www.cobaltstrike.com Open in urlscan Pro
104.18.15.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cobaltstrike.com/
Effective URL:
https://www.cobaltstrike.com/
Submission: On February 07 via manual (February 7th 2023, 5:49:14 am UTC) from IN — Scanned from DE

Summary HTTP 61 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 61 HTTP transactions. The main IP is 104.18.15.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.cobaltstrike.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 10th 2022. Valid for: a year.

This is the only time www.cobaltstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.14.56 104.18.14.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 27	104.18.15.56 104.18.15.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	99.86.4.54 99.86.4.54	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	13.224.189.76 13.224.189.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:1e00:4:d683:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	143.204.215.63 143.204.215.63	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.35 65.9.66.35	16509 (AMAZON-02) (AMAZON-02)
1	54.221.189.17 54.221.189.17	14618 (AMAZON-AES) (AMAZON-AES)
61	10

1 104.18.14.56 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.18.15.56 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cobaltstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.4.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-54.fra6.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-76.fra2.r.cloudfront.net

static.helpsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:1e00:4:d683:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fortra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.215.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-63.fra53.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-35.fra56.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.189.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-189-17.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cobaltstrike.com 2 redirects cobaltstrike.com www.cobaltstrike.com	904 KB
22	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2908 consent-pref.trustarc.com — Cisco Umbrella Rank: 15217 consent-st.trustarc.com — Cisco Umbrella Rank: 30157	217 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1468 ka-p.fontawesome.com — Cisco Umbrella Rank: 3405	96 KB
3	gstatic.com fonts.gstatic.com	70 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 30347	2 KB
1	fortra.com static.fortra.com	158 KB
1	helpsystems.com 1 redirects static.helpsystems.com	262 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	66 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1001 B
61	9

	Domain	Requested by
26	www.cobaltstrike.com	www.cobaltstrike.com
15	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com prefmgr-cookie.truste-svc.net
6	consent.trustarc.com	www.cobaltstrike.com consent.trustarc.com
5	ka-p.fontawesome.com	kit.fontawesome.com www.cobaltstrike.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cobaltstrike.com	2 redirects
1	prefmgr-cookie.truste-svc.net	www.cobaltstrike.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	static.fortra.com	www.cobaltstrike.com
1	static.helpsystems.com	1 redirects
1	www.googletagmanager.com	www.cobaltstrike.com
1	fonts.googleapis.com	www.cobaltstrike.com
1	kit.fontawesome.com	www.cobaltstrike.com
61	13

This site contains links to these domains. Also see Links.

Domain
download.cobaltstrike.com
cobalt-strike.github.io
www.fortra.com
www.coresecurity.com

Subject Issuer	Validity	Valid
www.cobaltstrike.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-04-10`	a year	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.cobaltstrike.com/
Frame ID: 86534743BEB482E39875AB19AAFA27BB
Requests: 42 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: D4E47685C7CE95A857E683E0D6800626
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 9EAE255674D5E5D6B589414945049C56
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
Frame ID: CB712B96C971C831E661733033454640
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: F21910CE776B7F733BCC72A92EA46D15
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: BD2584B4B30F6CEC293B74750C95E610
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cobalt Strike | Adversary Simulation and Red Team Operations

Page URL History Show full URLs

http://cobaltstrike.com/ HTTP 301
https://cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

10
IPs

3
Countries

1514 kB
Transfer

2996 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://download.cobaltstrike.com/download
Title: Download

Search URL Search Domain Scan URL

URL: https://cobalt-strike.github.io/community_kit/
Title: Community Kit

Search URL Search Domain Scan URL

URL: https://www.fortra.com/

Search URL Search Domain Scan URL

URL: https://www.coresecurity.com/?__hstc=173638140.7cd4c336b7db51dc41ba94289a7e8945.1629149018896.1629339131200.1629385064224.7&__hssc=173638140.17.1629385064224&__hsfp=1865500357
Title: Core Security

