urlscan.io logo urlscan.io
SecurityTrails logo

jhalon.github.io Open in urlscan Pro
185.199.109.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Submission: On September 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 29 HTTP transactions. The main IP is 185.199.109.153, located in United States and belongs to FASTLY, US. The main domain is jhalon.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time jhalon.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 185.199.109.153 54113 (FASTLY)
1 2a01:7c8:eb:0... 20857 (TRANSIP-A...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 192.254.237.124 46606 (UNIFIEDLA...)
2 2a00:1450:400... 15169 (GOOGLE)
4 199.232.196.134 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.64.134 54113 (FASTLY)
2 151.101.112.64 54113 (FASTLY)
29 10
10    185.199.109.153 (United States)

ASN54113 (FASTLY, US)
jhalon.github.io
mark-borg.github.io
1    2a01:7c8:eb:0:149:210:170:219 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
outflank.nl
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
2    2a02:26f0:6c00:29b::353e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
docs.microsoft.com
1    192.254.237.124 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-237-124.unifiedlayer.com
beahealthygeek.com
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
jhalon.disqus.com
referrer.disqus.com
4    2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)
c.disquscdn.com
2    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
links.services.disqus.com
Domain Requested by
9 jhalon.github.io jhalon.github.io
4 c.disquscdn.com jhalon.disqus.com
2 referrer.disqus.com
2 disqus.com jhalon.disqus.com
2 jhalon.disqus.com jhalon.github.io
2 ssl.google-analytics.com jhalon.github.io
2 docs.microsoft.com jhalon.github.io
1 links.services.disqus.com c.disquscdn.com
1 tempest.services.disqus.com jhalon.disqus.com
1 mark-borg.github.io jhalon.github.io
1 beahealthygeek.com jhalon.github.io
1 upload.wikimedia.org jhalon.github.io
1 outflank.nl jhalon.github.io
29 13
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.outflank.nl
Let's Encrypt Authority X3		 2020-08-02 -
2020-10-31		 3 months crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-10-06		 a year crt.sh
docs.microsoft.com
Microsoft IT TLS CA 1		 2019-04-19 -
2021-04-19		 2 years crt.sh
webmail.beahealthygeek.com
Let's Encrypt Authority X3		 2020-09-13 -
2020-12-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-15 -
2021-08-15		 a year crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-30 -
2020-12-02		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Frame ID: B480D9A6FD745AAAD3CFB814976BBE97
Requests: 27 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=jhalon&t_u=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&t_d=%20Red%20Team%20Tactics%3A%20Utilizing%20Syscalls%20in%20C%23%20-%20Prerequisite%20Knowledge&t_t=%20Red%20Team%20Tactics%3A%20Utilizing%20Syscalls%20in%20C%23%20-%20Prerequisite%20Knowledge&s_o=default
Frame ID: 81CD04827CC1F4F0F666FE31935CBF2F
Requests: 1 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=jhalon&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2352adc8&colorScheme=light&sourceUrl=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&disqus_version=f57749e
Frame ID: 56D2502A4589A596D343026D40399029
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

13
Subdomains

10
IPs

4
Countries

2402 kB
Transfer

2448 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jhalon.github.io/utilizing-syscalls-in-csharp-1/ 		68 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8c8e391e70b0a20411680985752872d41cb8ff71fccf03e882d948d799bd4b0a

Request headers

:method
GET
:authority
jhalon.github.io
:scheme
https
:path
/utilizing-syscalls-in-csharp-1/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
server
GitHub.com
last-modified
Mon, 13 Jul 2020 19:01:05 GMT
etag
W/"5f0caf71-10e92"
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
59F0:2B11:37851FC:3BB464C:5F66B33D
accept-ranges
bytes
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4036-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1600566077.343680,VS0,VE90
vary
Accept-Encoding
x-fastly-request-id
19d5fad9057649fa719cb25ec8d4aa85ac4e8ceb
content-length
18582
main.css
jhalon.github.io/assets/css/ 		78 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jhalon.github.io/assets/css/main.css
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d132de4d02d93426fc5021eb3cca5d7681a6f781c6694077de8839d95548351c

