urlscan.io logo urlscan.io
SecurityTrails logo

powertheshell.com Open in urlscan Pro
89.31.143.1  Public Scan

Go To Rescan Add Verdict Report
URL: http://powertheshell.com/
Submission: On November 22 via manual from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 25 HTTP transactions. The main IP is 89.31.143.1, located in Germany and belongs to IPX-AS15598, DE. The main domain is powertheshell.com.
This is the only time powertheshell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    89.31.143.1 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: www.udag.de
powertheshell.com
6    2606:4700:3030::ac43:cc27 (United States)

ASN13335 (CLOUDFLARENET, US)
powershell.one
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2606:4700:10::6814:9610 (United States)

ASN13335 (CLOUDFLARENET, US)
i.creativecommons.org
2    2606:4700:20::681a:4d6 (United States)

ASN13335 (CLOUDFLARENET, US)
licensebuttons.net
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
www.googleapis.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
4    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
Domain Requested by
6 powershell.one powertheshell.com
powershell.one
4 www.google.com cse.google.com
www.google.com
3 use.fontawesome.com powershell.one
use.fontawesome.com
2 cse.google.com powershell.one
www.google.com
2 licensebuttons.net powershell.one
2 i.creativecommons.org 2 redirects
1 clients1.google.com powershell.one
1 www.googleapis.com powershell.one
1 www.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com powershell.one
1 www.googletagmanager.com powershell.one
1 powertheshell.com
0 cdn.bootcss.com Failed powershell.one
25 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-14 -
2022-06-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://powertheshell.com/
Frame ID: 8E9165E87266C49D327CAE851C989329
Requests: 1 HTTP requests in this frame

Frame: https://powershell.one/isesteroids/quickstart/overview
Frame ID: BF762660570FEFA67BE70A04E04510F4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

25
Requests

80 %
HTTPS

91 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

460 kB
Transfer

1139 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://i.creativecommons.org/l/by-nd/4.0/88x31.png HTTP 301
  • https://licensebuttons.net/l/by-nd/4.0/88x31.png
Request Chain 5
  • https://i.creativecommons.org/l/by/4.0/88x31.png HTTP 301
  • https://licensebuttons.net/l/by/4.0/88x31.png

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
powertheshell.com/ 		409 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
http://powertheshell.com/
Protocol
HTTP/1.1
Server
89.31.143.1 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
www.udag.de
Software
UD Forwarding 3.1 /
Resource Hash
f6610ccbea1e03907488b2b223d3ddbe77bb5d62aa058a0ddfcb9356f20b438a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 22 Nov 2021 14:24:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
X-UD-METHOD
frame
Server
UD Forwarding 3.1
overview
powershell.one/isesteroids/quickstart/ Frame BF76 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://powershell.one/isesteroids/quickstart/overview
Requested by
Host: powertheshell.com
URL: http://powertheshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfd5e1e0091014e50696c80d0ecfa98f5eb82154f711579802f82de7aea843f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://powertheshell.com/