Search URL Search Domain Scan URL

URL: https://www.fortra.com/impressum?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.fortra.com/privacy-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.fortra.com/cookie-policy?__hstc=173638140.bbe2e957d5fb20ffc63ba13a9249b717.1637095243778.1637095243778.1637098983688.2&__hssc=173638140.2.1637098983688&__hsfp=150452273
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cobaltstrike.com/ HTTP 301
https://cobaltstrike.com/ HTTP 301
https://www.cobaltstrike.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://static.helpsystems.com/cobalt-strike/img/bg-1.png HTTP 301
https://static.fortra.com/cobalt-strike/img/bg-1.png

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cobaltstrike.com/
Redirect Chain

http://cobaltstrike.com/
https://cobaltstrike.com/
https://www.cobaltstrike.com/

48 KB
12 KB

499ms
484ms

Document
text/html

104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 68a0b9d929a714c3e242ebb4400453772d274e2adbd1c03bb37f2047a728a92c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7959d7325e363655-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 05:49:09 GMT
link: <https://www.cobaltstrike.com/wp-json/>; rel="https://api.w.org/" <https://www.cobaltstrike.com/wp-json/wp/v2/pages/8928>; rel="alternate"; type="application/json" <https://www.cobaltstrike.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O65BIjru0sV5I%2BesglK1cHDFWr0lndc88aJ90EaMoml8%2B5rWJCJ2xPYqP80%2BSVyBZ0I9hr1dD670hULQ5dKtv0x5LrsjeIgIkMii%2BiPueA23ojoEQV9FEsu%2BpeJaTHbi4SGlBIrb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7959d72efbb23655-FRA
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 05:49:08 GMT
expires: Tue, 07 Feb 2023 06:24:12 GMT
location: https://www.cobaltstrike.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeJZp90bvgoLH%2BZjHGCNaY2vQlJIO6%2Fk72ZoEeVGfz9ZQJFRmgON529c0l1l0UCRlq%2BB1ROGTKsfvu39eC7JvdZTaDJh%2BtMiRSeiDCicB7cXKnJDQbimKkFzs1%2FKkMjO6x8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: HIT: 3
x-cache-group: normal
x-cacheable: non200
x-orig-cache-control: max-age=3600
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 131ms
52ms Script
text/javascript 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

d99a2c562b740f203708330f9fe7009c711dc3805a06da1f4bea92e45d363ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 4170
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
timing-allow-origin: *
x-amz-cf-id: vu1bNDHolNLvGEk0Pf_6s-Yz0U35dYpTF5qM2PcVPSEnuxF22WbpmA==
expires: Tue, 07 Feb 2023 06:49:09 GMT

