urlscan.io logo urlscan.io
SecurityTrails logo

sensepost.com Open in urlscan Pro
52.85.121.70  Public Scan

Go To Rescan Add Verdict Report
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Submission: On June 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 52.85.121.70, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is sensepost.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2019. Valid for: 2 years.
This is the only time sensepost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    52.85.121.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-121-70.bud50.r.cloudfront.net
sensepost.com
1    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2050:5000:d:8a0b:b6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.emailjs.com
3    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a02:26f0:6c00:299::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
platform.linkedin.com
1    2620:119:50e3:101::6cae:b48 (United States)

ASN14413 (LINKEDIN, US)
platform-src.linkedin.com
Domain Requested by
19 sensepost.com sensepost.com
3 www.google.com sensepost.com
www.gstatic.com
2 platform.twitter.com sensepost.com
platform.twitter.com
2 www.google-analytics.com sensepost.com
1 platform-src.linkedin.com sensepost.com
1 platform.linkedin.com 1 redirects
1 www.gstatic.com www.google.com
1 cdn.emailjs.com sensepost.com
1 www.youtube.com sensepost.com
0 introonet.sensepost.com Failed sensepost.com
31 10
Subject Issuer Validity Valid
*.sensepost.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-12 -
2021-03-11		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.emailjs.com
Amazon		 2020-02-04 -
2021-03-04		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
static-src.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh

This page contains 5 frames:

Primary Page: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Frame ID: 776EA1C3CA9C59736F149EE2A1352056
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fzyK6RFNfDU
Frame ID: 8C917C6D0C263BA753ED8FA652DAFC88
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&co=aHR0cHM6Ly9zZW5zZXBvc3QuY29tOjQ0Mw..&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&badge=inline&cb=3tfbwnd7prli
Frame ID: 81BC7225DF8E3FA21F5F361E6159B74B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fsensepost.com
Frame ID: B7A160929172127D065CB33239F8ECFD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&cb=szb9qq6lr6yn
Frame ID: 15CE86DDD22398D4BDD2AACED227B627
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.linkedin\.com\/in\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

