urlscan.io logo urlscan.io
SecurityTrails logo

h3x0s3.github.io Open in urlscan Pro
2606:50c0:8000::153  Public Scan

Go To Rescan Add Verdict Report
URL: https://h3x0s3.github.io/CVE2023~47261/
Submission Tags: falconsandbox
Submission: On December 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2606:50c0:8000::153, located in United States and belongs to FASTLY, US. The main domain is h3x0s3.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.
This is the only time h3x0s3.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
h3x0s3.github.io
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
2    2606:4700::6812:147e (United States)

ASN13335 (CLOUDFLARENET, US)
www.hackthebox.com
1    52.218.98.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com
tryhackme-images.s3.amazonaws.com
1    2a05:d014:58f:6201::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
identity.netlify.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4597
7 MB
3 gstatic.com
fonts.gstatic.com
36 KB
3 github.io
h3x0s3.github.io
32 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 hackthebox.com
www.hackthebox.com — Cisco Umbrella Rank: 329447
144 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
64 KB
1 netlify.com
identity.netlify.com — Cisco Umbrella Rank: 178921
54 KB
1 amazonaws.com
tryhackme-images.s3.amazonaws.com — Cisco Umbrella Rank: 378506
525 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
862 B
28 9
Domain Requested by
14 raw.githubusercontent.com h3x0s3.github.io
3 fonts.gstatic.com fonts.googleapis.com
3 h3x0s3.github.io h3x0s3.github.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.hackthebox.com h3x0s3.github.io
1 www.googletagmanager.com h3x0s3.github.io
1 identity.netlify.com h3x0s3.github.io
1 tryhackme-images.s3.amazonaws.com h3x0s3.github.io
1 fonts.googleapis.com h3x0s3.github.io
28 9

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
github.com
Subject Issuer Validity Valid
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
hackthebox.com
Cloudflare Inc ECC CA-3		 2023-10-01 -
2024-09-30		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.netlify.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-07-14 -
2024-08-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://h3x0s3.github.io/CVE2023~47261/
Frame ID: 16A17316EDD33B5824335BB8638F2DC9
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CVE-2023-47261 | H3X0S3