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
2f2aa6868936c8d58a387fcc74e241299412c70e
date
Sun, 20 Sep 2020 01:41:17 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
17031
x-served-by
cache-hhn4036-HHN
access-control-allow-origin
*
last-modified
Mon, 13 Jul 2020 19:01:04 GMT
server
GitHub.com
x-github-request-id
41C0:B330:58767B3:5E45B17:5F66B33B
x-timer
S1600566077.489067,VS0,VE94
etag
W/"5f0caf70-1383d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bio-photo2.jpg
jhalon.github.io/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jhalon.github.io/images/bio-photo2.jpg
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ab9b72c4ab3de1aefc1ecc6c699d97b3fa8e96268498d46de09b6b56e1dd3fa8

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
afc887b11c8affd7b5a9077c026933ee55e15629
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
39588
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:47 GMT
server
GitHub.com
x-github-request-id
E5DA:B1C8:289101:2F7847:5F66B33D
x-timer
S1600566077.489221,VS0,VE89
etag
"5f0caf5f-9aa4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
Picture4.png
outflank.nl/blog/wp-content/uploads/2019/06/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://outflank.nl/blog/wp-content/uploads/2019/06/Picture4.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:7c8:eb:0:149:210:170:219 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
0ac75ae79a77428d762065560216afa99ae5c7f9dedb3fe1b33f5887c5d6ba1e

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:17 GMT
X-TransIP-Balancer
balancer6
X-TransIP-Backend
web723
Server
Apache
ETag
"f3dc-58b949aea9d21"
Content-Type
image/png
Last-Modified
Tue, 18 Jun 2019 08:07:34 GMT
Accept-Ranges
bytes
Content-Length
62428
1200px-Priv_rings.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/2/2f/Priv_rings.svg/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/2f/Priv_rings.svg/1200px-Priv_rings.svg.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
086f5b6f04f2ee6cdf7b6e1e85243e70a37dc563df62d065f84838ae703d373b
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 10:53:44 GMT
age
53254
x-cache-status
hit-local
x-cache
cp3059 hit, cp3061 miss
status
200
server-timing
cache;desc="hit-local"
content-length
123041
x-client-ip
2a01:4f8:192:5414::2
last-modified
Sun, 10 Mar 2019 09:36:45 GMT
server
ATS/8.0.8
etag
2a9249522d8bdb211dbb4eb0aec70b75
strict-transport-security
max-age=106384710; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-timestamp
1552210604.86202
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
win-handles.png
jhalon.github.io/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jhalon.github.io/images/win-handles.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a9c7b3adad9596cdb0188a37a68197f0737777691a892d8fbb5d3cfb3cdecedb

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
b6c5eb49fd068049c020ab2f7ba6b51a2815c417
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
72833
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:48 GMT
server
GitHub.com
x-github-request-id
8D6E:598B:74B6A29:7CF7196:5F66B33D
x-timer
S1600566077.494807,VS0,VE89
etag
"5f0caf60-11c81"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
virtualaddressspace01.png
docs.microsoft.com/en-us/windows-hardware/drivers/gettingstarted/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.microsoft.com/en-us/windows-hardware/drivers/gettingstarted/images/virtualaddressspace01.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29b::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
2d8addf1a42dd993073e69a32cc5ab33f6e92e33e4701f41613bf5e4d2f854ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
7542
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Fri, 07 Dec 2018 22:03:33 GMT
x-datacenter
wus
date
Sun, 20 Sep 2020 01:41:18 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
image/png
cache-control
public, max-age=1791
etag
"0x8D65C8FD4972AEC"
akamai-cache-status
Miss from child, RefreshHit from parent
request-context
appId=cid-v1:21aee9e4-1cf5-4750-b2bd-78b2747f4211
expires
Sun, 20 Sep 2020 02:11:09 GMT
create-file-switch.jpg
jhalon.github.io/images/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jhalon.github.io/images/create-file-switch.jpg
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f101cf3106784763a88baab394f99a06e86dbcbe41b5b2cafcd13c7bcc63107b

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
2d40bfce77f9331562eccb691ad5f5f63fff0d6d
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
273621
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:47 GMT
server
GitHub.com
x-github-request-id
A45A:B146:5B713D6:61830AA:5F66B33D
x-timer
S1600566077.494943,VS0,VE246
etag
"5f0caf5f-42cd5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
create-file-syscall.jpg
jhalon.github.io/images/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jhalon.github.io/images/create-file-syscall.jpg
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ba457f11a280367fcf623089df0111ed2c1551bc371e0bbbd02a9a743393c45c