31
Requests

97 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1325 kB
Transfer

1997 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://platform.linkedin.com/in.js HTTP 302
  • https://platform-src.linkedin.com/in.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/ 		72 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12d25870c3808342e6d2f5ac9ae4946e3654d17bb32d2e239410a68f49b20fec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sensepost.com
:scheme
https
:path
/blog/2016/powershell-c-sharp-and-dde-the-power-within/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
last-modified
Fri, 05 Jun 2020 11:51:07 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer-when-downgrade
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
date
Tue, 09 Jun 2020 22:12:18 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
yTM5-HWLEsFZ2oAAB310Qeonc544XTUl8viq_3Wdwal4E6w7r_9gHA==
age
2810
main.54acc1.css
sensepost.com/styles/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/styles/main.54acc1.css
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98ca845c64b03a59b9e971da9b802d908c5dda69b6640fadb0ddb65297dbaca1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
BUD50-C1
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Tue, 09 Jun 2020 22:59:08 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
QjHOpvE2790Pg5SstKalM5D5cUd1gYn4bs1DBNqV6taRprXHjNViLg==
modernizr-custom-build.65abfa.js
sensepost.com/scripts/vendor/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/vendor/modernizr-custom-build.65abfa.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
449372fdd2861bca3b9bb36357c8b2f9ca2d7cd8b99c733ce429a59caca6267b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
BUD50-C1
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Oct 2018 13:18:17 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Tue, 09 Jun 2020 22:59:08 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
8w9oJRZTUTXOq9t5cHJKjHxJdbZ1hoJYTDM-rSMOpbOwFn8AsjJViw==
securedata-logo.3eb901.png
sensepost.com/img/components/securedata/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/components/securedata/securedata-logo.3eb901.png
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e70e82dc43bd54c09efafff5f69a4b67353b8c905916c6db5ab73a0263851b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
BUD50-C1
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 22:59:08 GMT
content-length
11285
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Apr 2020 14:25:05 GMT
server
AmazonS3
etag
"3eb9012cece083a6d8316038eb3f4ea1"
x-frame-options
SAMEORIGIN
content-type
image/png
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
i4bMTE4UAoeFoL5IUjEtVEYjF5vmdghcPLV92smfOo5ZXCr1HUyOXw==
run_prettify.js
introonet.sensepost.com/blog/wp-content/uploads/2016/01/ 		0
0
psc.png
sensepost.com/img/pages/blog/2016/powershell-c-sharp-and-dde-the-power-within/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/pages/blog/2016/powershell-c-sharp-and-dde-the-power-within/psc.png
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f497c52cbeb94e4bc71741b0be8f38a2f7614b9012664d884941e29e1538563f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
BUD50-C1
x-cache
RefreshHit from cloudfront
status
200
date
Tue, 09 Jun 2020 22:59:09 GMT
content-length
38924
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 15:06:46 GMT
server
AmazonS3
etag
"9424991c5a39965f9e619f296db44a94"
x-frame-options
SAMEORIGIN
content-type
image/png
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
aeVwiTfXH-TBmXbU-yTXM3U50Wsm9VelGOK9vGVVadww5iyZKR2fCw==
creds_logos.3f55a8.png
sensepost.com/img/components/logo/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/components/logo/creds_logos.3f55a8.png
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8dfe65c302795e407535378eabd2d14ef827ecf9f2ae52c5fd24d29e03ca90f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 14:59:20 GMT
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28789
x-cache
Hit from cloudfront
status
200
content-length
81349
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 May 2019 11:34:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"3f55a8ace58a277115c94da617b82c21"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
nLpXjftBgVL2TJiTN3iaYRtGIPvJMgiq_CcSvtegPNLdiQbXtgCA4w==
main.bfd130.js
sensepost.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/main.bfd130.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f5143862d3978eb64745a0e0554c98ba9288c48e9794a60f69731cfaa81423c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35756
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Tue, 09 Jun 2020 13:03:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
nA4q6VwF84H3t5WI8sDfJMhZ32TCseT_QvNTRmDz2_pyl9ulb4yvGA==
blog-hero.jpg
sensepost.com/img/pages/blog/backgrounds/1024/ 		343 KB
344 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/pages/blog/backgrounds/1024/blog-hero.jpg
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f153d06dccf0608fe2e14bb61e808cb6766f791a7e0ab26406acdd64f8220fb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/styles/main.54acc1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
33563
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 13:39:46 GMT
content-length
351399
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:48 GMT
server
AmazonS3
etag
"ad41032c899674155066c5d8c24127cc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
Odg9snN7y9V2pyzR0oUwFPTP8kG5uUnPBTiG6-R91UbG04VV5VKxZw==
opensans-regular-webfont.woff2
sensepost.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/fonts/opensans-regular-webfont.woff2
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffcb260030bf76abab842f8fbd1ec0e6e0a58bfbf67809b6d8023ccd8cac2ffe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/styles/main.54acc1.css
Origin
https://sensepost.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
29957
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 14:39:52 GMT
content-length
15104
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:39 GMT
server
AmazonS3
etag
"0cd57422b75b7de8c97d171521bfeb03"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
EjEjo_sA8k1AR_0SdiHHCO_gLJC3VeBr_7Qg5pwI-K2ypdhMRbtUtw==
opensans-light-webfont.woff2
sensepost.com/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/fonts/opensans-light-webfont.woff2
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce1c70fcbf96bead5ace5ffee7bfcc7ca627b5d269fe3710699534de6b90b90a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/styles/main.54acc1.css
Origin
https://sensepost.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
15732
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 18:36:57 GMT
content-length
14656
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:39 GMT
server
AmazonS3
etag
"27f31eb0eca89092d8a22b9bdd1ff80d"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
GTE18jEx54j0wReLaGvSgf5M1FNPkF2P9RMKyDkBuPXywILF0_bTHg==
fzyK6RFNfDU
www.youtube.com/embed/ Frame 8C91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/fzyK6RFNfDU
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/fzyK6RFNfDU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 09 Jun 2020 22:59:08 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=v-mx_ws0QZg; path=/; domain=.youtube.com; secure; expires=Sun, 06-Dec-2020 22:59:08 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 09-Jun-2020 23:29:08 GMT YSC=4fgjnueQEQs; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=v-mx_ws0QZg; path=/; domain=.youtube.com; secure; expires=Sun, 06-Dec-2020 22:59:08 GMT; httponly; samesite=None
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
form-bg.2e9384.jpg
sensepost.com/img/components/form/backgrounds/2048/ 		451 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/components/form/backgrounds/2048/form-bg.2e9384.jpg
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cce091554fb0facb1cb3050eaaf05da5f5d1bed43914802b2f206108c3c0e376
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/styles/main.54acc1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
36820
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 12:45:28 GMT
content-length
462293
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Oct 2018 13:17:59 GMT
server
AmazonS3
etag
"2e93843aeffd0734be1d594624599244"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
3mcxLwvJa9tE-dKvwURNVukJw9dqauIPjbnN1CU3hkivB9mP8ys5Cw==
opensans-bold-webfont.woff2
sensepost.com/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/fonts/opensans-bold-webfont.woff2
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e9903d8326262d51a642604b326f37cb5d003e9bd356df555e6ecd9df38844f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/styles/main.54acc1.css
Origin
https://sensepost.com