Response headers

date
Mon, 22 Nov 2021 14:24:49 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 03 Jun 2020 16:42:11 GMT
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 14:33:10 GMT
cache-control
max-age=600
x-proxy-cache
MISS
x-github-request-id
E46E:9D32:13CAD1:1A91B5:619BA7CD
via
1.1 varnish
age
0
x-served-by
cache-fra19139-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1637591090.645688,VS0,VE89
vary
Accept-Encoding
x-fastly-request-id
7a4f9b79773de0494d03709c4e3086a79aef9731
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhWbvDNRV6mAZtGmqkVVVVg%2FFzDeVv1TvBDjXejaX%2B55%2FYpCF7zxQ19eYzi7a8o8GxQ%2F%2F2L%2BXDiDrqftRXojSPDuFumnk9oC6a8d3h4y0qhFHFO8HZbfIw0QyvqdNP7Xa0YZYsZolcVwslvQNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b22d2d62edd691b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame BF76 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-151343537-1
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9d6b9d0cdd36712f0a56bdc67d2105650070cff7a59d7ac42314b919c4ae3aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36134
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Nov 2021 14:24:50 GMT
main.css
powershell.one/assets/css/ Frame BF76 		156 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powershell.one/assets/css/main.css
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c18ac2228975c2d9d27f5344d81ddf6dd71ed458228f63c342cc4f4de68e9bed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/isesteroids/quickstart/overview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
80cce3ecffa47824d835cffdefe4619da7159220
date
Mon, 22 Nov 2021 14:24:49 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
316
cf-polished
origSize=161223
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19149-FRA
last-modified
Wed, 03 Jun 2020 16:42:11 GMT
server
cloudflare
x-github-request-id
7B94:A36F:F002B1:F5A380:60C5EDAE
x-timer
S1623584174.281819,VS0,VE89
etag
W/"5ed7d2e3-275c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpePJEFSpYcjfXHSs3RW4oyhI13EG4vG4WaLEeq9xqsQNCBL3co%2BXbeqaNuu3IRYTgUqLFFbUUfd%2B68w4qcXxU1Tsz4WZ3ioFWPp8C4%2B1L0qMS%2FeK1cwd3mfDG3yBNgc4SBtyWc7BvXYPAMNUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Mon, 22 Nov 2021 14:12:15 GMT
cache-control
max-age=14400
cf-ray
6b22d2d85c8e691b-FRA
x-proxy-cache
MISS
cf-bgj
minify
all.css
use.fontawesome.com/releases/v5.0.13/css/ Frame BF76 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2326065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CC3C7V3VH16SSSN3
x-amz-id-2
m8hnQRgrUUZ4rt3Owfnjlm+cSJuJdHT0T1cZ7Qs/9Cw9CqlDPn5ineZgUBxCQEKqxh2zLQXfnr4=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCRE%2BFQPZtDsmWxiyzOJCxWTzP%2FWQDOi%2BqnUyekTumYyjfA3gQTeLKjxtBm7bFNSwX1FxnNsYKSN2iHdatvY09snLFk9yRdB%2F5nM3EGaeikoZGuSf1qSRaVuPQupkDCb8vzvMww4XgO061xihBsCQH%2Fh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6b22d2d87aa86940-FRA
88x31.png
licensebuttons.net/l/by-nd/4.0/ Frame BF76
Redirect Chain
  • https://i.creativecommons.org/l/by-nd/4.0/88x31.png
  • https://licensebuttons.net/l/by-nd/4.0/88x31.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://licensebuttons.net/l/by-nd/4.0/88x31.png
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Server
2606:4700:20::681a:4d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c4c65e16a7ebadfbe2cbd873accff5e3c4aaf1bf6924cd6738de68826623c6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6354
cf-polished
origSize=4880
vary
Accept-Encoding
content-length
1364
x-xss-protection
1; mode=block
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
x-frame-options
deny
etag
"5eab4a31-1310"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fiy51nJAF1DNXZRuPoUnmIVJdLjmoRscxZq0qCWzSCm8JjLyXo7r%2BX%2BWa%2FJZ5uBctVRB7PPgGdk5p8QqAb6Xd62yoiDYqyp0EKi%2BtyETNH%2BciYLsV39Fi%2F4dVwOe5eg3oteMN6w9qV%2Fz7Qd9sEUdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6b22d2d94d824309-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Mon, 22 Nov 2021 14:24:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
