powersploit.readthedocs.io Open in urlscan Pro
2606:4700::6811:2052 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
Submission: On October 17 via manual (October 17th 2022, 8:12:35 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6811:2052, located in United States and belongs to CLOUDFLARENET, US. The main domain is powersploit.readthedocs.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 18th 2021. Valid for: a year.

This is the only time powersploit.readthedocs.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700::68... 2606:4700::6811:2052	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3 3	2606:4700::68... 2606:4700::6811:2152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:61d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
20	6

10 2606:4700::6811:2052 (United States)

ASN13335 (CLOUDFLARENET, US)

powersploit.readthedocs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:2152 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

media.readthedocs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:61d (United States)

ASN13335 (CLOUDFLARENET, US)

assets.readthedocs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	readthedocs.io powersploit.readthedocs.io	173 KB
7	readthedocs.org 3 redirects media.readthedocs.org — Cisco Umbrella Rank: 218435 assets.readthedocs.org — Cisco Umbrella Rank: 98895	100 KB
3	gstatic.com fonts.gstatic.com	78 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 278	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
20	5

	Domain	Requested by
10	powersploit.readthedocs.io	powersploit.readthedocs.io
4	assets.readthedocs.org	powersploit.readthedocs.io assets.readthedocs.org
3	fonts.gstatic.com	fonts.googleapis.com
3	media.readthedocs.org	3 redirects
2	ssl.google-analytics.com	powersploit.readthedocs.io
1	fonts.googleapis.com	powersploit.readthedocs.io
20	6

This site contains links to these domains. Also see Links.

Domain
github.com
www.mkdocs.org
readthedocs.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-18` - `2022-11-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.readthedocs.org E1	`2022-09-22` - `2022-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
Frame ID: B95DFDF9DDBCA6E04FD1C4D45271D17F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invoke-ReflectivePEInjection - PowerSploit

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

370 kB
Transfer

755 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/PowerShellMafia/PowerSploit/
Title: Edit on GitHub

Search URL Search Domain Scan URL

URL: http://www.mkdocs.org/
Title: MkDocs

Search URL Search Domain Scan URL

URL: https://github.com/snide/sphinx_rtd_theme
Title: theme

Search URL Search Domain Scan URL

URL: https://readthedocs.org/
Title: Read the Docs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://media.readthedocs.org/css/badge_only.css HTTP 302
https://assets.readthedocs.org/static/css/badge_only.css

Request Chain 5

https://media.readthedocs.org/css/readthedocs-doc-embed.css HTTP 302
https://assets.readthedocs.org/static/css/readthedocs-doc-embed.css

Request Chain 12

https://media.readthedocs.org/static/core/js/readthedocs-doc-embed.js HTTP 302
https://assets.readthedocs.org/static/static/core/js/readthedocs-doc-embed.js

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/ 38 KB
7 KB 556ms
500ms Document
text/html 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516644fe7f82765de49e28294353adb99a6b6a51f3229130dc2b489ee5c1f131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: REVALIDATED
cf-ray: 75bbb0803c019b55-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 17 Oct 2022 20:12:30 GMT
etag: W/"246aef314670cbf53cb56ef202f7698b"
expires: Tue, 18 Oct 2022 20:12:30 GMT
last-modified: Fri, 29 Jan 2021 12:38:49 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-amz-id-2: AH0By3BbkHCCJuNdEQXxOuUlliUUNTBm+ypJDsFUmZ/2bAzOhAm5G/VBBUNhf36Q119Rj3NTHs0=
x-amz-meta-mtime: 1506359757.987756
x-amz-request-id: KH3Q1APMK1765NPH
x-backend: web-i-01a5aca1815d5a29e
x-rtd-domain: powersploit.readthedocs.io
x-rtd-path: /proxito/html/powersploit/latest/CodeExecution/Invoke-ReflectivePEInjection/index.html
x-rtd-project: powersploit
x-rtd-project-method: subdomain
x-rtd-version: latest
x-rtd-version-method: path
x-served: Nginx-Proxito-Sendfile

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 127ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b9c158d68be8baf7787416dec62854cce5000d21a4375ebf909f1b37d8cf813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 20:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 19:59:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 20:12:30 GMT

