2020.ractf.co.uk Open in urlscan Pro
2600:9000:20eb:c800:14:72bc:9540:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 2020.ractf.co.uk/	5 KB 3 KB	135ms 93ms	Document text/html	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0ec1cf46826455e15df4f56da02fb75638881c166fa6e6522d9d3b9336c19f64 Request headers :method GET :authority 2020.ractf.co.uk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 content-type text/html last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 content-encoding gzip date Thu, 12 Nov 2020 09:13:14 GMT etag "9531c3e3280b25a51836cfdd813a4309" vary Accept-Encoding x-cache RefreshHit from cloudfront via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amz-cf-id e_slzFmkDzvL2nZaYXd2P0g1ZUJ8kcRwwGiiDscM2MMR3ZLt_mSjbA==
GET H2	200	css fonts.googleapis.com/	2 KB 541 B	20ms 19ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700|Robot+Mono:400&display=swap Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 75c1dd337ff8f87aa0243c3fdb07c069ba3ca476e255d701e536663d598a7118 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 12 Nov 2020 09:13:13 GMT server ESF date Thu, 12 Nov 2020 09:13:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 12 Nov 2020 09:13:13 GMT
GET H2	200	18.94a52f88.chunk.css 2020.ractf.co.uk/static/css/	23 KB 4 KB	137ms 136ms	Stylesheet text/css	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/css/18.94a52f88.chunk.css Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 55f434dac9baa54c88bdd40aeaeffde13c01d4e23f0d585fe1ce4ce28a2b3e8d Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:14 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"78f7dcb3e0e9dfaa2eff60d2e01b8ff5" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css status 200 x-amz-cf-id 55bcD5eZzUmaoG00mKO3XIWbJBcj2zD7aHAK8BiAwz5mzA2yPfbLfQ== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H2	200	main.5794da45.chunk.css 2020.ractf.co.uk/static/css/	124 KB 22 KB	164ms 163ms	Stylesheet text/css	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/css/main.5794da45.chunk.css Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5a3dd24168f55e19b83cb432a87b2bea43199be4ac43e24f86d3cf15bae628eb Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:14 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"83e5bdbf671c30128ecf82af8e888b9a" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css status 200 x-amz-cf-id gBOZEzDjtRvMWDJ8dlHKyx8WiICQefS4bbUU76IzCN-5fFtrsrpOMw== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H2	200	18.0639aa9f.chunk.js Show response 2020.ractf.co.uk/static/js/	1 MB 350 KB	147ms 146ms	Script application/javascript	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdd3b2acf655463fda0e03c3e7be4bd5416a037869f515b6713eabdb754e9e96 Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:14 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"ed1fc0d4f5a7b7cb1b7ca7d3875934d8" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript status 200 x-amz-cf-id cOc7evBmrcFBebSuTPMvaKI8IdG6q_THic6TSG3YE7H8l1hXDBot_g== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H2	200	main.00befe95.chunk.js Show response 2020.ractf.co.uk/static/js/	259 KB 79 KB	160ms 159ms	Script application/javascript	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/js/main.00befe95.chunk.js Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 53fe440fa2078935cf106d48b0b598723d2574e53f1bd3c718bd3535c864d140 Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:14 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:31 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"e8bab359c908ff688387e512351dd172" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript status 200 x-amz-cf-id 4kZbLTFjThk4yyo75H4LSh66uXDc1UYaV3eCkoga-phvOM2m3cKY2w== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H2	200	22.7a6daa33.chunk.js Show response 2020.ractf.co.uk/static/js/	799 KB 389 KB	154ms 154ms	Script application/javascript	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/js/22.7a6daa33.chunk.js Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5a98934aeac807748692708481f24ed967cc8538b1fd8a013b83cf7805b9ef0f Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:15 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"a9801eef7aa6ca71262902bf31f9cd29" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript status 200 x-amz-cf-id dwTPjfBVv1k0B_YUSPY1NBlWDeM8ARbCsvoLlyQiiOmTgYkMxArJJQ== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 7046 date Thu, 12 Nov 2020 07:15:48 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Thu, 12 Nov 2020 09:15:48 GMT