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

7989 kB
Transfer

8380 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h3x0s3.github.io/CVE2023~47261/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e1011c1cbe58fb79d003eb262f06bf4fbd09e1731acadf709999ae86f8300a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
463
cache-control
max-age=600
content-encoding
gzip
content-length
10386
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:31:39 GMT
etag
W/"6584809f-8d2a"
expires
Sun, 24 Dec 2023 06:03:26 GMT
last-modified
Thu, 21 Dec 2023 18:14:55 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
95dd0536bbe714467423bd0afbbaa1e824a961b8
x-github-request-id
13B8:3B300F:1171CA5:11C8D80:6587C755
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230053-FRA
x-timer
S1703406700.849368,VS0,VE2
css
fonts.googleapis.com/ 		2 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:300,400,700
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b6fa3d5595ee46cb49067940ee1f47f3d5200e6c6f9d102f5a6a95a8905781b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:31:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:31:39 GMT
styles.css
h3x0s3.github.io/assets/css/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h3x0s3.github.io/assets/css/styles.css
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
34114ca3cd9262f22ff12711b1e33902744e7c9b0b289f22afdc65d724efe1ec
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/CVE2023~47261/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
7064eca4383d6b8dd490a31b3fc134796a4def30
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:31:39 GMT
age
463
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
7601
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 21 Dec 2023 18:14:55 GMT
server
GitHub.com
x-github-request-id
FAA4:3B300F:1171D2D:11C8E02:6587C756
x-timer
S1703406700.860486,VS0,VE1
etag
W/"6584809f-969b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sun, 24 Dec 2023 06:03:26 GMT
DCM.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/DCM.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
254b63e23297ac423e4cef2e71d468a17c7348471861b2a02db2555779d6f270
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
c502396a5913b9ecc1c24af8c0ced2207ec7f98f
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
194093
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
DACA:B190D:1DA9941:1F016B2:6587EA9D
x-timer
S1703406700.874842,VS0,VE2
etag
W/"700a49c3f134b2947078428624f45f45d381cd022798c0ad125532f81d9b5cad"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled.gif
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled.gif
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2dc1fd6a28f2fcdbb3f6c6acea885d6a78e66b448b1163ff283155501c8021bf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
51ae81d25f5959cf22b54024d9c1237a88b5d9b1
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
224415
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
9088:13E98D:471F7EF:4A1898D:6587EA9C
x-timer
S1703406700.874968,VS0,VE1
etag
W/"66df840a27e1841cf5c66b50a69f4edd76e9542cbe8df62956436f97772e9c00"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%201.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%201.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19b5a2d266fc96903086cb478e5f50067aa4c7bcc2d4fd872b3562fb47b21928
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
ba6a2d243b81513bba7c4488b028e3fb873c6c09
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
137637
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
4F4A:35836E:1FB2873:211561E:6587EA9D
x-timer
S1703406700.903532,VS0,VE1
etag
W/"d3051c61cb1e748c883771c339376810809c984c3bd206ac1fc8cf12e1af5ea8"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%202.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		401 KB
402 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%202.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d785f3964d3a8dc646669ff6e33597a1ca3d77e9ac6c1de0384bc2c7e68882c5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
d1af9eeee676b3426c1e796ff5baf721b83c3ba1
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
411101
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
1268:35836E:1FB2874:211561F:6587EA9D
x-timer
S1703406700.904560,VS0,VE2
etag
W/"3bfdfe65da8057f61534a514f302ee07c57ad79eb1e703eadca94a0e95b4eef1"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%203.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		319 KB
319 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%203.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6964a18e2a537d7f6a4fbd04e52cb9d490425113ca96a760796275f19740de2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
8793db2dc4cfe4f83802e40a72fb4c7b038c7cea
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
326590
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
6CC2:1D9749:261503:28F343:6587EA9E
x-timer
S1703406700.904654,VS0,VE2
etag
W/"58d7269fb585a2d1721c75255af51c82e3fb3a4c9beed6249d5c182ced57d853"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%201.gif
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%201.gif
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8887f122ae5b0841a3c3577364cb5836e49cefdf19ad3d4bcdf820f36acaa260
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
a4fdbdd9f1d3d9d84bbd217ce454f5e98a5fc7de
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16818
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
E35E:1602E9:40FC295:43CF4F2:6587EA9D
x-timer
S1703406700.904355,VS0,VE1
etag
W/"1dc30de9ef61f441826ab31700c0ba4242c7276c55218356ae30b4e30c0e0739"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%204.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%204.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6a9df59ce7c45cbd8afa2d0537b8f7c491515417f83fb13441276c880960e42
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
3053bfe91f4915bba50c8abb7bbdf0f4620c0e9e
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
101949
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
CEBE:671CE:3156D14:3373F7C:6587EA9E
x-timer
S1703406700.904642,VS0,VE13
etag
W/"83f49cb6b881bbb8d1e34066884a7dab7e1fb47ef3535e2de0a0bb2ef9303662"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%205.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%205.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f629b5d9e97a21fd85eea5a88e97e8e512bb5ab96aed6bbe84fbe20c580baecd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
9feb71cc4cc68750e8a6dcea51dbe98f763407ad
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
83167
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
1B9C:391231:45DF19E:48D62B5:6587EA9D
x-timer
S1703406700.904654,VS0,VE1
etag
W/"e1d1e5c2f9b62470656f5f298806c10cbf8a32a700228a052bb638208a72314f"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%206.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		514 KB
515 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%206.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
292902c3a57a17c074887b1e8383f09abbdf2bade85272ea96da593d2be5674b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
6802312b415f2cd7818b942f655ff9fbf9518bc6
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
526641
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
BB28:29FB50:4641196:493A165:6587EA9E
x-timer
S1703406700.904290,VS0,VE2
etag
W/"eff2c25472164ba837751ada538e077c568c29c29e1d51656e42ae036e1545f0"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%207.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%207.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ac3672d7e2f13134c67242b1d0144728396970563b6bf3702593227e67c78a5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
2425c208280bdc024987a62b384e661af796ee62
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
222560
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
DE2C:28386D:349BCC1:36ECF49:6587EA9E
x-timer
S1703406700.904272,VS0,VE1
etag
W/"86b23dc56992b3e90196a4bcffed0b2791c238e3c3716156c744ea233d6d32ac"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%208.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%208.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bd9a4aa5413589574f36378f64dc26f84be5599a712f0daf302179d72dd76d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
f79863c734020542d5cbff66223460722b4c229e
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
172577
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
386E:29FB50:4641196:493A167:6587EA9E
x-timer
S1703406700.904266,VS0,VE2
etag
W/"41b29e1c2c3fde53d627fe321aff6e06471e8d55777c118abf282d94381a7a5a"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%209.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		439 KB