GET
H2 200 theme.css
powersploit.readthedocs.io/en/latest/css/ 87 KB
17 KB 520ms
514ms Stylesheet
text/css 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/css/theme.css

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0adefe3f74387aacd94928c2c7302a9c55677ee600e4ca24c4c75e773164bf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.523685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-068ceed8ad1322cc1
x-rtd-project-method: subdomain
x-amz-request-id: WQW8H8F9544P6XXX
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 58rChD7rlkJwRF8L+I6M6kROSIElMfbP9hJuZpnM9MIdSN3vqvjRJzoMa1+nGN5hImy0s8cxPlA=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/css/theme.css
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:49 GMT
server: cloudflare
etag: W/"ed8a58a95f85710cbcec15d1fd94305b"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837af69b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 theme_extra.css
powersploit.readthedocs.io/en/latest/css/ 2 KB
1 KB 563ms
558ms Stylesheet
text/css 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/css/theme_extra.css

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dedb78b148dc643246e8751ee82d67695049ac79414b6c5ae74c200c6454e9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.523685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-07b2ad7a0fe2fac9b
x-rtd-project-method: subdomain
x-amz-request-id: WQW6VDJBGR9WWFZB
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CmibS3HJvCmPwJ8aPmdOL1vi3OlftGm6VlCstToLdP+DRIjmfkhlT+fSPP1yrAq0vokx4xqYcXQ=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/css/theme_extra.css
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:49 GMT
server: cloudflare
etag: W/"9d6e2e07fdada07bde7be97057b06813"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837af89b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 highlight.css
powersploit.readthedocs.io/en/latest/css/ 2 KB
888 B 537ms
533ms Stylesheet
text/css 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/css/highlight.css

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ee1de1b0c5b4e21de0f90be3105797e5ed45f6afe3b07c70f501a185a57373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.523685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-0ec6263dd9f594139
x-rtd-project-method: subdomain
x-amz-request-id: WQWA6DNFTYFN73KK
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m5SWUHZlkSHOrGzgVLSX62/SWHigjMOOaTq+v3ok5r95BE8gnj8tuH3cElQFSif/qwAsbQ0CU6A=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/css/highlight.css
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:49 GMT
server: cloudflare
etag: W/"e0e4d973c6d7833a91f6ce8f7a8edb56"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837afd9b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2

200

badge_only.css
assets.readthedocs.org/static/css/
Redirect Chain

https://media.readthedocs.org/css/badge_only.css
https://assets.readthedocs.org/static/css/badge_only.css

3 KB
1 KB

34ms
23ms

Stylesheet
text/css

2606:4700::6812:61d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readthedocs.org/static/css/badge_only.css
Requested by: Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
Protocol: H2
Server: 2606:4700::6812:61d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6c44142ede6b198875950cf99d2f432f92aaa950d5ec288b0ddbe9e7876fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:12:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 16:42:40 GMT
x-backend: web-i-0c8ad827aa79d4404
server: cloudflare
x-amz-request-id: WT9VEBN6CQHJS6XD
age: 530914
etag: W/"846926dfcf0fb0b05dbdf89de9390336"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75bbb0841d0dbbbc-FRA
x-amz-id-2: gThnVtUw6BLrBf+j2jCbE/PIRqdZkZMAgMham1hCC32c4lxMD3KYnVT3LzaW0y5n9O7z8GUPhqw=
expires: Tue, 18 Oct 2022 00:12:30 GMT

Redirect headers

date: Mon, 17 Oct 2022 20:12:30 GMT
x-served: Nginx
cf-cache-status: HIT
x-backend: web-i-01737941fe93fed7b
server: cloudflare
age: 434
vary: Accept-Encoding
content-type: text/html
location: https://assets.readthedocs.org/static/css/badge_only.css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75bbb083b997903c-FRA
content-length: 138
expires: Tue, 18 Oct 2022 00:12:30 GMT

GET
H2

200

readthedocs-doc-embed.css
assets.readthedocs.org/static/css/
Redirect Chain

https://media.readthedocs.org/css/readthedocs-doc-embed.css
https://assets.readthedocs.org/static/css/readthedocs-doc-embed.css