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
32eba6a07b30f8e7b9485e5288414edaf9802b4a
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
237306
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:47 GMT
server
GitHub.com
x-github-request-id
E978:B8E1:5F50B49:65E35E1:5F66B33C
x-timer
S1600566077.494938,VS0,VE170
etag
"5f0caf5f-39efa"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
net-architecture-relationships.png
docs.microsoft.com/en-us/dotnet/csharp/getting-started/media/introduction-to-the-csharp-language-and-the-net-framework/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.microsoft.com/en-us/dotnet/csharp/getting-started/media/introduction-to-the-csharp-language-and-the-net-framework/net-architecture-relationships.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29b::353e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
29464cb7a0fde07784a2622d00dfcc2fa71c8ffd6e29aa9cbfb6433f2340bc82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
status
200
content-length
12747
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
last-modified
Wed, 25 Jul 2018 00:02:27 GMT
x-datacenter
eus
date
Sun, 20 Sep 2020 01:41:17 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
image/png
cache-control
public, max-age=1800
etag
"0x8D5F1C1E8473D02"
akamai-cache-status
Miss from child, RefreshHit from parent
request-context
appId=cid-v1:cd765a3e-2aba-43aa-b307-6e4b3b4be342
expires
Sun, 20 Sep 2020 02:11:17 GMT
patience_grasshopper.jpg
beahealthygeek.com/wp-content/uploads/2016/07/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beahealthygeek.com/wp-content/uploads/2016/07/patience_grasshopper.jpg
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.237.124 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-237-124.unifiedlayer.com
Software
Apache /
Resource Hash
6aab110a343ec948a2f5d997a63c63294e5e5e1cfbc7527d6b5fa5e0c5245ba0

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 20 Sep 2020 01:41:18 GMT
last-modified
Tue, 19 Jul 2016 19:10:26 GMT
server
Apache
accept-ranges
bytes
content-length
28485
content-type
image/jpeg
pinvoke-diagram.png
mark-borg.github.io/img/posts/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mark-borg.github.io/img/posts/pinvoke-diagram.png
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9dae01e86795a0ad60744bf687a4721467f2e83b8d10591433e69a78bcd0c7cb

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
2b1c56e0a9e645f033a3f5ed5f656fc38733a541
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
48241
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 03 Jun 2019 13:32:00 GMT
server
GitHub.com
x-github-request-id
B920:2B12:7159EE1:795E9CD:5F66B33C
x-timer
S1600566078.506701,VS0,VE88
etag
"5cf52150-bc71"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
main.min.js
jhalon.github.io/assets/js/ 		128 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jhalon.github.io/assets/js/main.min.js
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a23871cba7914d69d0afd4bec46ac6e5aed74ddc7ce1aef63ff7e830b1e05efe

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
e21d1b82ea547c08293e6e18ac16f88aef54fe2c
date
Sun, 20 Sep 2020 01:41:17 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
45336
x-served-by
cache-hhn4036-HHN
access-control-allow-origin
*
last-modified
Mon, 13 Jul 2020 19:00:47 GMT
server
GitHub.com
x-github-request-id
D518:B1B0:5AB326:64CA6F:5F66B334
x-timer
S1600566078.509063,VS0,VE90
etag
W/"5f0caf5f-200ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
syscall-bg.jpg
jhalon.github.io/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jhalon.github.io/images/syscall-bg.jpg
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
eed7d9349604994218625fe73885d7749d7dc9e49d34fbc3d635f4c38af03fb3