1032
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
deny
content-type
text/html
location
https://licensebuttons.net/l/by-nd/4.0/88x31.png
cache-control
max-age=432000
strict-transport-security
max-age=15768000
cf-ray
6b22d2d8dee9692b-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
88x31.png
licensebuttons.net/l/by/4.0/ Frame BF76
Redirect Chain
  • https://i.creativecommons.org/l/by/4.0/88x31.png
  • https://licensebuttons.net/l/by/4.0/88x31.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://licensebuttons.net/l/by/4.0/88x31.png
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Server
2606:4700:20::681a:4d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1279
cf-polished
origSize=4739
vary
Accept-Encoding
content-length
1283
x-xss-protection
1; mode=block
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
x-frame-options
deny
etag
"5eab4a31-1283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX7kcSlc53asAA4PilqGsplrRSlzWt1dVee1EhANQZx%2Bvj6lNbcAUoxBADjOJ%2Flfr9hsutKGbAH%2BT21zpKks70L0QaPw%2BLNV3kJTQN6HMjW9qSRC%2BDInIA%2BLGhxF3mSndBt9vPsHB3eOSaEziY2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6b22d2d93d7c4309-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Mon, 22 Nov 2021 14:24:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
426
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
deny
content-type
text/html
location
https://licensebuttons.net/l/by/4.0/88x31.png
cache-control
max-age=432000
strict-transport-security
max-age=15768000
cf-ray
6b22d2d8deec692b-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
email-decode.min.js
powershell.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame BF76 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powershell.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/isesteroids/quickstart/overview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Nov 2021 01:22:51 GMT
server
cloudflare
etag
W/"6196fc6b-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKKs0bCWV7%2BgxBWS4TBP%2F294GGEvXJ7jcnrcUPazukSyUbGfRsvuZ%2FlVzvUHNTxF9izEbMnlSsWz5M4cB4hi2zrHuM4%2FF%2BWyQkRrN4xlNRWc3s7Jv8%2FvAYB4k5M2jz56VxIdC90POn1NqZ4wjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b22d2d8af475b7a-FRA
vary
Accept-Encoding
expires
Wed, 24 Nov 2021 14:24:50 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame BF76 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 10:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Nov 2022 10:14:04 GMT
clipboard.min.js
powershell.one/assets/js/ Frame BF76 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powershell.one/assets/js/clipboard.min.js
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/isesteroids/quickstart/overview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
eae0737565248030ab6d38902572a52523af03ed
date
Mon, 22 Nov 2021 14:24:50 GMT
via
1.1 varnish
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19177-FRA
last-modified
Wed, 03 Jun 2020 16:41:52 GMT
server
cloudflare
x-github-request-id
2600:CB52:1DDF4DF:1EB4F02:60BC495D
x-timer
S1622970498.981851,VS0,VE87
etag
W/"5ed7d2d0-2a02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=616ByeeVzeepPNufQET3Wo%2FAivXoDUr7SYIFm%2F0wbc9v%2B61MpEQJ1je4wMy0JH3BFb55pEqH7qnzQTswXzoGSOeE1GwdAZ02iHy9iZ0CzgfEkDTHZY852aYGNs5k92oUNkmUFaANqoQRNVHB0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6b22d2d8af4a5b7a-FRA
x-proxy-cache
MISS
expires
Mon, 22 Nov 2021 10:53:22 GMT
codeselect.js
powershell.one/assets/js/ Frame BF76 		761 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powershell.one/assets/js/codeselect.js
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378928033b75edbed753788ea81ea4a334585cc6863d96baa0ed2816b3b71170