Response headers

date
Tue, 09 Jun 2020 16:05:15 GMT
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
24834
x-cache
Hit from cloudfront
status
200
content-length
19468
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:39 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"c5afaf4feff7b3910a60ad8ba692f639"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
binary/octet-stream
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
0O2XeNoQKcVH7eywt2rHyZ3tw__jznmE7Gr_MQDjcQR3twM2GSROiw==
opensans-semibold-webfont.woff2
sensepost.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/fonts/opensans-semibold-webfont.woff2
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6818f6fee44af45a0639a7d973e1069c0907ce00553cf1645b31c2c935818c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/styles/main.54acc1.css
Origin
https://sensepost.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28207
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 15:09:02 GMT
content-length
18912
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:39 GMT
server
AmazonS3
etag
"4395cf61411a1c4e2f572c4375791277"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
-GntI59TUdYMeU0vBmi2ffGQJ3kx4IbS60g3JQfV2fOIAdUELm9RPA==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
169
date
Tue, 09 Jun 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 10 Jun 2020 00:56:19 GMT
require.common.8070ee.js
sensepost.com/scripts/ 		163 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/require.common.8070ee.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74faa3a5e5894a4c5c184d2a8a6c27ca40b4fe233b44ea0712a4a5c834f4904f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 14:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28789
x-cache
Hit from cloudfront
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
Jo9AJb00sYVCE6h8PnTNjTG64fISeOIw-6woIxC1BKV2IRsoBv23uA==
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1018991777&t=pageview&_s=1&dl=https%3A%2F%2Fsensepost.com%2Fblog%2F2016%2Fpowershell-c-sharp-and-dde-the-power-within%2F&ul=en-us&de=UTF-8&dt=SensePost%20%7C%20Powershell%2C%20c-sharp%20and%20dde%20the%20power%20within&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1878566121&gjid=246958012&cid=1141477465.1591743548&tid=UA-50942626-1&_gid=675058623.1591743548&_r=1&z=1409391934
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 22:59:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
email.min.js
cdn.emailjs.com/dist/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.emailjs.com/dist/email.min.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2050:5000:d:8a0b:b6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5464e37c1eae4bda1f0f02a18bfcf1046db115c8ed30fe09e3953a893899012

