www.cobaltstrike.com Open in urlscan Pro
104.18.14.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cobaltstrike.com/
Effective URL:
https://www.cobaltstrike.com/
Submission: On April 19 via manual (April 19th 2023, 7:38:27 am UTC) from ES — Scanned from ES

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 62 HTTP transactions. The main IP is 104.18.14.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.cobaltstrike.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 8th 2023. Valid for: a year.

This is the only time www.cobaltstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	104.18.14.56 104.18.14.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.225.78.57 13.225.78.57	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	13.32.121.99 13.32.121.99	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:b200:4:d683:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
15	52.222.236.115 52.222.236.115	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.123 13.32.99.123	16509 (AMAZON-02) (AMAZON-02)
1	3.225.178.175 3.225.178.175	14618 (AMAZON-AES) (AMAZON-AES)
62	11

27 104.18.14.56 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-99.fra60.r.cloudfront.net

static.helpsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:b200:4:d683:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fortra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.222.236.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-115.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.178.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-178-175.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cobaltstrike.com 1 redirects www.cobaltstrike.com	908 KB
22	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3692 consent-pref.trustarc.com — Cisco Umbrella Rank: 17066 Failed consent-st.trustarc.com — Cisco Umbrella Rank: 31168	220 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2971 ka-p.fontawesome.com — Cisco Umbrella Rank: 5251	96 KB
3	gstatic.com fonts.gstatic.com	70 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 31136	2 KB
1	fortra.com static.fortra.com	158 KB
1	helpsystems.com 1 redirects static.helpsystems.com	266 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	998 B
62	9

	Domain	Requested by
27	www.cobaltstrike.com	1 redirects www.cobaltstrike.com
15	consent-pref.trustarc.com	consent.trustarc.com www.cobaltstrike.com consent-pref.trustarc.com prefmgr-cookie.truste-svc.net
6	consent.trustarc.com	www.cobaltstrike.com consent.trustarc.com
5	ka-p.fontawesome.com	kit.fontawesome.com www.cobaltstrike.com
3	fonts.gstatic.com	fonts.googleapis.com
1	prefmgr-cookie.truste-svc.net	www.cobaltstrike.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	static.fortra.com	www.cobaltstrike.com
1	static.helpsystems.com	1 redirects
1	www.googletagmanager.com	www.cobaltstrike.com
1	fonts.googleapis.com	www.cobaltstrike.com
1	kit.fontawesome.com	www.cobaltstrike.com
62	12

This site contains links to these domains. Also see Links.

Domain
download.cobaltstrike.com
cobalt-strike.github.io
www.fortra.com
www.coresecurity.com

Subject Issuer	Validity	Valid
www.cobaltstrike.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-08` - `2024-02-07`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.truste-svc.net Amazon RSA 2048 M02	`2023-02-28` - `2023-06-21`	4 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.cobaltstrike.com/
Frame ID: 06E8CFBDDD0EFA312079FC087BCF5E39
Requests: 42 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: 65FC9CD38C8F9519BB22431A09EC31A6
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
Frame ID: B1329BB5E5E110ED79F6501746054ED3
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
Frame ID: 54699AE28FD23EAE9010817BEBFD1D2A
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Frame ID: ACF10D61933A95765DB448C9E23A10FB
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
Frame ID: A54AFB487A30BD9D97A37E8F6EDEF56E
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 3DA10215BB383EBD3BFFFF4DDFEEB558
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cobalt Strike | Adversary Simulation and Red Team Operations

Page URL History Show full URLs

http://www.cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

62
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

1524 kB
Transfer

3042 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://download.cobaltstrike.com/download
Title: Download

Search URL Search Domain Scan URL

URL: https://cobalt-strike.github.io/community_kit/
Title: Community Kit

Search URL Search Domain Scan URL

URL: https://www.fortra.com/

Search URL Search Domain Scan URL

URL: https://www.coresecurity.com/?__hstc=173638140.7cd4c336b7db51dc41ba94289a7e8945.1629149018896.1629339131200.1629385064224.7&__hssc=173638140.17.1629385064224&__hsfp=1865500357
Title: Core Security