6 KB
2 KB

50ms
30ms

Stylesheet
text/css

2606:4700::6812:61d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readthedocs.org/static/css/readthedocs-doc-embed.css
Requested by: Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
Protocol: H2
Server: 2606:4700::6812:61d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f30f17f2fc711cefbb7cafc6601bd578f9cd535f8b47a7ac18e6a9175715c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:12:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 16:42:40 GMT
x-backend: web-i-0c8ad827aa79d4404
server: cloudflare
x-amz-request-id: WT9MC8997YY1AY1X
age: 530914
etag: W/"ed5ef28a51141985a674cbcda5e1dc11"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 75bbb0841d0abbbc-FRA
x-amz-id-2: ZOR/bqNVoW3t1l3JM3sprNzhs1SCRbyCANMhpjahLE1dDBYjcno8cyW98O4HO3MLfBpO6fJKsks=
expires: Tue, 18 Oct 2022 00:12:30 GMT

Redirect headers

date: Mon, 17 Oct 2022 20:12:30 GMT
x-served: Nginx
cf-cache-status: HIT
x-backend: web-i-0d5765d7b528ffd1b
server: cloudflare
age: 573
vary: Accept-Encoding
content-type: text/html
location: https://assets.readthedocs.org/static/css/readthedocs-doc-embed.css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75bbb083c99e903c-FRA
content-length: 138
expires: Tue, 18 Oct 2022 00:12:30 GMT

GET
H2 200 jquery-2.1.1.min.js Show response
powersploit.readthedocs.io/en/latest/js/ 82 KB
30 KB 528ms
524ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/js/jquery-2.1.1.min.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.531685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-061eb9be6be0c50f8
x-rtd-project-method: subdomain
x-amz-request-id: WQW28EZAY2Y9288R
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LBNTlC3DkBUZRbEa4solTKFqqDmU1mTzoKFRxO2bbKiyHvycxnO3LMnU2r/pWDJ2d6GA8ABvghQ=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/js/jquery-2.1.1.min.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:50 GMT
server: cloudflare
etag: W/"e40ec2161fe7993196f23c8a07346306"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837afe9b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 modernizr-2.8.3.min.js Show response
powersploit.readthedocs.io/en/latest/js/ 11 KB
5 KB 537ms
534ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/js/modernizr-2.8.3.min.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.523685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: MISS
x-backend: web-i-051663bb0fabb05db
x-rtd-project-method: subdomain
x-amz-request-id: H4S01VDA5EG3Y45T
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MxvOlpy9depCnJCxyp4vHZljQKaNfVGXlOFonug7vB0ZGNMQ1885d6ZUdRWkWM+yg8lu46FAaZM=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/js/modernizr-2.8.3.min.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:50 GMT
server: cloudflare
etag: W/"65f1d21d5fcc9d21da758adababd0c3c"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837b019b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 highlight.pack.js Show response
powersploit.readthedocs.io/en/latest/js/ 294 KB
110 KB 542ms
540ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/js/highlight.pack.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e956cd7a60fc91c634ecd76da622c6e84d53a9a1351bd409b39419ce1e35380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.531685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-068ceed8ad1322cc1
x-rtd-project-method: subdomain
x-amz-request-id: WQW8X48115QG6DJJ
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U2Cik3Vsh0w/r9uglj8nS9yFyGdSdxUyRxDKLznIHIcgsq2fY85DLMtMrugGF7CkYtiWkXfHqKo=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/js/highlight.pack.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:50 GMT
server: cloudflare
etag: W/"479b5f21dcba4eb5cc16d2d0e0a6ae7d"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837b049b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 theme.js Show response
powersploit.readthedocs.io/en/latest/js/ 2 KB
912 B 509ms
506ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/js/theme.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af3beb47e191c156c92d9c5e8a0025cbf959e1fdb04ff073e2c513ca72084c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.531685
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-0af781d02b7c3ec93
x-rtd-project-method: subdomain
x-amz-request-id: WQWBX5M8N88GK2TK
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aXtOriIbBy/TsqMjOusIZnd8texl+utU/eyQ46AmFgm89s0IKhVxSEuyaEQ1CVyTG4AzvHNt5C4=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/js/theme.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:50 GMT
server: cloudflare
etag: W/"51055f14a5a41e4851d9bc18b416944f"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837b0a9b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 readthedocs-data.js Show response
powersploit.readthedocs.io/en/latest/ 680 B
612 B 529ms
527ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/readthedocs-data.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fafc5fe0d4d93b4814e83db2dbfe94584d5d2e69a669856867ac8c25cc80d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.591686
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-068ceed8ad1322cc1
x-rtd-project-method: subdomain
x-amz-request-id: WQWF8PGGZT6NEJ1J
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: x9HXJWkQc0ZZyWEwRRKK+0QsMOf7DFmcuQ6mU8kKk7Gv4YDe/GTcsmI1abKIkDidICUP8JJOos4=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/readthedocs-data.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:48 GMT
server: cloudflare
etag: W/"161f54031e0767dbfe5f21c22bb87023"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837b0b9b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2 200 readthedocs-dynamic-include.js Show response
powersploit.readthedocs.io/en/latest/ 462 B
551 B 538ms
536ms Script
application/javascript 2606:4700::6811:2052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powersploit.readthedocs.io/en/latest/readthedocs-dynamic-include.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:2052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d985669ed9fa16afafa6f45ec54f0a046b42bfd17c86de601bfaab8e211c644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-mtime: 1506359750.591686
date: Mon, 17 Oct 2022 20:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-served: Nginx-Proxito-Sendfile
cf-cache-status: REVALIDATED
x-backend: web-i-07b2ad7a0fe2fac9b
x-rtd-project-method: subdomain
x-amz-request-id: WQW67AV72ZPJJJ01
x-rtd-domain: powersploit.readthedocs.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mVRDPVhEdLMkylo3FvQ4JUNFzZiUupUx+WhaMJA9T8N8DrhvPJh+mF1E8/gKKTImn5D7tLYhUNY=
x-rtd-version-method: path
x-rtd-path: /proxito/html/powersploit/latest/readthedocs-dynamic-include.js
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jan 2021 12:38:48 GMT
server: cloudflare
etag: W/"12fe2e0d1aecfab2799c10eed02ca95a"
vary: Accept-Encoding
content-type: application/javascript
x-rtd-version: latest
cache-control: public, max-age=86400
x-rtd-project: powersploit
cf-ray: 75bbb0837b0e9b55-FRA
expires: Tue, 18 Oct 2022 20:12:31 GMT