GET H2	200	20.ec308bf1.chunk.js Show response 2020.ractf.co.uk/static/js/	62 KB 18 KB	143ms 143ms	Script application/javascript	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/js/20.ec308bf1.chunk.js Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fd1248dbd658dfd3f619f4f2ee1a440efa495b8aaec19a35c78ce1c77170321b Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:15 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"d60858b7a21d3d2929c5b223eb5148ac" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript status 200 x-amz-cf-id sclacwNroIJwxjX0avoiHH6VZ9KsKV1ZBM9yxTHCeLLUxByGm_ZgKA== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ec002cc44ef1f97999c8d148b51012b484bfe074768ed0fba4f7861e75e411bb Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Robot+Mono:400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://2020.ractf.co.uk Referer https://fonts.googleapis.com/css?family=Lato:400,700|Robot+Mono:400&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 07 Nov 2020 23:28:07 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 380707 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Sun, 07 Nov 2021 23:28:07 GMT
GET H2	200	/ Show response api-2020.ractf.co.uk/api/v2/stats/countdown/	177 B 380 B	106ms 36ms	XHR application/json	193.57.159.13 INFERNO
General Check archive.org Show headers Download Go to Full URL https://api-2020.ractf.co.uk/api/v2/stats/countdown/ Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.57.159.13 , France, ASN207841 (INFERNO, GB), Reverse DNS dcooke-159-13.cust.ix1.infernocomms.com Software gunicorn/20.0.4 / Resource Hash 1dde01ab89bbc0f64e43eacf91c871911d12c50aaece42572958bbf0ab99f79a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 12 Nov 2020 09:13:14 GMT vary Accept, Origin server gunicorn/20.0.4 x-frame-options DENY allow OPTIONS, GET content-type application/json; charset=utf-8 access-control-allow-origin https://2020.ractf.co.uk access-control-allow-credentials true content-length 177 x-content-type-options nosniff
GET H2	200	/ Show response api-2020.ractf.co.uk/api/v2/config/	826 B 887 B	116ms 46ms	XHR application/json	193.57.159.13 INFERNO
General Check archive.org Show headers Download Go to Full URL https://api-2020.ractf.co.uk/api/v2/config/ Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.57.159.13 , France, ASN207841 (INFERNO, GB), Reverse DNS dcooke-159-13.cust.ix1.infernocomms.com Software gunicorn/20.0.4 / Resource Hash de5f2571332a219569e57f4dbbb8859e94dd61b0b2a25717f1d0bd73eb997cfb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 12 Nov 2020 09:13:14 GMT vary Accept, Origin server gunicorn/20.0.4 x-frame-options DENY allow GET, POST, PATCH, HEAD, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://2020.ractf.co.uk access-control-allow-credentials true content-length 826 x-content-type-options nosniff
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 409 B	48ms 13ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=466579978&t=pageview&_s=1&dl=https%3A%2F%2F2020.ractf.co.uk%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RACTF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=425473599&gjid=541130309&cid=234561741.1605172394&tid=UA-167342912-1&_gid=326584687.1605172394&_r=1&_slc=1&z=326930558 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://2020.ractf.co.uk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Nov 2020 09:13:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://2020.ractf.co.uk cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a1df26e35bf5be9451dbb75b283d5610936cbd4dc0e6bf291025064cbea89211 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Gilroy-Bold.9747c221.woff 2020.ractf.co.uk/static/media/	61 KB 61 KB	118ms 118ms	Font binary/octet-stream	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://2020.ractf.co.uk/static/media/Gilroy-Bold.9747c221.woff Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/css/main.5794da45.