62e2:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b3158b028a51c86ceaa10555771f8615773661923a41e4387915452ef30b580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:08:08 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:40:19 GMT
server
AmazonS3
age
1188928
etag
W/"1d418631c7b59686f469d3280f78b004"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
cache-control
max-age=7948800
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
ZbPn9nFXuY6am0PWdDkNn0UZ2_2TPx4iyayBnkqELlJhpYOKb2szAA==
facebookIcon.svg
d39ec1uo9ktrut.cloudfront.net/Icons/ 		476 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d39ec1uo9ktrut.cloudfront.net/Icons/facebookIcon.svg
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:4200:e:62e2:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dafa81451b0d73020b6a34ca1d40291f44da9d459845fae36e90f027e0dcc81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 05:34:28 GMT
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jun 2021 18:40:19 GMT
server
AmazonS3
age
1007348
etag
"5ba5886c5fe2da25251a2fa514642853"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=7948800
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
476
x-amz-cf-id
kH6y9FQpVVhFa3GQPVP-1gp-mN8QJVo1xtWV_hIEIyVp9MLCGZ5RtA==
app.fb0bd2f1c8bf5371e05f.js
intel471.com/dist/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intel471.com/dist/js/app.fb0bd2f1c8bf5371e05f.js
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx /
Resource Hash
68e8aa7a3848ca8e861ad62ddd7b115500829c635fb01610637bbaa404601232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://intel471.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
:path
/dist/js/app.fb0bd2f1c8bf5371e05f.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Origin
https://intel471.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 12:16:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6139fb06-1e91"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
chunk-vendors.d27632bc2358f4112197.js
intel471.com/dist/js/ 		344 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intel471.com/dist/js/chunk-vendors.d27632bc2358f4112197.js
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx /
Resource Hash
49390dd684181a579e90e1ef348c9d7e04f09c1fec22bf5cfc6d6fa81932594d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://intel471.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
:path
/dist/js/chunk-vendors.d27632bc2358f4112197.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Origin
https://intel471.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 12:16:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6139fb06-561f4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
8813571.js
js.hs-scripts.com/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8813571.js
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f6a2f1d6fad643a3af76a423ad0ebc624057e54cde83e73c95a67a0b6b95c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-hubspot-correlation-id
f991da16-75dd-4290-991a-16a4a28ea98e
x-trace
2BD11679C289E2D681B2EE4A908AC1E461F4EAA1E4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://intel471.com
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
68ecad7e497a6961-FRA
expires
Tue, 14 Sep 2021 21:24:40 GMT
plugin.js
intel471.com/freeform/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intel471.com/freeform/plugin.js?v=9545615fa2506715cae886139c7d50fd09b5ff6a
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx / Craft CMS
Resource Hash
5a6958b44c8bfc6958adb5e06f616177cbd4e547f276837f69c5fac215efde8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/freeform/plugin.js?v=9545615fa2506715cae886139c7d50fd09b5ff6a
pragma
no-cache
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:30 GMT
x-content-type-options
nosniff
x-powered-by
Craft CMS
content-disposition
inline; filename="plugin.js"
content-length
51661
x-xss-protection
1; mode=block
pragma
public
last-modified
Thu, 22 Jul 2021 16:11:57 GMT
server
nginx
etag
9545615fa2506715cae886139c7d50fd09b5ff6a
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=604800, must-revalidate
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
0
611d24fa766fa2001c8438f7
ws.zoominfo.com/pixel/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/611d24fa766fa2001c8438f7
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fe9ef177d7158b862c933e6adfb568117ae543e40cb45137d3d2a365483a8e5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
68ecad7e4e3e690a-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via
1.1 google
gtm.js
www.googletagmanager.com/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
492d1814a659897c112428459dd94dda651b384e96308509a7d9a2985c025bc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36127
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Sep 2021 21:23:39 GMT
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f57319a09731b09ae13689eb42c4ca124b92e4782eb3a60c37e46d71e222067

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49dab72a6885e6f5943d52b971d2cb1f48807e7b109bb567d820c32706c6d006