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/isesteroids/quickstart/overview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
60f19c40c68df90fc316e49766b229411f179f8e
date
Mon, 22 Nov 2021 14:24:50 GMT
via
1.1 varnish
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1257
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19128-FRA
last-modified
Wed, 03 Jun 2020 16:41:52 GMT
server
cloudflare
x-github-request-id
9224:C95B:6C86C6:7044E7:617AD07C
x-timer
S1635472469.508468,VS0,VE88
etag
W/"5ed7d2d0-4e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0PrnTfQHT%2BeBn9DrW6BRfMOWpipm3A8FUEaS1mH6y7WNq2K7%2BCPIHtMa9SRQD5i%2BdM15bk4mjzLr9kqriWJLdV%2BSz1GcvweWW5KlwTGVYg5HMMNvz5fxCCaLfzwLRA5L50GLMMh5LkTi7ugeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 20 Nov 2021 23:38:56 GMT
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
6b22d2d8af4b5b7a-FRA
x-origin-cache
HIT
cf-bgj
minify
isesteroids_overview.png
powershell.one/assets/res/screenshots/isesteroids/ Frame BF76 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powershell.one/assets/res/screenshots/isesteroids/isesteroids_overview.png
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1fbd629e81b29cd5296218bdcb66f047ac7fb44e6c1dbaa2779f00a05386abf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/isesteroids/quickstart/overview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
1bf0e97eb390ce1dec48207aca96d407d1f9884b
date
Mon, 22 Nov 2021 14:24:50 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
276037
x-cache
MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
91238
x-served-by
cache-fra19178-FRA
last-modified
Wed, 03 Jun 2020 16:41:52 GMT
server
cloudflare
x-github-request-id
203E:F84E:9DEB08:A68FEE:617B806B
x-timer
S1635484316.926404,VS0,VE87
etag
"5ed7d2d0-16466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=safJ%2Bh1xweE0bqOLOHA7VaGCni6s6WMCHy5EMAICARX%2FBGHRiHzmgnXqVcwzHytRwBlnVDblbAXaObRR8q0w7wbk3UBqshB1MbsLJveSlBqtOQoR60xNMA2Fi3HUyotNhoskWlmGlJpQrTao3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b22d2d8af555b7a-FRA
x-proxy-cache
MISS
expires
Fri, 19 Nov 2021 09:54:13 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ Frame BF76 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://powershell.one
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11984323
cf-ray
6b22d2d8caf36949-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50372
x-amz-id-2
9AxMbD5CyG2uFx3rgoJr1Gd/zaB9vGNYleQe60fsVpQ5giHxnBNnYpBbG5OV/hX7YgnETxk1pMU=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"8a8c0474283e0d9ef41743e5e486bf05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB3JpKN3xa5yvHXifK63P6NjFhisAwIeTJWYc1rQU3vKF2q2Wdgryqhm6itfA417oY73lXmFJnLxFlrPVlbctsDlxWh%2Fu72kK7LGy8OvRFx3r4inAHOh%2B8vxZnx1%2FkA%2Bun4MELG4WsX1B3gyMUgBrwNk"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
CWY4Q2P607SJ6P0H
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ Frame BF76 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://powershell.one
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6081793
cf-ray
6b22d2d8caf66949-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12188
x-amz-id-2
JvAw1DpoJNRU7FJHNg3NFmirpF91UlXnjE+MapQO6E6MeF2CDJcgCqKIsrfJrvUv/VrzJ68M2gw=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"33f727ccde4b05c0ed143c5cd78cda0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDG94uUjbKd0He4dYwJq%2FrRqEJrNYgOZH59N9HF6jsr16BKZ2%2FJ0p34RCjC0e5GqnvK4szNwqv39fhoInOrvyK%2BfGkJJho%2B1jr%2B%2Fz64pKIut50HIpzZBScoHpORcMM9K%2Bp3wPFppDVyawyBbn4L2ZPTj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
KNV5366BPFJHFBA6
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
jquery.min.js
cdn.bootcss.com/jquery/3.1.1/ Frame BF76 		0
0
analytics.js
www.google-analytics.com/ Frame BF76 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151343537-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2987
date
Mon, 22 Nov 2021 13:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 22 Nov 2021 15:35:03 GMT
cse.js
cse.google.com/ Frame BF76 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=002517910569379202526:17bjmmhipe9
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
7b8ab6337ff53cc6ce2dadcd66dc90fc9edf2e3b226ec14851b06812f2e15a0a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 22 Nov 2021 14:24:50 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
expires
Mon, 22 Nov 2021 14:24:50 GMT
Chart.bundle.min.js
cdn.bootcss.com/Chart.js/2.7.2/ Frame BF76 		0
0
cse_element__en.js
www.google.com/cse/static/element/54e62135847a1703/ Frame BF76 		300 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002517910569379202526:17bjmmhipe9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 11:55:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101668
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Nov 2022 11:55:55 GMT
default+en.css
www.google.com/cse/static/element/54e62135847a1703/ Frame BF76 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002517910569379202526:17bjmmhipe9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 20:41:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Nov 2022 15:48:50 GMT
shiny.css
www.google.com/cse/static/style/look/v4/ Frame BF76 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/shiny.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002517910569379202526:17bjmmhipe9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb1c7ac42d67db1385aa4eb4f30d35c4370bce6c49cfac0559c3a677c564860a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 13:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1549
x-xss-protection
0
last-modified
Wed, 12 Aug 2020 16:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 22 Nov 2021 14:29:21 GMT
async-ads.js
cse.google.com/adsense/search/ Frame BF76 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd6b627fecddb363f6b3646416d359b61ac9f64f054cbcf6249b16920f1a440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"10627874126189271957"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 22 Nov 2021 14:24:50 GMT
clear.png
www.google.com/cse/static/css/v2/ Frame BF76 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 05:46:24 GMT
x-content-type-options
nosniff
age
463106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 17 Nov 2022 05:46:24 GMT
generate_204
www.googleapis.com/ Frame BF76 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ Frame BF76 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: powershell.one
URL: https://powershell.one/isesteroids/quickstart/overview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powershell.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:24:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.bootcss.com
URL
https://cdn.bootcss.com/jquery/3.1.1/jquery.min.js
Domain
cdn.bootcss.com
URL
https://cdn.bootcss.com/Chart.js/2.7.2/Chart.bundle.min.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.bootcss.com
clients1.google.com
cse.google.com
i.creativecommons.org
licensebuttons.net
powershell.one
powertheshell.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
cdn.bootcss.com
2606:4700:10::6814:9610
2606:4700:20::681a:4d6
2606:4700:3030::ac43:cc27
2606:4700:3031::ac43:d645
2a00:1450:4001:801::200a
2a00:1450:4001:809::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
89.31.143.1
0bd6b627fecddb363f6b3646416d359b61ac9f64f054cbcf6249b16920f1a440
15c4c65e16a7ebadfbe2cbd873accff5e3c4aaf1bf6924cd6738de68826623c6
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
378928033b75edbed753788ea81ea4a334585cc6863d96baa0ed2816b3b71170
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
7b8ab6337ff53cc6ce2dadcd66dc90fc9edf2e3b226ec14851b06812f2e15a0a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9dfd5e1e0091014e50696c80d0ecfa98f5eb82154f711579802f82de7aea843f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fbd629e81b29cd5296218bdcb66f047ac7fb44e6c1dbaa2779f00a05386abf
c18ac2228975c2d9d27f5344d81ddf6dd71ed458228f63c342cc4f4de68e9bed
cb1c7ac42d67db1385aa4eb4f30d35c4370bce6c49cfac0559c3a677c564860a
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d6b9d0cdd36712f0a56bdc67d2105650070cff7a59d7ac42314b919c4ae3aa
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
f6610ccbea1e03907488b2b223d3ddbe77bb5d62aa058a0ddfcb9356f20b438a