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd Request headers Origin https://2020.ractf.co.uk Referer https://2020.ractf.co.uk/static/css/main.5794da45.chunk.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:15 GMT via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront) last-modified Sun, 01 Nov 2020 20:50:31 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "9747c2216b2edf059481d6d212864734" x-cache Miss from cloudfront content-type binary/octet-stream status 200 accept-ranges bytes content-length 62488 x-amz-cf-id 8UUDEuehF1TjLvhCxDUbUuhMleTnnuU9Om5NYzvCjzU0aGGgZysIeg==
GET H3-Q050	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	35ms 20ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Robot+Mono:400&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://2020.ractf.co.uk Referer https://fonts.googleapis.com/css?family=Lato:400,700|Robot+Mono:400&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 08 Nov 2020 09:05:27 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:25 GMT server sffe age 346067 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Mon, 08 Nov 2021 09:05:27 GMT
GET H2	200	spine.5296c512.svg 2020.ractf.co.uk/static/media/	1007 B 896 B	139ms 138ms	Image image/svg+xml	2600:9000:20eb:c800:14:72bc:9540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://2020.ractf.co.uk/static/media/spine.5296c512.svg Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c800:14:72bc:9540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 96373aaeb1ef7bc4096ad4ddb8e9bc1662eb91e5ed49c519c2e22361a04e60e1 Request headers Referer https://2020.ractf.co.uk/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:15 GMT content-encoding gzip last-modified Sun, 01 Nov 2020 20:50:31 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"5296c512608a0aed01c88bccca9fa1f9" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml status 200 x-amz-cf-id -BPXSDloRgSZdR6lm6ifBpNRnYboumHCvvEBKDM83ortfnXa4fFLOQ== via 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
GET H3-Q050	200	collect www.google-analytics.com/	35 B 122 B	7ms 6ms	Image image/gif	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=466579978&t=pageview&_s=2&dl=https%3A%2F%2F2020.ractf.co.uk%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=RACTF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=234561741.1605172394&tid=UA-167342912-1&_gid=326584687.1605172394&z=315947288 Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/login Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://2020.ractf.co.uk/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 12 Nov 2020 02:15:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 25064 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	401	/ Show response api-2020.ractf.co.uk/api/v2/challenges/categories/	42 B 105 B	42ms 41ms	XHR application/json	193.57.159.13 INFERNO
General Check archive.org Show headers Download Go to Full URL https://api-2020.ractf.co.uk/api/v2/challenges/categories/ Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.57.159.13 , France, ASN207841 (INFERNO, GB), Reverse DNS dcooke-159-13.cust.ix1.infernocomms.com Software gunicorn/20.0.4 / Resource Hash a44b27bcc6eb173fe3c152f53ce69b05807b380a0b109ac85161937bf605c977 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://2020.ractf.co.uk/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 401 date Thu, 12 Nov 2020 09:13:14 GMT www-authenticate Token server gunicorn/20.0.4 x-frame-options DENY allow GET, POST, HEAD, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://2020.ractf.co.uk access-control-allow-credentials true vary Accept, Origin content-length 42 x-content-type-options nosniff
GET H2	200	/ Show response api-2020.ractf.co.uk/api/v2/config/	826 B 855 B	47ms 46ms	XHR application/json	193.57.159.13 INFERNO