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
HeroImage_1920x1080-ResourcesPage_2021-04-25-184714_1a10cd2ad870d3b41af456a1bd243054.webp
intel471.com/imager/assets/1733/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intel471.com/imager/assets/1733/HeroImage_1920x1080-ResourcesPage_2021-04-25-184714_1a10cd2ad870d3b41af456a1bd243054.webp
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.85.14.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-14-242.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4d28cae7e25330d400f492599f78437be25c0db1dcbaaaa1542e831aeac04a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/imager/assets/1733/HeroImage_1920x1080-ResourcesPage_2021-04-25-184714_1a10cd2ad870d3b41af456a1bd243054.webp
pragma
no-cache
cookie
CraftSessionId=3h1en8fu7rkusgbg26dftefldv; CRAFT_CSRF_TOKEN=4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
intel471.com
referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 17:45:01 GMT
server
nginx
etag
"613b999d-2222"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
8738
x-xss-protection
1; mode=block
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v18/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intel471.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:06:24 GMT
x-content-type-options
nosniff
age
55035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26104
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:56:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 06:06:24 GMT
lt-v3.js
lltrck.com/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lltrck.com/scripts/lt-v3.js?llid=30823
Requested by
Host: intel471.com
URL: https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.13.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-13-185.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBP9RXG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2665
date
Tue, 14 Sep 2021 20:39:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 14 Sep 2021 22:39:20 GMT
8813571.js
js.hs-banner.com/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8813571.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8813571.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2030d09da6b41f72a5d040718cfaa463dd4ee8d31e9ed2a3cc45322c7294efd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
Y122RZTVF379C04E
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
v1+GR9MRQkq5GKis8nsxhz5CFBA9qg8tp6tFqDBZ7iDK/mQ/yHbOK1bhzET16AGHavtqLB72JAE=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 21:59:16 GMT
server
cloudflare
etag
W/"c37369f4b943b665759d2feb1019e620"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
PlwSiUUu4OawQtefbGnUj9g412RczNaz
access-control-allow-origin
https://intel471.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
68ecad9eafa0696f-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 14 Sep 2021 21:28:45 GMT
8813571.js
js.hs-analytics.net/analytics/1631654400000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1631654400000/8813571.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8813571.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54cfbc6dae8c7e3b63e2b18aa2cd70a50cffbf06cf2f8f1ee5cd059bc3d370ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:45 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
5SHWZMDT8QD6YGYF
x-amz-server-side-encryption
AES256
cf-ray
68ecad9eac075bfd-FRA
x-amz-id-2
VY1q8ITPpMo6BPoj5orkXAoZXwaTYsLGm3ScqET1ifi2mDiv48RupFQXrHw7Yu1MuESQqeOSFLQ=
last-modified
Mon, 19 Jul 2021 16:53:22 GMT
server
cloudflare
etag
W/"b16c656e265045620b81f1b8998a0d0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Tue, 14 Sep 2021 21:28:45 GMT
collectedforms.js
js.hscollectedforms.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8813571.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Origin
https://intel471.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 21:23:45 GMT
via
1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
4089
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=68ec49cb78181bd5-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
68ecad9ead526910-FRA
last-modified
Mon, 26 Jul 2021 08:57:16 UTC
server
cloudflare
etag
W/"71e1b9bc533ea0484715e256cd176305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
dyAOnav9bXF6iOZ75ZC2lVkoCwDkXGyx5o1E5VjFgst6vyzu56f1Ag==
x-hs-target-asset
collected-forms-embed-js/static-1.243/bundles/project.js
json
forms.hubspot.com/collected-forms/v1/config/ 		0
0
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1748097576&t=pageview&_s=1&dl=https%3A%2F%2Fintel471.com%2Fevent-cobalt-strike-a-toolkit-for-pentesters-whitepaper&ul=en-us&de=UTF-8&dt=Event%20Cobalt%20Strike%20-%20A%20Toolkit%20for%20Pentesters%E2%80%A6%20%7C%20Intel471.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1059591762&gjid=798207985&cid=176555739.1631654625&tid=UA-194159710-1&_gid=1980983274.1631654625&_r=1&gtm=2wg9d0KBP9RXG&z=1207764057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://intel471.com/event-cobalt-strike-a-toolkit-for-pentesters-whitepaper
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 21:23:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://intel471.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
__ptq.gif
track.hubspot.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.hubspot.com
URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8813571&utk=
Domain
track.hubspot.com
URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=8813571&rcu=https%3A%2F%2Fintel471.com%2Fevent-cobalt-strike-a-toolkit-for-pentesters-whitepaper&pu=https%3A%2F%2Fintel471.com%2Fevent-cobalt-strike-a-toolkit-for-pentesters-whitepaper&t=Event+Cobalt+Strike+-+A+Toolkit+for+Pentesters%E2%80%A6+%7C+Intel471.com&cts=1631654625479&vi=00b7d9e977f1f20cc99e0aed3a1b5a99&nc=true&ce=false&cc=0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| submitForm boolean| llcookieless object| formalyze object| webpackChunknew_library object| lazySizes function| MmenuLight object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _hsp object| __hsCollectedFormsDebug object| _hsq object| gaplugins object| gaGlobal object| gaData object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