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 06:22:40 GMT
content-encoding
gzip
last-modified
Tue, 27 Mar 2018 22:09:04 GMT
server
AmazonS3
age
6021389
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
4hR0BsbiSPNEk9eHtGLX1WUWE8wOP58XOppmbPUdPDLj_Es2362alQ==
via
1.1 920d2a45d275def633b7efde005c8be9.cloudfront.net (CloudFront)
api.js
www.google.com/recaptcha/ 		674 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f3302d655d50dbc0cc823c182c5aaa30e3c621388d40b902c24b4d8ac0348cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 22:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 09 Jun 2020 22:59:08 GMT
submenu.require.f19d2a.js
sensepost.com/scripts/pages/submenu/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/pages/submenu/submenu.require.f19d2a.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05c39a90951254b309eba4e78184f6ef617d916e3e27d0b0f1363de702101f0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 14:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29956
x-cache
Hit from cloudfront
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
tXCc8YlTf-8M_8Rqi8zBULgXAs67yvyATqilq3TIFSB5e_ReTzIP5Q==
blog.require.1d0078.js
sensepost.com/scripts/pages/blog/ 		990 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/pages/blog/blog.require.1d0078.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cdfeb53b6069e4b288525db11d11f8b095f86e105a0529a6afa770947392c51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 14:39:53 GMT
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
29956
x-cache
Hit from cloudfront
status
200
content-length
990
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"1d0078f2ddeb495471839814d1f7abe0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
DB1wZYOeMlwR28vmE96mwdCcbmBeULPGW1rEdUiX41ZgFnnyKoUi9Q==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ 		310 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 16:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 19:45:58 GMT
server
sffe
age
108802
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125146
x-xss-protection
0
expires
Tue, 08 Jun 2021 16:45:46 GMT
anchor
www.google.com/recaptcha/api2/ Frame 81BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&co=aHR0cHM6Ly9zZW5zZXBvc3QuY29tOjQ0Mw..&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&badge=inline&cb=3tfbwnd7prli
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2mGtsRL2PVJAwIFBzwYpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&co=aHR0cHM6Ly9zZW5zZXBvc3QuY29tOjQ0Mw..&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&badge=inline&cb=3tfbwnd7prli
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Jun 2020 22:59:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-2mGtsRL2PVJAwIFBzwYpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10099
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
overthrow-sidescroller.disable-nav.js
sensepost.com/scripts/vendor/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sensepost.com/scripts/vendor/overthrow-sidescroller.disable-nav.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e44bd6c6cc250288d1eb16b8483991d82b12850c08d46418d7ab8596818f2ab8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36994
x-cache
Hit from cloudfront
status
200
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Sep 2018 10:14:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Tue, 09 Jun 2020 12:42:35 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
_lWORE3Iia0-gEw-ZTts1_5h_bhBtrawDle7vJ9UwepAtHVJS7uU3A==
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/main.bfd130.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 09 Jun 2020 22:59:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jun 2020 22:20:30 GMT
Server
ECS (fcn/40F7)
Age
98
Etag
"e8665a6672f6c6e18facbfd9e1eaaad3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29247
in.js
platform-src.linkedin.com/
Redirect Chain
  • https://platform.linkedin.com/in.js
  • https://platform-src.linkedin.com/in.js
181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-src.linkedin.com/in.js
Requested by
Host: sensepost.com
URL: https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e3:101::6cae:b48 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
1e0a10bfa8ad628b82fa613db9d1d84efb61711cd7e4e0165e89197732c296e1

Request headers

Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 22:59:08 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=3600
x-li-pop
prod-eda6
x-li-proto
http/2
content-length
55596
x-li-uuid
Ht/PAFMCFxYg7gQ76yoAAA==
x-li-fabric
prod-lva1
expires
Tue, 9 Jun 2020 23:59:08 GMT

Redirect headers

X-LI-UUID
oz32QnCY6xVQwiK9RysAAA==
Date
Tue, 09 Jun 2020 22:59:08 GMT
X-CDN-CLIENT-IP-VERSION
IPV6
X-Li-Pop
prod-tln1
X-Li-Fabric
prod-lor1
Location
https://platform-src.linkedin.com/in.js
X-LI-Proto
http/1.1
Connection
keep-alive
Content-Length
0
X-CDN
AKAM
widget_iframe.86df6234483a1fa251e365dd8643c136.html
platform.twitter.com/widgets/ Frame B7A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fsensepost.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41D7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
88601
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jun 2020 22:59:08 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Mon, 08 Jun 2020 22:13:29 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41D7)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
slider-prev.81d055.svg
sensepost.com/img/components/carousel/svg/ 		441 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/components/carousel/svg/slider-prev.81d055.svg
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/pages/submenu/submenu.require.f19d2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d05abdc384f1c0b0deda3d781630813550f03a025c03dd298b0f49ac13496518
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/styles/main.54acc1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 14:04:26 GMT
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
32083
x-cache
Hit from cloudfront
status
200
content-length
441
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"81d055c58f6ba52fa459e377b374220f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
nHqSiWyqLoEpEuyUtIMGZmh6vmlvzAnMy9EbUZF2uf746ErbXshkPw==
slider-next.70038f.svg
sensepost.com/img/components/carousel/svg/ 		438 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sensepost.com/img/components/carousel/svg/slider-next.70038f.svg
Requested by
Host: sensepost.com
URL: https://sensepost.com/scripts/pages/submenu/submenu.require.f19d2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.121.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-70.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f45cce067fbea75a9eb9329c29cfa20dce41555e6b54e9d989b8b948b3af76
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sensepost.com/styles/main.54acc1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 733020b73c68471611025883a2d5ee14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
23030
x-cache
Hit from cloudfront
status
200
date
Tue, 09 Jun 2020 16:35:19 GMT
content-length
438
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 11:51:10 GMT
server
AmazonS3
etag
"70038f272b0abe08a79038c2c83ae136"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
content-security-policy
upgrade-insecure-requests;
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
CA-WkrS39A98FT-t3lttDWBxGhGWSffuNvI411PMlQjziqwh3uAJlw==
bframe
www.google.com/recaptcha/api2/ Frame 15CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&cb=szb9qq6lr6yn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kjcBHDhkk4EXS1Wa+EFVWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6Le0KC4UAAAAABGbOCWjnMO6sFNY6daS6p9Inq6H&cb=szb9qq6lr6yn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sensepost.com/blog/2016/powershell-c-sharp-and-dde-the-power-within/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Jun 2020 22:59:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-kjcBHDhkk4EXS1Wa+EFVWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1176
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
introonet.sensepost.com
URL
https://introonet.sensepost.com/blog/wp-content/uploads/2016/01/run_prettify.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| requirejs function| require function| define string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| Nanobar object| overthrow object| recaptcha object| closure_lm_737269 object| emailjs function| captchaCompleted function| captchaExpired object| __twttrll object| twttr object| __twttr number| totalWidth object| __core-js_shared__ object| Sslac object| IN