GET
H2 200 style.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 94 KB
13 KB 31ms
28ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=15.0.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377d87945daf159f87a1eec8af680a79aa658f957a89cd40eeacc907bd92a0ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510334
etag: W/"63d2cffc-179e9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EElmRuj0MzqGPqbvpGN1km%2BqSj1XADHeah6J%2FSPWu1Llxz46Au7rVAVyMk65tK67M0mR9hTl8yu5lPMoxhmLqPSsCQiIujNCeP46yp4XvRaQrQG2ABZ%2FmmmVtXz4UeRmjBCNmOBS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568a63655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 theme.css
www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/ 3 KB
1005 B 33ms
30ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=15.0.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 275570
etag: W/"63d2cffc-a2e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FVOW%2BhsuEeqIlYTjz52QSRwLK4Gfdz6n4DeWz%2FuKbrJuETbiKprwGr4YCCxkW7WWhQaNZyAk%2BprywdAdzFhbmSAYIZSB3HACUVOJymgDy1Q8%2FAiwKrTJw9n9LqvUziFJjXVWDN8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568a83655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 classic-themes.min.css
www.cobaltstrike.com/wp-includes/css/ 217 B
503 B 34ms
31ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510334
etag: W/"63d2cff4-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB2w7B20fl8yummJU1AzI%2Blfcm7YeipIl2lyc0rx7NrOGCg3B%2BdlqzOE%2BDuGzLxYsGn3ze%2BD%2B00cs4%2B89kGAXZF%2FZzQ7qDdVM2Z2vtwNqwoyMS6E9YAv0m7YpbZXaFEzlaeicfbd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568a93655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 menu-image.css
www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 52ms
49ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cffb-d0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUBxSrGWbBoLCFNzFBfPLCrhE7E4C9sAH6m3Qbn5BPR9%2FQyfK6dqhYK8zndAynAjyZe5fV2Yy7uAWdCoXoJ%2FKHX7fjaduFOMKuyIekCZ%2F6TAPewLAfY4VmTCsx%2FKw8Mtzh2TUZRA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568aa3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 dashicons.min.css
www.cobaltstrike.com/wp-includes/css/ 58 KB
35 KB 51ms
48ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 512248
etag: W/"63d2cff4-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdK%2FJ37vafGo9a6W1tBX74P1iJRnoq%2FCUfJFYSNvhmZXoOGOmlDitytFMnrut7Fav99w%2BT0U243m%2Bg86e2J%2Fg%2FTOTUqzewtUuikAtMAzPsv3ehaGKR4iSfV7xTKdAtnctTAG5Ivg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568ab3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 main.min.css
www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/ 211 B
465 B 34ms
31ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/youtube-embed/css/main.min.css?ver=5.2.3
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 275570
etag: W/"63d2cff8-d3"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaScDCuC%2FqZE2gv%2F9SMshSvkxTqsC2bVrR8d2nae6%2BLYAKMNOfJKVKd%2B%2BqPIrnvYWQP6jsu2YezPY16Q8vkdMHDJ0hDyvlyjv1seGPuEscd6qUFm5rDUz8WVZsKVpPGAD73Jx2eN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568ad3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 child-theme.min.css
www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/ 358 KB
50 KB 34ms
32ms Stylesheet
text/css 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf627256fb3cadccf0da8de3947f51a76873a76584dbaf65d394e079c5e3ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-59990"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjT%2F3c1ToguHRgUW278Emz4kWyYxQVAGl5OYeq8cuLUiihRxr5wMz6j9IMllA0KjggRhdt4pU8OtpqYszH8iTHE0OrjerBEyKuFf2sRmnFuARkp7w8jfi0%2FQKdXmED%2BWc35Ku%2FqY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568ae3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 jquery.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 88 KB
31 KB 50ms
48ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff4-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyrWODbAXzrVEbLW3NnA8KB6m%2FFJzPC3IWfueW7tkO6qGfWn8oOFdqAVlfYfPkeeWoyI3UGY8y9F7XiBZnd58vUcBe4DeL%2Fjmqjoxgy9eO3ZMvisYllY4WByDY7rLUFUdKhhNeqk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568af3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cobaltstrike.com/wp-includes/js/jquery/ 11 KB
4 KB 49ms
47ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff4-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZbss7YExmHOIyBUQZO3NOfiVZPeLmgwKeKPlxQCoTFjT3k0cF3l9XXCb2xRgPy6VZeIR7lCZYO9NjMzBiI7o6PCCItwfjWxkRI%2BxcXsJ5BexGMuXX26A6DoAl65847KfEHWuoGr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568b03655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 mmenu.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 69 KB
18 KB 50ms
47ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mmenu.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-1122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlcPXXXh0pqSpOO5kXyJcJ9AAR3YVPufeQIDBdI23AePnzdma6cujF0nQlk%2FVIrlD%2BgQPulLYVQE7opWND8hSrgETO9dTFuS5S2ihdYD7FvVHvcM8LM2BhPH4w7pHocxnzpyJrgo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73568b23655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 mburger.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 6 KB
2 KB 56ms
55ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mburger.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-19ec"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz%2B9IHMljAMZqWKP8N%2FNeBvL7%2F6c5Pmj7rdLYZFbYGCdYUJBRD67bF48IysBc4BffvxIlruN4j2XXz3ZTYXfeumeCSYds9bT3KL9f%2FqsrljW5zRdS4ABj9LFMuUtYWgJ5D47itnY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73588c03655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 mhead.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 2 KB
1 KB 56ms
54ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/mhead.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-964"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OnI6fvrooFAg5H1uhMrIuGFqMPyFGFFsDH%2BURvB%2BJmRxRWLJyuZcjpXkKt%2B%2FNFeIfOjh1zB6%2F0sX%2FRffmF%2B%2FjLL6nIeikJcEKAPue6OlVkKMBAeQ4xHAw%2BV6lzEiAbeflzTAIzU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73588c13655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 dcf00ad2d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 82ms
37ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/dcf00ad2d4.js