Search URL Search Domain Scan URL

URL: https://www.fortra.com/impressum?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.fortra.com/privacy-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fortra.com/cookie-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://static.helpsystems.com/cobalt-strike/img/bg-1.png HTTP 301
https://static.fortra.com/cobalt-strike/img/bg-1.png

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cobaltstrike.com/
Redirect Chain

http://www.cobaltstrike.com/
https://www.cobaltstrike.com/

43 KB
12 KB

580ms
507ms

Document
text/html

104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 3a56ae696b0f07c3798236798b976853ff30b3f1943f32e939e42025af619669

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ba37cc67988867b-MAD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 07:38:21 GMT
link: <https://www.cobaltstrike.com/wp-json/>; rel="https://api.w.org/" <https://www.cobaltstrike.com/wp-json/wp/v2/pages/8928>; rel="alternate"; type="application/json" <https://www.cobaltstrike.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI2MJLTxZ8%2BXXEmfhhiAQhsmyDCkzTvEJrL%2FwmQ8EXEDaMJoQiCt8kXlEQ7TrOWN05ipYgx7yRcmwtE1WUIbhgEBQkJSMFRmKtBrFPKAXyqIRtAtseyMAxHKGQTx94Kj9I4BmchT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 7
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

CF-RAY: 7ba37cc5ba8086cc-MAD
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 19 Apr 2023 07:38:20 GMT
Expires: Wed, 19 Apr 2023 08:38:20 GMT
Location: https://www.cobaltstrike.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 notice Show response
consent.trustarc.com/ 13 KB
5 KB 222ms
94ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

c41372cecf9026e2185b973fa4f39743407eece17813b015bcff59c1fffd1a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: ES
content-length: 5003
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: MD
timing-allow-origin: *
x-amz-cf-id: bWcOKTYZOIFsJ3mxDYW3Vag2q8HyTdqmuNhwT3YdIHlNavBOoZxuug==
expires: Wed, 19 Apr 2023 08:38:21 GMT

GET
H2 200 style.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 97 KB
13 KB 46ms
44ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=15.5.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e116057214ce7f3becd92cb5f17c7f2c1624a5398b69e2446402f9c9c8a9a18

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 05:22:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"6434ee92-18302"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWUjs%2FFauhBUqehF8MOvYxl1isJJMb%2FDe1VkVXxycTVzIYj05JpWqQYO673UFDdusfhP%2BlQZiUBSqyBJX1cB0waeDxIiS7Q8iFm262nSv5lByH%2FtpKISKm9Bs4Q%2FktBf3bydhsFd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9a872867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 theme.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 3 KB
999 B 79ms
76ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=15.5.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 05:22:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"6434ee92-a2e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WowIqrSP07y9Nbcbbdf8J2%2BPbwKign%2B3UDrGqqBPPpfMEDy4lJobVn7jPXWXeg6FMwHW%2BSpjSXfbEqe8%2BerlJL7%2BzcUYDZsgYL7zftsDn6izcsC%2BbtPnUGLnRmnE6LPQPGtjHELI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9a877867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 classic-themes.min.css
www.cobaltstrike.com/wp-includes/css/ 291 B
522 B 50ms
48ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 05:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"64251c9d-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCZ6Ua69OEMXwDnOwD8k06BLPEDWu9crbUvte500NkdJyo7w18%2B1C9DR3GXySPP4df6hK84tIh9RpOKeGs8JeWAC0VEzEj7raKxhK%2BPPtQdsM5Ziz2H0glPdLN8Sa48AQlN3z%2FJH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9a87a867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 menu-image.css
www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 86ms
84ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cffb-d0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IacHr%2BjoWcXUrOxEEmRWVi9gw6VqD48Gy5hXwuKjsWX2FDmzsKjWKNMb42WY9COrSoRlaQZdMHJeS3wCEKig%2F6Wgp%2BTg1eSQG1T6Tef2VXrYOTXz53T0OSdBDv004rsM0Mk2V2L%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b87d867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 dashicons.min.css
www.cobaltstrike.com/wp-includes/css/ 58 KB
35 KB 79ms
77ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/dashicons.min.css?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff4-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=714qDAS61IHsOBlZxh4r7cfte2ddrUBZIAUi4XoBj50G8cKPKSU8di8rRt669GZdPiHHG6hhcmszedSg64Twsp7h3Ov3wv%2FZZttbUjv9HRDSTB6HN6q%2B%2FtmthyQwzVWrHWIukDxc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b87e867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 main.min.css
www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/ 211 B
494 B 78ms
76ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/main.min.css?ver=5.3
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 05:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"642a6293-d3"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6jRdPcYDgBEneUaveoB%2BySDeNrjS9g9ghrorJWfWAxdlHbNtDfsaTxiEUEuD41R40LUARnwiR7i9F4Js33J%2Fnh8mGz2aBJIEGbE7GzNPMUoZgM3Oxe%2Fdp4TOWe5srOoDWoVZnkB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b880867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 child-theme.min.css
www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/ 388 KB
54 KB 51ms
49ms Stylesheet
text/css 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772d0e1a6a803c833292ad59917b3d3758c7e0f0461681a93d1726e646e24a92