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 4fgjnueQEQs
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: v-mx_ws0QZg
.sensepost.com/ Name: _gat
Value: 1
.sensepost.com/ Name: _gid
Value: GA1.2.675058623.1591743548
.google.com/ Name: NID
Value: 204=DAMmM5z8JuE5KqXcOKrgsRTp5bRg6enK_zuoH0OYMYcbtTOPFCtnsbdhiOb2hG-RCYF3DLz8EVBAXCzgg0NpldGspgQjd8xwS-3fJx2MCR3EbZ243BhHKjKbTn40wmcyNaV_aPEoBGXBOPVIAaAqJ4d8U-VYC5YnnBi4w1Doe_c
.sensepost.com/ Name: _ga
Value: GA1.2.1141477465.1591743548

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.emailjs.com
introonet.sensepost.com
platform-src.linkedin.com
platform.linkedin.com
platform.twitter.com
sensepost.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
introonet.sensepost.com
2600:9000:2050:5000:d:8a0b:b6c0:93a1
2606:2800:234:59:254c:406:2366:268c
2620:119:50e3:101::6cae:b48
2a00:1450:4001:815::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2003
2a02:26f0:6c00:299::25eb
52.85.121.70
05c39a90951254b309eba4e78184f6ef617d916e3e27d0b0f1363de702101f0b
12d25870c3808342e6d2f5ac9ae4946e3654d17bb32d2e239410a68f49b20fec
16f45cce067fbea75a9eb9329c29cfa20dce41555e6b54e9d989b8b948b3af76
1cdfeb53b6069e4b288525db11d11f8b095f86e105a0529a6afa770947392c51
1e0a10bfa8ad628b82fa613db9d1d84efb61711cd7e4e0165e89197732c296e1
1f3302d655d50dbc0cc823c182c5aaa30e3c621388d40b902c24b4d8ac0348cd
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
449372fdd2861bca3b9bb36357c8b2f9ca2d7cd8b99c733ce429a59caca6267b
74faa3a5e5894a4c5c184d2a8a6c27ca40b4fe233b44ea0712a4a5c834f4904f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dfe65c302795e407535378eabd2d14ef827ecf9f2ae52c5fd24d29e03ca90f6
8e70e82dc43bd54c09efafff5f69a4b67353b8c905916c6db5ab73a0263851b6
8e9903d8326262d51a642604b326f37cb5d003e9bd356df555e6ecd9df38844f
98ca845c64b03a59b9e971da9b802d908c5dda69b6640fadb0ddb65297dbaca1
9f5143862d3978eb64745a0e0554c98ba9288c48e9794a60f69731cfaa81423c
b5464e37c1eae4bda1f0f02a18bfcf1046db115c8ed30fe09e3953a893899012
b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
cce091554fb0facb1cb3050eaaf05da5f5d1bed43914802b2f206108c3c0e376
ce1c70fcbf96bead5ace5ffee7bfcc7ca627b5d269fe3710699534de6b90b90a
d05abdc384f1c0b0deda3d781630813550f03a025c03dd298b0f49ac13496518
e44bd6c6cc250288d1eb16b8483991d82b12850c08d46418d7ab8596818f2ab8
e6818f6fee44af45a0639a7d973e1069c0907ce00553cf1645b31c2c935818c4
f153d06dccf0608fe2e14bb61e808cb6766f791a7e0ab26406acdd64f8220fb8
f497c52cbeb94e4bc71741b0be8f38a2f7614b9012664d884941e29e1538563f
ffcb260030bf76abab842f8fbd1ec0e6e0a58bfbf67809b6d8023ccd8cac2ffe