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f433b7fd1447fb9ebd43603275f772c6f79825242cc1d827998bd80207a8efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7959d735bc7139d4-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fz-W-bNiWk6geDYqbG5h

GET
H2 200 fortra-skyblue-tm.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
936 B 29ms
28ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fortra-skyblue-tm.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-5ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8ajr%2FP%2BEwK%2F3fyWU9Po8SOg8BPs%2BqHOel9VtoQFNsLUEOvGBe%2FL5FFAWjqWp504AHTSa3MuLIQXlerpkadaFBO7%2BE1iV%2FrJWQL1JKBK4KjYratMVBiwJsvoFN8DXD3EY4o90fXp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d735d9113655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 cobalt-strike-dark-bg.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 11 KB
3 KB 30ms
29ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/cobalt-strike-dark-bg.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-2c1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIhdKKrwVkWrkZou8gMeFy7PxbzZKDzCibaCwF57MCCDvIefRBCyJ%2F2Um4LG4otFmy3ufsgRVZf%2BixuapcwjgKcShyi9ggo5sIo%2Bw0y4VrvHK5DxzYpj%2Bc9TTnXLHMV9t1EJfkPs"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d735d9123655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 fta-delta-white.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 297 B
555 B 42ms
41ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/fta-delta-white.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-129"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilkKdC9Q1Ji%2Fj0cvrEkRuGbnFLO1%2FeKCz5CjHSUzntzRox%2FUZEk2DDhI%2BeVH%2BW%2B%2FQhpvgMiJC5YjUiARVgsl4E0gAESgpsWITC%2BPsGM8QmrfkhI7iAqVnLPzZNF8%2BniBaOzptlwh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d735d9143655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 Cobalt-strike-anime-guy.png
www.cobaltstrike.com/wp-content/uploads/2022/10/ 235 KB
235 KB 33ms
33ms Image
image/png 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2022/10/Cobalt-strike-anime-guy.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 275570
content-length: 240291
last-modified: Thu, 26 Jan 2023 19:09:41 GMT
server: cloudflare
etag: "63d2cff5-3aaa3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG4Lup6fpJX%2BXJeJnl4d7NjMEu3HE%2BmFwtui11gmYQlbHSbIa1K9SF%2BBCjhxneBbdA4zZHPY3B7LSuBsheSKF%2BgJqJaqv%2F%2FQTBiggxOl2drCIb%2FPnrbuzERhdss4v2XbsTxC3iO%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7959d735d9153655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 pricing.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 2 KB
1 KB 31ms
31ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/pricing.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 275570
etag: W/"63d2cff8-6a0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YeksHc9tG64Gy4PaS3ldyMMf%2BeSPvTCFSQCqwnaNBhGxTHV8hnTk3vCXMR0jh2ua%2FTI%2FVsMrCzq6stCvLFOwgPE%2FC7O83moqt7o%2B2lzzfl3cv68l3lh1UHT%2FadfRct7LOoJ%2BKr5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73609413655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 in-touch.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
962 B 29ms
29ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/in-touch.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 508488
etag: W/"63d2cff8-4f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyYscj9h%2FGQ5iBqUzAlkFhi4QCQwHvq9vMyKM0GZCTqqPHIIISQnSZ6wgonBUIdcew13%2BENr%2B%2FWkewuIQxQoxOErq0lYB3AKMngZCjf4yuM9rfUiIBoKyKtycRhIPh8MjEsUoQUj"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73609423655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 demo.svg
www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/ 1 KB
1017 B 29ms
28ms Image
image/svg+xml 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/img/demo.svg
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 275570
etag: W/"63d2cff8-5a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYcywlqBtglrgqZS16TIvFDLD3oh9Mz62%2BaXCRE4Rd6TgHxmFHNXuq42v9xB1qheap0Z72%2B9Pbrn7WQyGM8yeuxbdXh%2F5YN36vTKoX2oCNVu1YqaMCUeklzmeIGZS4S7c9qNDbiJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d73609453655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 ssba.js Show response
www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ 3 KB
2 KB 43ms
42ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1674840148
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:22:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d40854-c26"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LHU94wyq033pDu5eoBY%2BVc7FNld%2BRsIuomyQJX20cEq%2FbzTGzkL2YTqLVSTd6r6IivZ%2BINjbICdqAmuncumUuZaytAOSp%2FANsCE0ZD5r0g7kJBMmXLFebvpLPjYYGcHWCxD9s4m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d735d90e3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 child-theme.min.js Show response
www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/ 83 KB
24 KB 32ms
31ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/js/child-theme.min.js?ver=5.9.8
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff8-14cdc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn6%2Foo%2BZl42n05o1F8cNDvXRwnitDdE1qWOC1OPOLNGh1Tn6Qsj9YRrfPj4Qjr9zHzWcaoNYebLlr%2FpyW5gVbOwGBynqynsbST7vTS9QZyC8yW%2BMZURgStEro2%2FoiwOZnc1Jjw%2FF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d735d90f3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cobaltstrike.com/wp-includes/js/ 18 KB
5 KB 28ms
28ms Script
application/javascript 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 19:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 510333
etag: W/"63d2cff4-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uABPok6Qh%2FgLkg4Jb4%2Fc9tDZG1%2FRabUm0VAIgxW8AbjaCn9It%2FBtIkus%2BQHtyHRye1iFRc3TkjNUfY0dq1OBVYLPyGTuau1C1wJN%2F6bXuYhSBbDeCCevXoXXqidaBl3zSiIXaQ%2B0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7959d736295e3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1001 B 88ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 04:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 05:49:09 GMT