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 17 Apr 2023 21:37:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"643dbc33-61125"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEePf2U%2BtPP87dvKQmWVfcc3%2BZAuhdPq2UKJCMioluJS3HXEGm3XTNfgB8edcq4c8a7kEkHEadwg%2FPRh07w1KWlZW5byTBGZnk71zVjR9uA9Pm2YBcYcHVnAhniNOeS7%2BAFg902p"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b882867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 jquery.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 88 KB
31 KB 78ms
77ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 05:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"64251c9d-15ed7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVPpAfKwZa9LETmfMgSYKekDpZ7YXlSWlQgy%2FK%2B5%2FU8FKzrriCqg9izjQ8mhD3jSotuOrHuiFhacjz48T8GvgseXHvdXHTSkdiFj5BZwws%2Fj6GmBm80EJQQHCq2%2F%2FrJpoKQmQi2q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b884867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 13 KB
5 KB 49ms
48ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 05:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24620
etag: W/"64251c9d-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFhW%2F2Lh0GfTRuQqM3u5%2FVGQS8bm0BrMugNJXddr4xESq1kp1pFke2mn9OPzECNFz0dzAzu01h3HaGJQmYj3UzMxVHsMt6s3nV6V5n0aNn7Xs02u6rLPnfFG2Fn28uqOKfa1K8IZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b885867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 mmenu.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 69 KB
18 KB 77ms
76ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mmenu.js?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff8-1122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3%2Fi%2BplM05rCDHohmaiCY2HW5ji%2BBXdkKcYDmsnm99bkBTUsgrsa1RN2FyMMpxPAVkBQj75k5ImXskFS1zfxgXwizRgTntfp84R2l2wqK1%2FV8jT1snRckwxyTAdETg8mv%2FydYVB2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9b887867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 mburger.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 6 KB
2 KB 86ms
85ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mburger.js?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 84942
etag: W/"63d2cff8-19ec"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcKyBzTCOzYoalnFKaWiwrZyCp4r0e4iRAAcsmZRXeM7ByKkh9dithyJpzBJD16CoHWvdNscslDxU1kwOJLej6HWkkIYzMWXAHxMQF2zCVuQ8NINVBc1rICX59oaU3xNk%2FLeuDVg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8e3867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 mhead.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 2 KB
1 KB 85ms
84ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mhead.js?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff8-964"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdWq3flUh1WVCWoil0229V96Fq3prXCAsqhSf29aMUS%2FhUCYMY7XGmXHTpPXoDyxuLbhkCIEpfcAwzNgNmmzqnRYx%2Bu4NcGyKeo3zdmvKad3suehDkWeL2ZQAG0KdVk3cwz3%2FGra"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8e4867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 dcf00ad2d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 152ms
82ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/dcf00ad2d4.js

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8dcddbfca4d0e23ee940c69b71bc48dca83f19c7b3c7c7154d514315658fe1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7ba37cca1fdc8669-MAD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F1BWLBkpfaX9ymsBRZAh