440 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%209.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b11c74f97dcf39607f2510a80cdf104268bf5b645274447cf25c500a0193c400
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
d2d9a0a4392f8eee7d415a909d01ece222749833
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
449796
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
8DD4:1D9749:261503:28F344:6587EA9D
x-timer
S1703406700.904268,VS0,VE2
etag
W/"14d35abb72835e6deecd804e4276b55a3af5513b845a16ad6dbf1422f941d99d"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%2010.png
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%2010.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e418d141f3f6784132b7eda46b9bda5fb3a960effd9aad6e7635ab138ed3047b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
0590279537c4126eca0d2024edfad56ed108e759
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
170057
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
5468:1D9749:261503:28F345:6587EA9D
x-timer
S1703406700.909306,VS0,VE1
etag
W/"aff6f2c33b277ae46157fe32ad8c9b6a0ecd411dbbe3272a9445ef7bf4e17eb7"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
Untitled%202.gif
raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/H3X0S3/h3x0s3.github.io/main/assets/img/CVE/Untitled%202.gif
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49796015745481ce16afd2cad2a8712ab7e1e323f8386d075a7818ed2fb2b8b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
36f38266abc07b4161e538ab8cc99c7d9b4f04a2
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:31:39 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4237124
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230048-FRA
x-github-request-id
E28A:138496:264F183:27EDBB0:6587EA9D
x-timer
S1703406700.909287,VS0,VE5
etag
W/"b1765beb8313b19919e4a22a4e1dbff53fbece839f65a47a9768ad527aa2f05a"
source-age
87
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:36:39 GMT
43a4b7b2ba6e11c48b128aa46cddaf49.png
www.hackthebox.com/storage/avatars/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.com/storage/avatars/43a4b7b2ba6e11c48b128aa46cddaf49.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:147e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b71737ef192f0b17a2f9b4cfa17a7d89792ef28cb74bf0e146b9aafb8204f3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6603
content-length
75189
x-xss-protection
1; mode=block
last-modified
Thu, 30 Sep 2021 13:20:31 GMT
server
cloudflare
etag
"6155b99f-125b5"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
https://app.hackthebox.com
cache-control
public, max-age=28800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
83a77d428fc2bb97-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 24 Dec 2023 16:31:39 GMT
222b3e855f88a482c1267748f76f90e0.jpeg
tryhackme-images.s3.amazonaws.com/room-icons/ 		525 KB
525 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tryhackme-images.s3.amazonaws.com/room-icons/222b3e855f88a482c1267748f76f90e0.jpeg
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.98.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
26e642fd4b4f3017abe240c84ce119e2adf120760c953175ee2c8fd91a001090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:31:40 GMT
Last-Modified
Mon, 16 May 2022 22:46:56 GMT
Server
AmazonS3
x-amz-request-id
4SWNQ1QRQGK7NHAD
ETag
"a06ff63efc8d3501d0e99064176a2c75"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
537097
x-amz-id-2
0qJuL9ghSZOZCVC2mtq1JwuALIclEk+OMGWY+MG0Jy3FL7ALP+T7d/unTuZVV+69oc64NqrERno=
e4ec7d8504fdb58b5e6b7ddc82aafc77.png
www.hackthebox.com/storage/avatars/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hackthebox.com/storage/avatars/e4ec7d8504fdb58b5e6b7ddc82aafc77.png
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:147e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47da2bbc928b8a8c7b453ffa17a215e5f7d143f28ac11b19e8f4099c54e4c3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3336
content-length
71191
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 16:39:44 GMT
server
cloudflare
etag
"611fdad0-11617"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
https://app.hackthebox.com
cache-control
public, max-age=28800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
83a77d428fc3bb97-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 24 Dec 2023 16:31:39 GMT
netlify-identity-widget.js
identity.netlify.com/v1/ 		235 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.netlify.com/v1/netlify-identity-widget.js
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
466954df58db08e3c508d1442f9b986738f2fafa52fa28a58cdfa855fa5f54c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nf-request-id
01HJDF71D3X9FRD38BV6S7DKPY
date
Sun, 24 Dec 2023 08:31:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
80129
cache-status
"Netlify Edge"; hit
etag
"a95b2c6e42d4192d6cb08f8a22485559-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
54905
scripts.min.js
h3x0s3.github.io/assets/js/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h3x0s3.github.io/assets/js/scripts.min.js
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b73b9672332d7aacdbda0da9695dbde56ce6616b6883013a817af0a1c237ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/CVE2023~47261/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id
38c19cd8df1d335121f1754edbc820eb9c1f7896
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:31:39 GMT
age
462
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
14087
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Thu, 21 Dec 2023 18:14:51 GMT
server
GitHub.com
x-github-request-id
21FC:13C5B4:7B2EAFB:7D64445:6587C758
x-timer
S1703406700.903594,VS0,VE1
etag
W/"6584809b-96bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Sun, 24 Dec 2023 06:03:28 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-XXXXXXXX-X
Requested by
Host: h3x0s3.github.io
URL: https://h3x0s3.github.io/CVE2023~47261/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b300c5dc106c27cafee58c8d726a7875d030171fe56479fabb19fe87850e9ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:31:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64914
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 08:31:40 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://h3x0s3.github.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 14:14:51 GMT
x-content-type-options
nosniff
age
238608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:48:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 14:14:51 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://h3x0s3.github.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:04:20 GMT
x-content-type-options
nosniff
age
480439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 19:04:20 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://h3x0s3.github.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:50:22 GMT
x-content-type-options
nosniff
age
430877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12384
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:03:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:50:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-XXXXXXXX-X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h3x0s3.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4155
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Dec 2023 09:22:25 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=227432059&t=pageview&_s=1&dl=https%3A%2F%2Fh3x0s3.github.io%2FCVE2023~47261%2F&ul=en-us&de=UTF-8&dt=CVE-2023-47261%20%7C%20H3X0S3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=153606229&gjid=92243204&cid=339266496.1703406700&tid=UA-XXXXXXXX-X&_gid=606329356.1703406700&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=883300663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://h3x0s3.github.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:31:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://h3x0s3.github.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| disqus_loaded function| load_disqus number| __mobxInstanceCount object| __mobxGlobals function| GoTrue object| netlifyIdentity function| Zepto function| $ object| classie function| ouibounce function| AnimOnScroll object| smoothScroll number| _zid string| host function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.hackthebox.com/ Name: __cf_bm
Value: HC1SpRCtflJoO1bQkch2cRHpBHI0vsUAFm0i3frHKU0-1703406699-1-AaKa9KKo0/NMzSnSZH4jVm+nm+XwVycAgU0coA4II+wBD0ajZh+pIGkNLKYcXYczMJpjK5Dp/mEN5GUtVApk35Q=
.h3x0s3.github.io/ Name: _ga
Value: GA1.3.339266496.1703406700
.h3x0s3.github.io/ Name: _gid
Value: GA1.3.606329356.1703406700
.h3x0s3.github.io/ Name: _gat_gtag_UA_XXXXXXXX_X
Value: 1