GET
H2

404

readthedocs-doc-embed.js
assets.readthedocs.org/static/static/core/js/
Redirect Chain

https://media.readthedocs.org/static/core/js/readthedocs-doc-embed.js
https://assets.readthedocs.org/static/static/core/js/readthedocs-doc-embed.js

0
0

62ms
30ms

Script
application/xml

2606:4700::6812:61d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readthedocs.org/static/static/core/js/readthedocs-doc-embed.js
Requested by: Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
Protocol: H2
Server: 2606:4700::6812:61d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date: Mon, 17 Oct 2022 20:12:30 GMT
x-served: Nginx
cf-cache-status: HIT
x-backend: web-i-0c4b377a4af37cf71
server: cloudflare
age: 396
vary: Accept-Encoding
content-type: text/html
location: https://assets.readthedocs.org/static/static/core/js/readthedocs-doc-embed.js
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 75bbb083c9a0903c-FRA
content-length: 138
expires: Tue, 18 Oct 2022 00:12:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 116ms
37ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powersploit.readthedocs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 529462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 17:08:09 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 134ms
38ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/readthedocs-dynamic-include.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 19:51:05 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1286
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 17 Oct 2022 21:51:05 GMT

GET
DATA 200
OK truncated
/ 924 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c32204f1dbba66dc2406b1cb9863f611f65f8e1055f25a3fc5cef678f465a302