GET
H2 200 fortra-skyblue-tm.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
954 B 93ms
91ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fortra-skyblue-tm.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff8-5ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6fH5gmG4EPU%2FB%2BM1IMNWE8sPhudNhoCfSdIGr%2FrcuPnvpzHV%2FNnmoGJ0FhrD4Mcb%2BPVMhZ0k8hVHNAUf1E1rEaO7AyHV1WOq0b8M5%2BHsCIEWL8fSycxOLTnUWwCnxGQFLlN%2FKjQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8ec867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 cobalt-strike-dark-bg.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 11 KB
3 KB 92ms
90ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/cobalt-strike-dark-bg.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff8-2c1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIGeHPUVdpOzXMVlHG7O1G1NaWnI9hgV8fvduJCYZOnbnCVPuAB0gYTqpOiin7EkhsAgAHkTCW1iNj4wZjLD%2Feb9Ir49uqcDYpxFhSzEJsvxssn6uxjRRshOwyyybYYS2hCkAfP4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8ed867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 fta-delta-white.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 297 B
615 B 72ms
70ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fta-delta-white.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118683
etag: W/"63d2cff8-129"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD21F%2BhMKr1f9jiBHpCel2%2FUhaa0qTdFatCnU%2BF6cJTrb1gGRi7B%2F4dXVy%2FOMU19cpJYkqbB%2Ft6l6ch1fn6vw09TMULkBX15tsIHGa4LD1%2F01q5h0ytD5IlnmWoKKBubxm%2FHxsHJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8ee867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 Cobalt-strike-anime-guy.png
www.cobaltstrike.com/wp-content/uploads/2022/10/ 235 KB
235 KB 71ms
70ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2022/10/Cobalt-strike-anime-guy.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86554
content-length: 240291
last-modified: Thu, 26 Jan 2023 19:09:41 GMT
server: cloudflare
etag: "63d2cff5-3aaa3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4dVz9EqzHY48CJERGpqipg7FkvOK9CfW1UGizuEgLih7t9rBCGRdMojlhZGpCbD9%2FyfRsg%2FCxqBcZWWk58Qt8TKbKgVs5HyiPZ8Kqe8e2czoCmHSoqwHm9%2F0%2FE6IyAiT5SluegP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ba37cc9e8ef867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 pricing.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 2 KB
1 KB 65ms
64ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/pricing.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86554
etag: W/"63d2cff8-6a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAWQ4jS1TYGaI5dsq23KwLB5HSTPax2ciIC5wHpLqvcQThtZmQsycE1Zs23aAH8OOzL%2BMXiAyDgCylz3pOgLfdZozZ5w28MFG%2F4wE3xgcTiue49tGCNPmL79fvGue%2B%2B2SorUIhcG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8f2867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 in-touch.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
953 B 92ms
91ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/in-touch.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86554
etag: W/"63d2cff8-4f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiM3jsagnUwJirsi8LAlsM2j80gk%2Fgp1wt3Sg9YDD3E2PXPO61Q%2F%2B0utXryLacJ3Awb6%2FpnouoOqFpZ17jn75kGTuOZQgOKlvwuvZxxvb994glb8R3xHEsr7HrbRgghWK1vRPojw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8f3867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 demo.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
1 KB 64ms
64ms Image
image/svg+xml 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/demo.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86554
etag: W/"63d2cff8-5a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5B2hEq1zmu8DzXQkQG%2BrcX3Cy9Sk1i0BAeSKWNgTfgkQ%2BFcCXDBj2Uu3JYl%2FAmJMp0B4zPw1LNL8D8lIZAxIY1wIRoMkQZaQjYL0jBt7ed8CwnL0NzwYx1%2FjEuy7ZDZVaorBHSu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8f4867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 ssba.js Show response
www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ 3 KB
1 KB 65ms
64ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1677950554
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2023 17:22:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86555
etag: W/"64037e5a-c26"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO3HSYDKQgmnnTuOy9rcj0qKObnBsPvzyn2xUUhVQ%2FS9X6OQ6y%2Bk3ASgvtty3nViVrE75JtGgSzqGAhaR0UFBVapsB1xTU8wYOGOaew7hSArNN5atMS7qzQqouY%2Bz4W1LPuySRKx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8e5867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 child-theme.min.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 83 KB
24 KB 73ms
71ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/child-theme.min.js?ver=5.9.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86555
etag: W/"63d2cff8-14cdc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5V0qsTcGFUT9Xmq7qFsEp%2BEGIst1eVIXGFfz4oG6PcFI%2BGiIWJ3XgKTgKIFAPn%2FgdCQXb643nU9I9%2FRHOaooGWArcg4ClPpRTF0Rz5I6zXGZJqZWe2Bv38AAF18%2FURdkL%2BZYIsh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e8e7867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cobaltstrike.com/wp-includes/js/ 18 KB
5 KB 73ms
72ms Script
application/javascript 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 05:22:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 87904
etag: W/"64251c9d-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEE9BZnfXHBT6mli0Yib2U4aixM4UGDdRDzAGR7sX2kvotBxh4OqDin2%2BNAm4d%2BmoS%2Fudg9IudoicD64rUpFyob88QsHqXek8o0CPM2IED0RPY6we694l70DXRTLo%2BXeuo%2Fvo%2Fh7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ba37cc9e90d867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
998 B 652ms
69ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