11 Cookies

Domain/Path Name / Value
intel471.com/ Name: CraftSessionId
Value: 3h1en8fu7rkusgbg26dftefldv
intel471.com/ Name: CRAFT_CSRF_TOKEN
Value: 4b42137ee3f2820846cd261250c6b17324ee0c6212ac5e2128016ef245e92daea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22KGf8S9UFi9gClLZhwraBo_PrpO0B79SLQ7WgqqVu%22%3B%7D
.ws.zoominfo.com/ Name: visitorId
Value: 17995f0d2d2b5a556067c2979e40e2e59817a7395702bb3e011a6de691da6928
.zoominfo.com/ Name: __cf_bm
Value: wHhT3Qgh2.imfz1QY_fMYrULcMGfs90bFSAVPYZBo1c-1631654620-0-ATkJ7jLc8Juod8fcG3MQNpQBQwSQp6k/n1ktsQOTE3DvmlgUid0TXvQry8yb69eqZRNeF1Eyzt+N9neVN8t1g6Y=
.intel471.com/ Name: _ga
Value: GA1.2.176555739.1631654625
.intel471.com/ Name: _gid
Value: GA1.2.1980983274.1631654625
.intel471.com/ Name: _gat_UA-194159710-1
Value: 1
.intel471.com/ Name: __hstc
Value: 45834235.00b7d9e977f1f20cc99e0aed3a1b5a99.1631654625477.1631654625477.1631654625477.1
.intel471.com/ Name: hubspotutk
Value: 00b7d9e977f1f20cc99e0aed3a1b5a99
.intel471.com/ Name: __hssrc
Value: 1
.intel471.com/ Name: __hssc
Value: 45834235.1.1631654625477

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://lltrck.com/scripts/lt-v3.js?llid=30823
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d39ec1uo9ktrut.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
helpnet.pro
intel471.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
lltrck.com
track.hubspot.com
ws.zoominfo.com
www.google-analytics.com
www.googletagmanager.com
www.helpnet.pro
forms.hubspot.com
track.hubspot.com
2406:da00:ff00::36f3:65ac
2600:9000:218d:4200:e:62e2:9140:21
2606:4700::6810:a852
2606:4700::6811:44b0
2606:4700::6811:7fab
2606:4700::6811:d4cc
2606:4700::6812:15bf
2a00:1450:4007:807::200a
2a00:1450:4007:819::2003
2a00:1450:4007:819::2008
2a00:1450:4007:81a::200e
3.85.14.242
34.193.13.185
52.7.249.154
065ab436789f3b86b3537c010eb8815070d1f33f15af3b001b633eaedb5c8b3b
0f57319a09731b09ae13689eb42c4ca124b92e4782eb3a60c37e46d71e222067
1a4b5be02f560001aec43c9be44b04a1aa3b3d57b430ed8ba426e1138aea2eb3
2030d09da6b41f72a5d040718cfaa463dd4ee8d31e9ed2a3cc45322c7294efd1
213db5cecf97a4c1dcb38e554ac8c8ce3e589c1065cabdcb47864f93f7055c03
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
492d1814a659897c112428459dd94dda651b384e96308509a7d9a2985c025bc2
49390dd684181a579e90e1ef348c9d7e04f09c1fec22bf5cfc6d6fa81932594d
49dab72a6885e6f5943d52b971d2cb1f48807e7b109bb567d820c32706c6d006
4d28cae7e25330d400f492599f78437be25c0db1dcbaaaa1542e831aeac04a70
54cfbc6dae8c7e3b63e2b18aa2cd70a50cffbf06cf2f8f1ee5cd059bc3d370ab
5a6958b44c8bfc6958adb5e06f616177cbd4e547f276837f69c5fac215efde8f
6805410e34a528ef58809745d92c6c63262c0c242a492ea504ed11671fb73ee3
68e8aa7a3848ca8e861ad62ddd7b115500829c635fb01610637bbaa404601232
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70410e6ef71800e93c43f934916a03e1428d5ddf41c15f9c46d7ca38119ed28b
71f6a2f1d6fad643a3af76a423ad0ebc624057e54cde83e73c95a67a0b6b95c7
8b3158b028a51c86ceaa10555771f8615773661923a41e4387915452ef30b580
baeff7329eafb872fba92d7b9ab8837048751e61c8fac54d549aaa9833093577
d84439cd22c5666d2b03dd2e612b8562b2c05613af6a51f87a0db4be05f80880
dafa81451b0d73020b6a34ca1d40291f44da9d459845fae36e90f027e0dcc81f
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe9ef177d7158b862c933e6adfb568117ae543e40cb45137d3d2a365483a8e5a