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff
assets.readthedocs.org/static/fonts/ 96 KB
96 KB 59ms
33ms Font
font/woff 2606:4700::6812:61d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readthedocs.org/static/fonts/fontawesome-webfont.woff
Requested by: Host: assets.readthedocs.org
URL: https://assets.readthedocs.org/static/css/badge_only.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:61d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://assets.readthedocs.org/static/css/badge_only.css
Origin: https://powersploit.readthedocs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:12:31 GMT
cf-cache-status: HIT
x-backend: web-i-047dcac7667a5087b
x-amz-request-id: 5WMGENKVR3X10XPM
age: 50416
content-length: 98024
x-amz-id-2: 32u4ufQmgJa/spj21Ktx13nFWtSNauXf6EPoli0epfenk0Lp0dYr/dBPmpH9l/VwUaKMwgCMe68=
last-modified: Tue, 11 Oct 2022 16:42:31 GMT
server: cloudflare
etag: "fee66e712a8a08eef5805a46892932ad"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75bbb0877b3abb8b-FRA
expires: Tue, 18 Oct 2022 00:12:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 111ms
71ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powersploit.readthedocs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 09:59:57 GMT
x-content-type-options: nosniff
age: 295954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:59:57 GMT

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 32 KB
32 KB 111ms
37ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powersploit.readthedocs.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:06:46 GMT
x-content-type-options: nosniff
age: 558345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:06:46 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 116ms
44ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1629322611&utmhn=powersploit.readthedocs.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Invoke-ReflectivePEInjection%20-%20PowerSploit&utmhid=212585532&utmr=-&utmp=%2Fen%2Flatest%2FCodeExecution%2FInvoke-ReflectivePEInjection%2F&utmht=1666037551507&utmac=UA-17997319-1&utmcc=__utma%3D139690162.1751740628.1666037552.1666037552.1666037552.1%3B%2B__utmz%3D139690162.1666037552.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1411218553&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: powersploit.readthedocs.io
URL: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powersploit.readthedocs.io/en/latest/CodeExecution/Invoke-ReflectivePEInjection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 20:12:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.powersploit.readthedocs.io/	1970-01-20 16:23:17	Name: __utma Value: 139690162.1751740628.1666037552.1666037552.1666037552.1
.powersploit.readthedocs.io/	1969-12-31 23:59:59	Name: __utmc Value: 139690162
.powersploit.readthedocs.io/	1970-01-20 11:10:05	Name: __utmz Value: 139690162.1666037552.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.powersploit.readthedocs.io/	1970-01-20 06:47:18	Name: __utmt Value: 1
.powersploit.readthedocs.io/	1970-01-20 06:47:19	Name: __utmb Value: 139690162.1.10.1666037552

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://assets.readthedocs.org/static/static/core/js/readthedocs-doc-embed.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.readthedocs.org
fonts.googleapis.com
fonts.gstatic.com
media.readthedocs.org
powersploit.readthedocs.io
ssl.google-analytics.com
2606:4700::6811:2052
2606:4700::6811:2152
2606:4700::6812:61d
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
0adefe3f74387aacd94928c2c7302a9c55677ee600e4ca24c4c75e773164bf2a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f30f17f2fc711cefbb7cafc6601bd578f9cd535f8b47a7ac18e6a9175715c22
3d985669ed9fa16afafa6f45ec54f0a046b42bfd17c86de601bfaab8e211c644
4af3beb47e191c156c92d9c5e8a0025cbf959e1fdb04ff073e2c513ca72084c8
4e956cd7a60fc91c634ecd76da622c6e84d53a9a1351bd409b39419ce1e35380
516644fe7f82765de49e28294353adb99a6b6a51f3229130dc2b489ee5c1f131
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87ee1de1b0c5b4e21de0f90be3105797e5ed45f6afe3b07c70f501a185a57373
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
9b9c158d68be8baf7787416dec62854cce5000d21a4375ebf909f1b37d8cf813
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c32204f1dbba66dc2406b1cb9863f611f65f8e1055f25a3fc5cef678f465a302
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf6c44142ede6b198875950cf99d2f432f92aaa950d5ec288b0ddbe9e7876fbc
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5fafc5fe0d4d93b4814e83db2dbfe94584d5d2e69a669856867ac8c25cc80d3
dedb78b148dc643246e8751ee82d67695049ac79414b6c5ae74c200c6454e9f2

powersploit.readthedocs.io Open in urlscan Pro 2606:4700::6811:2052 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

100 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

370 kBTransfer

755 kBSize

5 Cookies

4 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

5 Cookies

1 Console Messages

Security Headers

Indicators

powersploit.readthedocs.io Open in urlscan Pro
2606:4700::6811:2052 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

370 kB
Transfer

755 kB
Size

5
Cookies

20 HTTP transactions
1 data transactions