161a16e875e820dbc3ffa0657759d819f5ed378e09095288c6a69bdf615af299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 05:49:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 07:38:21 GMT

GET
H2 200 v1.7-164 Show response
consent.trustarc.com/asset/notice.js/v/ 78 KB
24 KB 66ms
66ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-164

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:09:21 GMT
content-encoding: gzip
via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1741
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 17 Apr 2023 03:19:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: woinQbzQeXpu2Sa6BY6o9Rm4qdJNnhtxIVcy7KbIpwwOmnf7gLKtEw==
expires: Fri, 19 May 2023 07:09:20 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 65FC 7 KB
2 KB 64ms
59ms Document
text/html 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 1015
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 19 Apr 2023 07:21:26 GMT
expires: Fri, 19 May 2023 07:21:26 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-id: h9XvWznFPUGchxHOibYJYaXAZ46lBQCG_gIK7Bps2segIiIzFUuvpg==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 558ms
91ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=es&state=&behavior=expressed&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW&c=3869

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 07:38:21 GMT
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: x5oNbLz3B8wyCcV0cABAZ9sMIWOk_rcMBcH6LlYAPqQMAbv31SrXcQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET /
consent-pref.trustarc.com/ Frame B132 0
0

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
427 B 90ms
90ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=es&language=es&rand=0.5778255272340242&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 07:38:21 GMT
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: h13saa53wSrbuMyfFnXKvcAPF1rsoOUZtsZdFcX1lr4-U7yPxlRh1g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
69 KB 538ms
78ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN4FLFJ

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

745a745290f133741f46e004ccb3ff239578638dad9e80b299c06abc37864679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70552
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 07:38:22 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 62ms
52ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 5698313
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba37ccec8658669-MAD
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 57ms
48ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 235199
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba37ccec8678669-MAD
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 61ms
51ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 235199
etag: "610ae215-a2b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba37ccec8688669-MAD
content-length: 2603

GET
H2

200

bg-1.png
static.fortra.com/cobalt-strike/img/
Redirect Chain

https://static.helpsystems.com/cobalt-strike/img/bg-1.png
https://static.fortra.com/cobalt-strike/img/bg-1.png

157 KB
158 KB

240ms
85ms

Image
image/png

2600:9000:225e:b200:4:d683:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fortra.com/cobalt-strike/img/bg-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Server: 2600:9000:225e:b200:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ehnDepPNW3RekUrPO55juMaHWCm_yxdi
date: Wed, 19 Apr 2023 07:34:33 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-request-id: GY2R626073PXR84H
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
age: 229
x-cache: Hit from cloudfront
content-length: 160799
x-amz-id-2: JD/purzQ5LEFoZr09YZAyLgL+ycvAZRDUU1YzyE8luhz/uUmdUGd178UraGlKbLxIWFaEoQsHPg=
last-modified: Wed, 30 Nov 2022 06:16:13 GMT
server: AmazonS3
etag: "cfca4bd5e4036da8fe6d3c0ca6303801"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Z-xl_6g7aVx64STFE70JMvpOeGGM4Ee309dwOZj_OWUwX_HrLYp6XQ==