GET
H2 200 v1.7-10255 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
23 KB 24ms
24ms Script
text/javascript 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:12:44 GMT
content-encoding: gzip
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 2185
x-cache: Hit from cloudfront
pragma: public
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 1U5clW2wVFQzDjLEDYk_o0C--AI0Owd6t9kJlaM7t7XqLwC-bcUUKg==
expires: Thu, 09 Mar 2023 05:12:44 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame D4E4 7 KB
2 KB 60ms
20ms Document
text/html 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 913
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 07 Feb 2023 05:33:56 GMT
expires: Thu, 09 Mar 2023 05:33:56 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: n5GNBqbj6os_m1BCUIcQStrIHJTLICnzWgS9khYM4gJ_Gm1YZ2MvZQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
429 B 92ms
52ms Image
image/gif 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&c=1b6a

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 05:49:09 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 5aMJX3yicQG46qQ9dVZxCZcvJlL24xuWepNVS9ZVGIKkzP8fMJRf8g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
66 KB 107ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN4FLFJ

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65e36cd396a99dad9493d427409ba79dbdf08cbdf5d2f9cbe32611e1d0ae73e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66891
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 05:49:09 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 38ms
29ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 525362
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7959d736ad4539d4-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 37ms
28ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 239270
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7959d736ad4439d4-FRA
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 58ms
50ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=dcf00ad2d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dcf00ad2d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 525362
etag: "610ae215-a2b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7959d736ad4639d4-FRA
content-length: 2603

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 74ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 11:05:12 GMT
x-content-type-options: nosniff
age: 153837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:05:12 GMT

GET
H2

200

bg-1.png
static.fortra.com/cobalt-strike/img/
Redirect Chain

https://static.helpsystems.com/cobalt-strike/img/bg-1.png
https://static.fortra.com/cobalt-strike/img/bg-1.png

157 KB
158 KB

241ms
126ms

Image
image/png

2600:9000:211a:1e00:4:d683:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fortra.com/cobalt-strike/img/bg-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Server: 2600:9000:211a:1e00:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:28:52 GMT
x-amz-version-id: KhusPF34VVOftPiVFsa7UtvDT_9JL68m
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-request-id: VADX5NG865HX21ZY
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
age: 1219
x-cache: Hit from cloudfront
content-length: 160799
x-amz-id-2: 1kEL3D3K2mwkjtbMI+ZPclh0U7IDA/tr8/IuBWe3g2aKnw0WlkGhP/VRXU+5F0ztojOLaMIpYg0=
last-modified: Thu, 18 Feb 2021 20:48:40 GMT
server: AmazonS3
etag: "cfca4bd5e4036da8fe6d3c0ca6303801"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Cd1wfvLn4cVf_glFswcnPrs81j_JDgBgG9_qi8fu-hhI3BdNUf_MPw==