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
f10d816e758fd550fda46d379c768115b93134e8
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
1108363
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:48 GMT
server
GitHub.com
x-github-request-id
2CB6:B330:58767BC:5E45B3E:5F66B33D
x-timer
S1600566078.670060,VS0,VE249
etag
"5f0caf60-10e98b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
fontawesome-webfont.woff2
jhalon.github.io/assets/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jhalon.github.io/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/assets/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://jhalon.github.io
Referer
https://jhalon.github.io/assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
c42974b4566162f291e1981c8607cf84d3e0adbe
date
Sun, 20 Sep 2020 01:41:17 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
71896
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Jul 2020 19:00:47 GMT
server
GitHub.com
x-github-request-id
2BBC:B35B:3673FEE:3A62A73:5F66B33C
x-timer
S1600566078.674552,VS0,VE88
etag
"5f0caf5f-118d8"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Sun, 20 Sep 2020 01:51:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4640
date
Sun, 20 Sep 2020 00:23:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 20 Sep 2020 02:23:57 GMT
embed.js
jhalon.disqus.com/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jhalon.disqus.com/embed.js
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
3df74ead62199c4e20762ba093d1b366c55a176c5993f6ebb0e33c4a983333cf
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:18 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
23137
count.js
jhalon.disqus.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jhalon.disqus.com/count.js
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1780864
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 24 Aug 2020 22:36:24 GMT
Server
nginx
ETag
"5f4440e8-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
__utm.gif
ssl.google-analytics.com/r/ 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=918206832&utmhn=jhalon.github.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Red%20Team%20Tactics%3A%20Utilizing%20Syscalls%20in%20C%23%20-%20Prerequisite%20Knowledge%20-%20Jack%20Hacks&utmhid=880240931&utmr=-&utmp=%2Futilizing-syscalls-in-csharp-1%2F&utmht=1600566077923&utmac=UA-85282217-1&utmcc=__utma%3D214486476.670715275.1600566078.1600566078.1600566078.1%3B%2B__utmz%3D214486476.1600566078.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=981507659&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: jhalon.github.io
URL: https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Sep 2020 01:41:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.6525595c7a9874fa10bd041275e40f17.css
c.disquscdn.com/next/embed/styles/ 		0
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.6525595c7a9874fa10bd041275e40f17.css
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 01:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5211593
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
22092
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Mon, 20 Jul 2020 23:36:39 GMT
server
cloudflare
etag
"5f162a87-564c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
054ac545110000c2e05cbe5200000001
accept-ranges
bytes
cf-ray
5d57d7e81b81c2e0-FRA
expires
Wed, 21 Jul 2021 18:01:24 GMT
common.bundle.e07f4f02bedd02259fb3f3e092970560.js
c.disquscdn.com/next/embed/ 		0
88 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.e07f4f02bedd02259fb3f3e092970560.js
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 01:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1804860
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
89940
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Sun, 30 Aug 2020 04:13:44 GMT
server
cloudflare
etag
"5f4b2778-15f54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
054ac545120000c2e05cbe6200000001
accept-ranges
bytes
cf-ray
5d57d7e81b82c2e0-FRA
expires
Mon, 30 Aug 2021 04:20:17 GMT
lounge.bundle.51278703436d1d8217428010be85cb48.js
c.disquscdn.com/next/embed/ 		0
113 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.51278703436d1d8217428010be85cb48.js
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 01:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
103981
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
115598
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Fri, 18 Sep 2020 20:35:28 GMT
server
cloudflare
etag
"5f651a10-1c38e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
054ac545120000c2e05cbe7200000001
accept-ranges
bytes
cf-ray
5d57d7e81b83c2e0-FRA
expires
Sat, 18 Sep 2021 20:48:16 GMT
config.js
disqus.com/next/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:18 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
11
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
7005
X-XSS-Protection
1; mode=block
/
disqus.com/embed/comments/ Frame 81CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=jhalon&t_u=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&t_d=%20Red%20Team%20Tactics%3A%20Utilizing%20Syscalls%20in%20C%23%20-%20Prerequisite%20Knowledge&t_t=%20Red%20Team%20Tactics%3A%20Utilizing%20Syscalls%20in%20C%23%20-%20Prerequisite%20Knowledge&s_o=default
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/

Response headers

Connection
keep-alive
Content-Length
3770
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Sun, 06 Sep 2020 13:59:00 GMT
ETag
W/"lounge:view:7970479543.dc962a05c135de9cebf10d15ced1a2ef.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Sun, 20 Sep 2020 01:41:19 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
/
tempest.services.disqus.com/ads-iframe/taboola/ Frame 56D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=jhalon&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2352adc8&colorScheme=light&sourceUrl=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&disqus_version=f57749e
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
tempest.services.disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/