Redirect headers

date: Wed, 19 Apr 2023 07:38:22 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://static.fortra.com/cobalt-strike/img/bg-1.png
content-length: 0
x-amz-cf-id: nG6IcoQOpkIHxuNfYrQwMpwz72R5P3Jn27TRotEmCYCsvd9rckpGaw==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 504ms
58ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:15 GMT
x-content-type-options: nosniff
age: 75967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:15 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 559ms
113ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:39:07 GMT
x-content-type-options: nosniff
age: 75555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:39:07 GMT

GET
H2 200 fontawesome-webfont.woff2
www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/ 75 KB
76 KB 44ms
44ms Font
font/woff2 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86554
content-length: 77160
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
server: cloudflare
etag: "63d2cff8-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq2taZLDioIAY3tnvQSNc9kPJhPLopiblr5AcapZGmyeQGSiHSNQ3MceCcWXShRER2GnrOf9UaOOdA9lc9vge%2FK2NxHjx3A%2Fbx9W%2BUDTME4QXYfpv19uahQsPZXv2gfWbul%2F32fV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ba37ccecab5867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 581ms
149ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:44 GMT
x-content-type-options: nosniff
age: 75998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:44 GMT

GET
H2 200 features-screenshot-1.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 100 KB
100 KB 48ms
47ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/features-screenshot-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86554
content-length: 101947
last-modified: Thu, 26 Jan 2023 19:09:42 GMT
server: cloudflare
etag: "63d2cff6-18e3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDVMU%2Bx9cGDmNb%2BmiG%2BRkpF%2FAR7A0EhZ9KIa8CPsniU3lJq4Hl7LW%2FKqJlzYFpYEb9GP0CShOUC%2Fv3aUC4fYiEQ7%2BN1oWOVseHCXEENqRjHWc2wybypgT9DOHbL2Z%2BIIGzZF9J6z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ba37cceeb00867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 comics-cover.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 283 KB
284 KB 55ms
54ms Image
image/png 104.18.14.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/comics-cover.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84294
content-length: 289802
last-modified: Thu, 26 Jan 2023 19:09:41 GMT
server: cloudflare
etag: "63d2cff5-46c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIrnlYsV6k1wn7dzAsCCI17CcBJTfr5xB43QTHExk9xzIS7aoK83Zcu2fupy%2Fz3FGfB9GyfRcXXsNSIplbnqfvDrjGl0OreXv4ZT5GcFFN5c%2BbEjFl%2FEkZbcRL6EG2GvvifO%2BCFb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ba37cceeb05867b-MAD
expires: Thu, 18 Apr 2024 07:38:21 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 5469 5 KB
3 KB 493ms
90ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mmenu.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 07:38:22 GMT
etag: W/"5147-1680489730000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-id: 1zST1KHDEzOkbU_IB7fBuxHAzl0Mn7iSV2nIkVCNw9Onbg_TDm6VFA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 19 KB
19 KB 51ms
50ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
server: cloudflare
age: 2303457
etag: "610ae35f-4d48"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba37ccfaa818669-MAD
content-length: 19784

GET
H2 200 pro-fa-solid-900-5.11.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 12 KB
12 KB 52ms
52ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.11.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:41 GMT
server: cloudflare
age: 235200
etag: "610ae361-2f70"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba37ccfba8d8669-MAD
content-length: 12144

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5469 5 KB
3 KB 95ms
94ms Script
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eee1dc0ebe943891e5ce3485588726083a94a95e0f35747b86278975ba41cf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:28 GMT
server: nginx
etag: W/"4867-1680489748000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: y9N3uOZx8NsAxmGvvT3wLArSNEp_mVBgdo6pZ-gF4ruJg7sUElA0LQ==
expires: Wed, 19 Apr 2023 07:38:21 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 5469 20 KB
5 KB 205ms
57ms Script
text/javascript 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 07 Apr 2023 03:15:58 GMT
content-encoding: gzip
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 1052544
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 89Sz2hU8hfK2arb3S4Mp7ufoNN4EiZi7ax_s7n59lzacu6MFcpkLIQ==
expires: Sun, 07 May 2023 03:15:58 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 5469 3 KB
3 KB 59ms
59ms Image
image/gif 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 06:42:33 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 3350
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
server: nginx
etag: W/"2608-1680489730000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: odaK9GdF-PM4VkchUWxYvreMvXdkBSeeckP_w-EIBUQmo9jy_H0fGg==