General Check archive.org Show headers Download Go to Full URL https://api-2020.ractf.co.uk/api/v2/config/ Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.57.159.13 , France, ASN207841 (INFERNO, GB), Reverse DNS dcooke-159-13.cust.ix1.infernocomms.com Software gunicorn/20.0.4 / Resource Hash de5f2571332a219569e57f4dbbb8859e94dd61b0b2a25717f1d0bd73eb997cfb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://2020.ractf.co.uk/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 12 Nov 2020 09:13:14 GMT vary Accept, Origin server gunicorn/20.0.4 x-frame-options DENY allow GET, POST, PATCH, HEAD, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://2020.ractf.co.uk access-control-allow-credentials true content-length 826 x-content-type-options nosniff
GET H2	404	/ Show response api-2020.ractf.co.uk/api/v2/pages/	9 KB 9 KB	32ms 31ms	XHR text/html	193.57.159.13 INFERNO
General Check archive.org Show headers Download Go to Full URL https://api-2020.ractf.co.uk/api/v2/pages/ Requested by Host: 2020.ractf.co.uk URL: https://2020.ractf.co.uk/static/js/18.0639aa9f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.57.159.13 , France, ASN207841 (INFERNO, GB), Reverse DNS dcooke-159-13.cust.ix1.infernocomms.com Software gunicorn/20.0.4 / Resource Hash 54e3011f4d9b163365a91abe980c18fc5711bff3cec6ea4d96b55da6b9d918a3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/plain, */* Referer https://2020.ractf.co.uk/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 09:13:14 GMT x-content-type-options nosniff server gunicorn/20.0.4 status 404 x-frame-options DENY content-type text/html access-control-allow-origin https://2020.ractf.co.uk access-control-allow-credentials true vary Origin content-length 8876

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| env object| webpackJsonp function| setImmediate function| clearImmediate object| __ractf_plugins object| regeneratorRuntime function| Color function| Chart function| Hammer string| GoogleAnalyticsObject function| ga object| __ws object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __ractf_alert function| __zxcvbn object| __SENTRY__

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ractf.co.uk/	1970-01-19 13:54:18	Name: _gid Value: GA1.3.326584687.1605172394
			.ractf.co.uk/	1970-01-19 13:52:52	Name: _gat Value: 1
			.ractf.co.uk/	1970-01-20 07:24:04	Name: _ga Value: GA1.3.234561741.1605172394

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://2020.ractf.co.uk/static/js/main.00befe95.chunk.js(Line 1) Message: %c[Websocket] color: #d3d Websocket connected.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2020.ractf.co.uk
api-2020.ractf.co.uk
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
193.57.159.13
2600:9000:20eb:c800:14:72bc:9540:93a1
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:80b::200a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0ec1cf46826455e15df4f56da02fb75638881c166fa6e6522d9d3b9336c19f64
1dde01ab89bbc0f64e43eacf91c871911d12c50aaece42572958bbf0ab99f79a
53fe440fa2078935cf106d48b0b598723d2574e53f1bd3c718bd3535c864d140
54e3011f4d9b163365a91abe980c18fc5711bff3cec6ea4d96b55da6b9d918a3
55f434dac9baa54c88bdd40aeaeffde13c01d4e23f0d585fe1ce4ce28a2b3e8d
5a3dd24168f55e19b83cb432a87b2bea43199be4ac43e24f86d3cf15bae628eb
5a98934aeac807748692708481f24ed967cc8538b1fd8a013b83cf7805b9ef0f
75c1dd337ff8f87aa0243c3fdb07c069ba3ca476e255d701e536663d598a7118
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96373aaeb1ef7bc4096ad4ddb8e9bc1662eb91e5ed49c519c2e22361a04e60e1
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1df26e35bf5be9451dbb75b283d5610936cbd4dc0e6bf291025064cbea89211
a44b27bcc6eb173fe3c152f53ce69b05807b380a0b109ac85161937bf605c977
bdd3b2acf655463fda0e03c3e7be4bd5416a037869f515b6713eabdb754e9e96
c776b3baeb6873855bd5b7acda924be596cc035d48603cf3281744ffdb4348dd
de5f2571332a219569e57f4dbbb8859e94dd61b0b2a25717f1d0bd73eb997cfb
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ec002cc44ef1f97999c8d148b51012b484bfe074768ed0fba4f7861e75e411bb
fd1248dbd658dfd3f619f4f2ee1a440efa495b8aaec19a35c78ce1c77170321b