Redirect headers

date: Tue, 07 Feb 2023 05:49:09 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: GeneratedResponse from cloudfront
location: https://static.fortra.com/cobalt-strike/img/bg-1.png
content-length: 0
x-amz-cf-id: Y7pU77CkLVr77-IiEFqv-ByjEfGvltzrXS-2LxadLVf8pU82MtUREQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 73ms
47ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:53:51 GMT
x-content-type-options: nosniff
age: 338118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 07:53:51 GMT

GET
H2 200 fontawesome-webfont.woff2
www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/ 75 KB
76 KB 29ms
29ms Font
font/woff2 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.cobaltstrike.com/wp-content/themes/cobaltstrike/css/child-theme.min.css?ver=1
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510333
content-length: 77160
last-modified: Thu, 26 Jan 2023 19:09:44 GMT
server: cloudflare
etag: "63d2cff8-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXFWb4zP3ZzGCUVSUZlhNHLTvuSwTUSkEkrv6dkDOwqXYloRtbVCRKeBKGE296KhnCzwTgr6Iq8sNP06Egh2w70rKR3WDA4e6wD4oGGJPk7exx93azuG8XvEngzw%2FUUMA3tQBTyW"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7959d736c9cc3655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 71ms
56ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 12:15:49 GMT
x-content-type-options: nosniff
age: 236000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 12:15:49 GMT

GET
H2 200 features-screenshot-1.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 100 KB
100 KB 30ms
29ms Image
image/png 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/features-screenshot-1.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508488
content-length: 101947
last-modified: Thu, 26 Jan 2023 19:09:42 GMT
server: cloudflare
etag: "63d2cff6-18e3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOkWaj68MOSAs0QQ35YNBNQZRQDtFhDhrYlR1XoakeRrBb69yiIlVriM0G6fDX7S%2B0jb4f5SZKtnVR1AdYh%2BuDmDp4%2FN6Krt5aF90PB%2BeiTDHRB0sjk5bIiiMUaGNQznAZPw7QuY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7959d736e9e03655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 comics-cover.png
www.cobaltstrike.com/wp-content/uploads/2021/11/ 283 KB
284 KB 37ms
36ms Image
image/png 104.18.15.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cobaltstrike.com/wp-content/uploads/2021/11/comics-cover.png
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.15.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508488
content-length: 289802
last-modified: Thu, 26 Jan 2023 19:09:41 GMT
server: cloudflare
etag: "63d2cff5-46c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbMFHdCDYCh%2F8NAMefbxX89IZIP%2BwjqIF70BKxZB8Wt3Pg7rBYzYJ51goDEOHxePNcluBFGrXLfVsOgx5KpDOd9T81GR9zXuCHIEisozDwWxsufFChUH%2FUhNYACh0D0eWKMzjx8R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7959d736e9e13655-FRA
expires: Wed, 07 Feb 2024 05:49:09 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 9EAE 5 KB
3 KB 90ms
23ms Document
text/html 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cobaltstrike.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73731
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 09:20:18 GMT
etag: W/"5147-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: 9UoRoWrwtFC-bdBeBPwNEWybJTo6WvbrGlKogZSMrWBNugY_1n1A4w==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
529 B 56ms
54ms Image
image/gif 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.8110661592253343

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cobaltstrike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
timing-allow-origin: *
x-amz-cf-id: Toj1kby9ZjVrugmpVXgZpsqZXTqNNLy_UUQj_I88_quQOLZhG3OjKA==
expires: Tue, 07 Feb 2023 06:49:09 GMT

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 19 KB
19 KB 32ms
32ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
server: cloudflare
age: 525362
etag: "610ae35f-4d48"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7959d7375de739d4-FRA
content-length: 19784

GET
H2 200 pro-fa-solid-900-5.11.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 12 KB
12 KB 29ms
29ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.11.0.woff2
Requested by: Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d

Request headers

Referer: https://www.cobaltstrike.com/
Origin: https://www.cobaltstrike.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:41 GMT
server: cloudflare
age: 525362
etag: "610ae361-2f70"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7959d7375de839d4-FRA
content-length: 12144