GET
H2 200 7887F73A3FE21D4E68B4A838E7D22E0C.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ACF1 139 KB
46 KB 71ms
70ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

26c3d9ac1022c3bc42a184d699ff00b92be83af89379f4873315bfd2fa0c5eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 194208
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 01:41:34 GMT
etag: W/"142492-1680489748000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 03 Apr 2023 02:42:28 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-id: BLu0V132-ZeBxB1tm-HIdQ33a0LENukp1E5setB4efG-rYFHNx0TeA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5469 969 B
1 KB 83ms
82ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 7887F73A3FE21D4E68B4A838E7D22E0C
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 0sqEi1kL9ZNqhlV8JSpn3GmJDfhq7jF4b3fkS90r-bh3FqHbmxn_EQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5469 48 B
622 B 83ms
83ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c2e76aa03e1f1ca2a8535f1e79cc15a29f5dd51e7953e13ba442fed0c37264c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 7887F73A3FE21D4E68B4A838E7D22E0C
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 07:38:22 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: mNkyygQC-cxvBN1LwtPrYVkPh5Xkv5fJzVYFmksAXg58okXsvRn4kQ==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 5469 28 KB
7 KB 60ms
59ms Stylesheet
text/css 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:11:49 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1593
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
server: nginx
etag: W/"29043-1680489730000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: mb98oJBBkekbKxAfaKcJLEcIMiLs_ssjcoKCZU67EUfiv0Uti0mgTg==
expires: Wed, 19 Apr 2023 07:11:48 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 5469 254 KB
87 KB 66ms
65ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

25d4f580509d3b3774dfa29f970283e352c650d4dd0d73c7182d0f6c6b706eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 01:42:45 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 194137
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:28 GMT
server: nginx
etag: W/"260177-1680489748000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: uBTeH_SDszTtlu5xM927gkIWmCiT_RF73WLmHuep4TybCCKRskQ_8Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 5469 19 KB
8 KB 58ms
58ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8ee157e66ede42010af123bf5f99fc4fa4ebea4c8f3f6bbe75240a295267973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 01:41:59 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 194183
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:28 GMT
server: nginx
etag: W/"19935-1680489748000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: an7X7z9_27euAJqaUW3wMvAGVvNyt78-QA58g-iuVYKhnX99eS1MHw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame A54A 5 KB
2 KB 393ms
127ms Document
text/html 3.225.178.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.178.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-178-175.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 07:38:23 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5469 786 B
911 B 85ms
85ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f4c0162179a1ce57995fa5a47412f373e908ea20f595af2d4cabf1f425551af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 7887F73A3FE21D4E68B4A838E7D22E0C
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 07:38:23 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 321
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: hB_lOAVIgwmfbO3TqCfG-3rtrP5ms2ANQhdzm4eRUmHAgScMdUm_0g==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5469 23 KB
7 KB 86ms
86ms XHR
application/json 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