Response headers

Connection
keep-alive
Content-Length
9235
Server
openresty
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router
Content-Encoding
gzip
Date
Sun, 20 Sep 2020 01:41:19 GMT
Age
0
Vary
Accept-Encoding,
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=fft9pe15hnkrs&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=jhalon&zone=thread&version=4885cdc92b55320b8a45187f0dca9ed4&page_url=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4269389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=fft9pe15hnkrs&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=jhalon&zone=thread&version=4885cdc92b55320b8a45187f0dca9ed4&page_url=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=4269389
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 20 Sep 2020 01:41:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
alfie.f51946af45e0b561c60f768335c9eb79.js
c.disquscdn.com/next/embed/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Requested by
Host: jhalon.disqus.com
URL: https://jhalon.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 01:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4989216
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
6605
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Wed, 15 Jan 2020 01:04:45 GMT
server
cloudflare
etag
"5e1e652d-19cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
054ac54a2f0000c2e05c80c200000001
accept-ranges
bytes
cf-ray
5d57d7f0498ec2e0-FRA
expires
Thu, 14 Jan 2021 09:43:16 GMT
ping
links.services.disqus.com/api/ 		304 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fjhalon.github.io%2Futilizing-syscalls-in-csharp-1%2F&subId=4269389&v=1&jsonp=vglnk_jsonp_16005660800620
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8fe3361e1ac2d93a7be51766402b4c7b6a3446f6e9c65f9dc4a89aeaea8189d3

Request headers

Referer
https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 20 Sep 2020 01:41:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://jhalon.github.io
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| updateNav object| $nav object| $btn object| $vlinks object| $hlinks object| breaks function| $ function| jQuery object| jQuery112409138309941123726 object| Stickyfill object| _gaq string| disqus_shortname object| _gat object| gaGlobal object| DISQUSWIDGETS undefined| disqus_domain function| disqus_config object| DISQUS string| vglnk_self function| vl_cB function| vl_disable undefined| vglnk_jsonp_16005660800620 object| vglnk

5 Cookies

Domain/Path Name / Value
.jhalon.github.io/ Name: __utmb
Value: 214486476.1.10.1600566078
.jhalon.github.io/ Name: __utmt
Value: 1
.jhalon.github.io/ Name: __utmz
Value: 214486476.1600566078.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.jhalon.github.io/ Name: __utmc
Value: 214486476
.jhalon.github.io/ Name: __utma
Value: 214486476.670715275.1600566078.1600566078.1600566078.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beahealthygeek.com
c.disquscdn.com
disqus.com
docs.microsoft.com
jhalon.disqus.com
jhalon.github.io
links.services.disqus.com
mark-borg.github.io
outflank.nl
referrer.disqus.com
ssl.google-analytics.com
tempest.services.disqus.com
upload.wikimedia.org
151.101.112.64
151.101.64.134
185.199.109.153
192.254.237.124
199.232.196.134
2606:4700::6812:a913
2620:0:862:ed1a::2:b
2a00:1450:4001:803::2008
2a01:7c8:eb:0:149:210:170:219
2a02:26f0:6c00:29b::353e
086f5b6f04f2ee6cdf7b6e1e85243e70a37dc563df62d065f84838ae703d373b
0ac75ae79a77428d762065560216afa99ae5c7f9dedb3fe1b33f5887c5d6ba1e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
29464cb7a0fde07784a2622d00dfcc2fa71c8ffd6e29aa9cbfb6433f2340bc82
2d8addf1a42dd993073e69a32cc5ab33f6e92e33e4701f41613bf5e4d2f854ed
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3df74ead62199c4e20762ba093d1b366c55a176c5993f6ebb0e33c4a983333cf
6aab110a343ec948a2f5d997a63c63294e5e5e1cfbc7527d6b5fa5e0c5245ba0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c8e391e70b0a20411680985752872d41cb8ff71fccf03e882d948d799bd4b0a
8fe3361e1ac2d93a7be51766402b4c7b6a3446f6e9c65f9dc4a89aeaea8189d3
9dae01e86795a0ad60744bf687a4721467f2e83b8d10591433e69a78bcd0c7cb
a23871cba7914d69d0afd4bec46ac6e5aed74ddc7ce1aef63ff7e830b1e05efe
a9c7b3adad9596cdb0188a37a68197f0737777691a892d8fbb5d3cfb3cdecedb
ab9b72c4ab3de1aefc1ecc6c699d97b3fa8e96268498d46de09b6b56e1dd3fa8
ba457f11a280367fcf623089df0111ed2c1551bc371e0bbbd02a9a743393c45c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d132de4d02d93426fc5021eb3cca5d7681a6f781c6694077de8839d95548351c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
eed7d9349604994218625fe73885d7749d7dc9e49d34fbc3d635f4c38af03fb3
f101cf3106784763a88baab394f99a06e86dbcbe41b5b2cafcd13c7bcc63107b