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9EAE 5 KB
3 KB 127ms
126ms Script
application/javascript 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"4867-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: yEtONjh_YZuG9YyXaZaZpIw4ft3GVLqsV57BQnJI2nFe3CxDYptDzQ==
expires: Tue, 07 Feb 2023 05:49:08 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 9EAE 20 KB
5 KB 79ms
22ms Script
text/javascript 65.9.66.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-35.fra56.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Feb 2023 16:44:11 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 47098
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: cVWZoiUV3MOctX54yykJe1qFyudl9wE1w93n0QFwBwgpB-61eVCfdA==
expires: Wed, 08 Mar 2023 16:44:11 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 9EAE 3 KB
3 KB 21ms
21ms Image
image/gif 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:59:39 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 74976
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"2608-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: xk5bU8XVMKRDEorMqI7nbreuRj2U6TYcvu9rOLFrp5PKR-SkXOGOKQ==

GET
H2 200 9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CB71 139 KB
46 KB 25ms
24ms Document
text/html 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1730733
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
etag: W/"142492-1672992016000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: _FGBmXeguipqxyN8ud7t8yX3MT1VIX1R2FdmiFOOE_eSbzkxSn5Z6g==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9EAE 969 B
1 KB 125ms
125ms XHR
application/json 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: GhEuGPHfyOJh33DxEv6aPsoYtavoN3gWj0qf20ItQQZ4WPm7_UVG1Q==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9EAE 48 B
621 B 47ms
47ms XHR
application/json 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ddce61de4e808305b00a283bc7755fe379db673e2b3072ebe77e0e3fce5494aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 05:49:09 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: cfl9l-kIidJfSS3VK1xjm14K9CoAQWSZuaOddrvo7EyFCQh74WNwvg==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 9EAE 28 KB
7 KB 49ms
49ms Stylesheet
text/css 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 05:49:10 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"29043-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: rDuFGeDDn_REIF3Mu5KNhJ6H9gHN1dJOa-DBA62qxGxE-SjZnwHjKw==
expires: Tue, 07 Feb 2023 05:49:09 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 9EAE 254 KB
87 KB 24ms
23ms XHR
application/javascript 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:02:59 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 1730771
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"259669-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: ug8aoa-9n-zmOdmvSbx_LKzMUqFhbLvhWAwIgrJLbaxjJPcohwWA6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 9EAE 19 KB
8 KB 22ms
21ms XHR
application/javascript 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:11 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 1730759
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"19787-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: DBsCUpSM4g2att_AvY0j_g_lu-HrQH9wFU7xi-_Rxrx2wU6wte3D7Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame F219 5 KB
2 KB 361ms
115ms Document
text/html 54.221.189.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: www.cobaltstrike.com
URL: https://www.cobaltstrike.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.189.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-189-17.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 05:49:10 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9EAE 786 B
912 B 128ms
128ms XHR
application/json 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6de57940f4e65bfbdfedf90150068a0880d58e70e6328ca55ca1bdc2d7f9301a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 05:49:10 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 321
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: K0YZfxq2j55Q0FNfUUsZf9cwgPbkNhdRouk2SReIr7FNxyIRbsFhQA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9EAE 24 KB
7 KB 128ms
128ms XHR
application/json 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 05:49:10 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6347
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: XsrVvuo8yBrdWgU3wNr7xn8en3jwRfrBwblHr91M1kosB6odUMJzqg==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9EAE 4 KB
5 KB 22ms
22ms Image
image/png 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:44:57 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 79453
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: z-QH2R0nbn8MQupCwUQG_iiAjFpcSV3eqwaQPcnHn3gDZv2Hi8Fpsw==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 9EAE 7 KB
4 KB 75ms
75ms XHR
application/javascript 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:12 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 1730758
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"7220-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: RLbX6MoeOPwOb2yg89ADOdormxv5i5K2m7ovQLVxXPMXkapk0nU4Dw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame BD25 2 KB
1 KB 43ms
43ms Document
text/html 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34175
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 20:19:37 GMT
etag: W/"2008-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: r0zbCI4iEe_cy0Y6VbgTTL4Yvvt9swZyXIN2lAJyUadgCdCph12VxA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 get
consent.trustarc.com/ Frame 9EAE 3 KB
1 KB 23ms
23ms Image
image/svg+xml 99.86.4.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-54.fra6.r.cloudfront.net