155d9083b8a4d7d97440e4191805b69d50a6a116fcff0ad7539b6c1273a920e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 7887F73A3FE21D4E68B4A838E7D22E0C
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 07:38:23 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6183
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: w3de_KnzbM06sUjjI5cgQc4tWZrF2CZ5RGtLY0tDbiT3dnn_mJAZuw==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 5469 4 KB
5 KB 58ms
57ms Image
image/png 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:11:49 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1594
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
server: nginx
etag: W/"4197-1680489730000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: uL1qz6UZZ-8i-t_EUFOflXdvu-wqvd4K3aJ9JfJZz_rWbnyMl5XXIg==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 5469 7 KB
4 KB 57ms
57ms XHR
application/javascript 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7946f0bacb9c01951a9ba19ae7f4c3bed1a4251063e9ab8cf1f828ec222ddbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 01:42:21 GMT
content-encoding: gzip
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 194162
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:28 GMT
server: nginx
etag: W/"7220-1680489748000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: C0z1FKcZX-pJlXXMs8vrQAhLvEVzEJFNR-ByjDKq0alyMWvtg5KdDw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 5469 3 KB
1 KB 60ms
60ms Image
image/svg+xml 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Apr 2023 07:06:58 GMT
content-encoding: gzip
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1885
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: bU7FT-vYo-WQoR4qZh-4krJqKyuuFnQ0yzyKzcAH--7aOdZfLPOQgA==
expires: Fri, 19 May 2023 07:06:58 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 3DA1 2 KB
3 KB 58ms
58ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 1878
content-length: 2008
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 07:07:05 GMT
etag: W/"2008-1680489730000"
expect-ct: max-age=86400; enforce;
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-id: GjXdDX-usQW-TshGR38h7mffKY1gEgmr20CtTkDKobduI4CtQuTWqA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 5469 4 KB
5 KB 63ms
63ms Image
image/png 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:11:49 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P4
age: 1595
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Apr 2023 02:42:10 GMT
server: nginx
etag: W/"4197-1680489730000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: sbPAhqMwYqa2FVEJk2emIfA2CW4rDVksq3_E6aP5Q77cVcYXpfAOpg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cobaltstrike.com/	1970-01-20 11:11:31	Name: TAsessionID Value: 77d4ba0d-7c57-4cf4-ac28-36598c6584e5\|NEW
.cobaltstrike.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
prefmgr-cookie.truste-svc.net/	1970-01-20 11:11:29	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 11:11:29	Name: token_test Value: Wed Apr 19 2023 07:38:23 GMT+0000 (GMT)

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=es&locale=es&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=77d4ba0d-7c57-4cf4-ac28-36598c6584e5&userType=NEW(Line 55) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
prefmgr-cookie.truste-svc.net
static.fortra.com
static.helpsystems.com
www.cobaltstrike.com
www.googletagmanager.com
consent-pref.trustarc.com
104.18.14.56
13.225.78.57
13.32.121.99
13.32.99.123
2600:9000:225e:b200:4:d683:27c0:93a1
2606:4700::6812:1634
2a00:1450:4001:800::2003
2a00:1450:4001:812::200a
2a00:1450:4001:830::2008
3.225.178.175
52.222.236.115
0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff
155d9083b8a4d7d97440e4191805b69d50a6a116fcff0ad7539b6c1273a920e5
161a16e875e820dbc3ffa0657759d819f5ed378e09095288c6a69bdf615af299
19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
25d4f580509d3b3774dfa29f970283e352c650d4dd0d73c7182d0f6c6b706eb5
26c3d9ac1022c3bc42a184d699ff00b92be83af89379f4873315bfd2fa0c5eb1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3a56ae696b0f07c3798236798b976853ff30b3f1943f32e939e42025af619669
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4f4c0162179a1ce57995fa5a47412f373e908ea20f595af2d4cabf1f425551af
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781
6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d
6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53
745a745290f133741f46e004ccb3ff239578638dad9e80b299c06abc37864679
75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
772d0e1a6a803c833292ad59917b3d3758c7e0f0461681a93d1726e646e24a92
7946f0bacb9c01951a9ba19ae7f4c3bed1a4251063e9ab8cf1f828ec222ddbb3
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb
8ee157e66ede42010af123bf5f99fc4fa4ebea4c8f3f6bbe75240a295267973f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33
9e116057214ce7f3becd92cb5f17c7f2c1624a5398b69e2446402f9c9c8a9a18
9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9
a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2e76aa03e1f1ca2a8535f1e79cc15a29f5dd51e7953e13ba442fed0c37264c5
c41372cecf9026e2185b973fa4f39743407eece17813b015bcff59c1fffd1a5c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d
d8dcddbfca4d0e23ee940c69b71bc48dca83f19c7b3c7c7154d514315658fe1c
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f
eee1dc0ebe943891e5ce3485588726083a94a95e0f35747b86278975ba41cf0a
f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8
f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10
fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

www.cobaltstrike.com Open in urlscan Pro 104.18.14.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

45 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

1524 kBTransfer

3042 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cobaltstrike.com Open in urlscan Pro
104.18.14.56 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

1524 kB
Transfer

3042 kB
Size

4
Cookies

62 HTTP transactions
0 data transactions