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
h3x0s3.github.io
identity.netlify.com
raw.githubusercontent.com
tryhackme-images.s3.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
www.hackthebox.com
2606:4700::6812:147e
2606:50c0:8000::153
2606:50c0:8001::154
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a05:d014:58f:6201::64
52.218.98.66
19b5a2d266fc96903086cb478e5f50067aa4c7bcc2d4fd872b3562fb47b21928
254b63e23297ac423e4cef2e71d468a17c7348471861b2a02db2555779d6f270
26e642fd4b4f3017abe240c84ce119e2adf120760c953175ee2c8fd91a001090
292902c3a57a17c074887b1e8383f09abbdf2bade85272ea96da593d2be5674b
2ac3672d7e2f13134c67242b1d0144728396970563b6bf3702593227e67c78a5
2bd9a4aa5413589574f36378f64dc26f84be5599a712f0daf302179d72dd76d9
2dc1fd6a28f2fcdbb3f6c6acea885d6a78e66b448b1163ff283155501c8021bf
34114ca3cd9262f22ff12711b1e33902744e7c9b0b289f22afdc65d724efe1ec
3b6fa3d5595ee46cb49067940ee1f47f3d5200e6c6f9d102f5a6a95a8905781b
466954df58db08e3c508d1442f9b986738f2fafa52fa28a58cdfa855fa5f54c1
47da2bbc928b8a8c7b453ffa17a215e5f7d143f28ac11b19e8f4099c54e4c3b0
49796015745481ce16afd2cad2a8712ab7e1e323f8386d075a7818ed2fb2b8b5
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8887f122ae5b0841a3c3577364cb5836e49cefdf19ad3d4bcdf820f36acaa260
b11c74f97dcf39607f2510a80cdf104268bf5b645274447cf25c500a0193c400
b300c5dc106c27cafee58c8d726a7875d030171fe56479fabb19fe87850e9ab7
b71737ef192f0b17a2f9b4cfa17a7d89792ef28cb74bf0e146b9aafb8204f3b4
b73b9672332d7aacdbda0da9695dbde56ce6616b6883013a817af0a1c237ec64
c6964a18e2a537d7f6a4fbd04e52cb9d490425113ca96a760796275f19740de2
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d785f3964d3a8dc646669ff6e33597a1ca3d77e9ac6c1de0384bc2c7e68882c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1011c1cbe58fb79d003eb262f06bf4fbd09e1731acadf709999ae86f8300a2e
e418d141f3f6784132b7eda46b9bda5fb3a960effd9aad6e7635ab138ed3047b
e6a9df59ce7c45cbd8afa2d0537b8f7c491515417f83fb13441276c880960e42
f629b5d9e97a21fd85eea5a88e97e8e512bb5ab96aed6bbe84fbe20c580baecd