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 05:47:47 GMT
content-encoding: gzip
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 83
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: IjIgSXb-WdSMCVLlynGJFJTpZ8yG1-kuRBfSmQv-jg3Pdgw1OqT5lQ==
expires: Thu, 09 Mar 2023 05:47:47 GMT

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 9EAE 4 KB
5 KB 22ms
21ms Image
image/png 143.204.215.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-63.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:44:57 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 79454
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 7w5Cx6AxOGnQI7Km3YGZisd6rEh41lT3Ajsy9HPybDlu5qtmF0U1Gw==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cobaltstrike.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
prefmgr-cookie.truste-svc.net/	1970-01-20 09:29:08	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 09:29:08	Name: token_test Value: Tue Feb 07 2023 05:49:10 GMT+0000 (GMT)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cobaltstrike.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
prefmgr-cookie.truste-svc.net
static.fortra.com
static.helpsystems.com
www.cobaltstrike.com
www.googletagmanager.com
104.18.14.56
104.18.15.56
13.224.189.76
143.204.215.63
2600:9000:211a:1e00:4:d683:27c0:93a1
2606:4700::6812:1634
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
54.221.189.17
65.9.66.35
99.86.4.54
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e4dab8d8160be12cf844bfb865757bd26d402d2c5f4ef44c9668765845802fd
0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
125adb79c10603ee2d55161d8951bead4ff7f796967786b979791e02971690ff
19b8580d9b285e3964ef3ae1325bb0d8671ecf6b7afd4fd6be647f3d1f68b1d8
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429
224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
377d87945daf159f87a1eec8af680a79aa658f957a89cd40eeacc907bd92a0ef
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bf627256fb3cadccf0da8de3947f51a76873a76584dbaf65d394e079c5e3ced
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f433b7fd1447fb9ebd43603275f772c6f79825242cc1d827998bd80207a8efb
63a53143de1fa7c9ec3aecf4060efb78c336df0f384c4b7db72596f6b14a2781
65e36cd396a99dad9493d427409ba79dbdf08cbdf5d2f9cbe32611e1d0ae73e3
68a0b9d929a714c3e242ebb4400453772d274e2adbd1c03bb37f2047a728a92c
6bcade3d96c0c0fb1950e54b96b0f4cfa7f51e45a99dd8f12224fb0530ac432d
6de57940f4e65bfbdfedf90150068a0880d58e70e6328ca55ca1bdc2d7f9301a
6e56084b20ef7de5d9f01bd95bb64fbdaa055459691aa66af1c46a79f7d43d53
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
75125d2f1de964d2c0d0bd02f5f6f73ed6258e84bfad8ac4902ed8e66175ac16
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb
903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92d768cdf93b6e4111d9681076cbb52b36799a4df8cc8fdf475adbac903f3a8c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9de6faf69d60c4e5e426634bfd1c7afda005bd47ad2a0247befb29e3634f1a33
9e8e0093ddecdf250bfb4e95e264b0095c2c06f109e8f8b6ff0a38c07d909cf9
a0092b97349a18e065497f4007f9bd5c28e05031e2269c521fc80f38eeb9d414
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c79f21bf9dba9c355aa19806c7f4fa81cc70d2f004f43612b1ca394c913c655d
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d99a2c562b740f203708330f9fe7009c711dc3805a06da1f4bea92e45d363ecd
ddce61de4e808305b00a283bc7755fe379db673e2b3072ebe77e0e3fce5494aa
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec9f8c9d2e03417ce6655dda5896fb14ee2aa66a94eefe83975d2458a6c1652f
f0916b04a6bd6a9c5a9c9721e8749a0d952b39ba9303399faeacba8a65dd9a92
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f7ef58efaada2664bec27e9c84699bc2d2449babe6e21c3ead85e577feb92da8
f962ea052383e066291f943eb01b1c0cc8314900431aae47bf271cc301239e10

www.cobaltstrike.com Open in urlscan Pro 104.18.15.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

42 %IPv6

9 Domains

13 Subdomains

10 IPs

3 Countries

1514 kBTransfer

2996 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cobaltstrike.com Open in urlscan Pro
104.18.15.56 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

10
IPs

3
Countries

1514 kB
Transfer

2996 kB
Size

3
Cookies

61 HTTP transactions
0 data transactions