urlscan.io logo urlscan.io
SecurityTrails logo

play.picoctf.org Open in urlscan Pro
2606:4700:10::6816:164e  Public Scan

Go To Rescan Add Verdict Report
URL: https://play.picoctf.org/login
Submission: On October 31 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 30 HTTP transactions. The main IP is 2606:4700:10::6816:164e, located in United States and belongs to CLOUDFLARENET, US. The main domain is play.picoctf.org. The Cisco Umbrella rank of the primary domain is 729777.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2023. Valid for: a year.
This is the only time play.picoctf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2606:4700:10::6816:164e (United States)

ASN13335 (CLOUDFLARENET, US)
play.picoctf.org
2    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    (None, )

ASN- ()
play.picoctf.org
1    2a00:1450:4001:80b::200a (None, )

ASN- ()
fonts.googleapis.com
2    2a00:1450:4001:831::200e (None, )

ASN- ()
www.google-analytics.com
1    2a00:1450:4001:810::2003 (None, )

ASN- ()
fonts.gstatic.com
1    2a00:1450:4001:800::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2001:4860:4802:34::36 (None, )

ASN- ()
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
20 picoctf.org
play.picoctf.org — Cisco Umbrella Rank: 729777
661 KB
3 google-analytics.com
www.google-analytics.com
region1.google-analytics.com
21 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6439
11 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
14 KB
1 googletagmanager.com
www.googletagmanager.com
81 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com
1 KB
30 7
Domain Requested by
20 play.picoctf.org 1 redirects play.picoctf.org
static.cloudflareinsights.com
2 www.google-analytics.com play.picoctf.org
www.google-analytics.com
2 challenges.cloudflare.com play.picoctf.org
challenges.cloudflare.com
2 static.cloudflareinsights.com play.picoctf.org
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com play.picoctf.org
30 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-07 -
2024-03-06		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://play.picoctf.org/login
Frame ID: ACA0CC4BC4F5CB2A207C8232774832CE
Requests: 30 HTTP requests in this frame

Frame: blob://https://play.picoctf.org/72a55a85-8a82-4da2-8530-0f8fb65f4c79
Frame ID: 887927FF27908E52CAABFE820A690754
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqd03/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 15C6D23633A667CE983B9EB49E06EC34
Requests: 1 HTTP requests in this frame

Frame: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 5FAC4FAB3789894843A05B514F15348D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

picoCTF

Page URL History Show full URLs

  1. https://play.picoctf.org/login Page URL
  2. https://play.picoctf.org/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

89 %
IPv6

7
Domains

8
Subdomains

10
IPs

1
Countries

837 kB
Transfer

2972 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://play.picoctf.org/login Page URL
  2. https://play.picoctf.org/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://play.picoctf.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
play.picoctf.org/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fa6941f6faeabaddabe7f524f7c4e98f9aac5899f5e24758eb1564d7cd2399
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
81ed06a4ed912a29-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 31 Oct 2023 15:45:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
play.picoctf.org/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/styles/challenges.css
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Oct 2023 17:54:11 GMT
server
cloudflare
etag
W/"653804c3-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
81ed06a54e132a29-CDG
expires
Tue, 31 Oct 2023 17:45:35 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://play.picoctf.org
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
81ed06a5aea8029c-CDG
v1
play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98abeec1f1551f8ef03f6fd2cc34ba33bbe08da046a643c3da87b5f96ff4b2ba

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login?__cf_chl_rt_tk=XxMZt7DRLtRbN87Ll28OXwwyfbzAocZ6jN7PQSs1hoA-1698767135-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
server
cloudflare
cf-ray
81ed06a58b63d536-CDG
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/c359bc3d/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/c359bc3d/api.js?onload=MzUo4&render=explicit
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0c362431a3e24bc0b73971c115a3a077dd40761069cb160ad402c40c529caa

Request headers

Referer
Origin
https://play.picoctf.org
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
81ed06a67967f138-CDG
alt-svc
h3=":443"; ma=86400
favicon.ico
play.picoctf.org/ 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.picoctf.org/favicon.ico
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bc6e436109b9bbdad7854f82d2fc028e611dcf9dd4833ca36a2553f8487b24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 17:14:21 GMT
server
cloudflare
age
26409
etag
W/"651d9d6d-3aee"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=31536000, immutable
cf-ray
81ed06a62c32d536-CDG
alt-svc
h3=":443"; ma=86400
expires
Wed, 30 Oct 2024 08:25:26 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
376c10a5-7c19-43c4-b395-986088a786e0
https://play.picoctf.org/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://play.picoctf.org/376c10a5-7c19-43c4-b395-986088a786e0
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
05c3881c3b1c588
play.picoctf.org/cdn-cgi/challenge-platform/h/g/flow/ov1/423580651:1698766144:X9knluPr7eg5Vd8pUbGeLTgCMqwen8759DYv3gAwA8g/81ed06a4ed912a29/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/flow/ov1/423580651:1698766144:X9knluPr7eg5Vd8pUbGeLTgCMqwen8759DYv3gAwA8g/81ed06a4ed912a29/05c3881c3b1c588
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963c17390398dbac07a486e5d7ecd18bc27f47a36fedbec2ff192e7e9964b479

Request headers

Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
CF-Challenge
05c3881c3b1c588
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
PBT7f/v2yqyiXCUW3qWvGskmZbMsm/c6jpjIwThPs04qlHhCtdhRPmjXOZwVqZIS$KuBVmdYJaL7fhAgTYIGvHQ==
date
Tue, 31 Oct 2023 15:45:35 GMT
content-encoding
br
server
cloudflare
cf-ray
81ed06a6dd23d536-CDG
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
rum
play.picoctf.org/cdn-cgi/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
application/json

Response headers

date
Tue, 31 Oct 2023 15:45:35 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://play.picoctf.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81ed06a6dd38d536-CDG
72a55a85-8a82-4da2-8530-0f8fb65f4c79
https://play.picoctf.org/ Frame 8879 		1 B
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://play.picoctf.org/72a55a85-8a82-4da2-8530-0f8fb65f4c79
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://play.picoctf.org/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Length
1
Content-Type
text/javascript
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqd03/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 15C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqd03/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/c359bc3d/api.js?onload=MzUo4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
81ed06a77ce23ce9-CDG
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 15:45:35 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
05c3881c3b1c588
play.picoctf.org/cdn-cgi/challenge-platform/h/g/flow/ov1/423580651:1698766144:X9knluPr7eg5Vd8pUbGeLTgCMqwen8759DYv3gAwA8g/81ed06a4ed912a29/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/flow/ov1/423580651:1698766144:X9knluPr7eg5Vd8pUbGeLTgCMqwen8759DYv3gAwA8g/81ed06a4ed912a29/05c3881c3b1c588
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e153d47f5fc9cc46c9358eb0a76f352e308dd8269650a7b1946a0450913fb2c6

Request headers

Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
CF-Challenge
05c3881c3b1c588
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
o0kZLiikuLWpJESEsXbKYvOJZdEjhbY+9yW3ZP+6/omQp5smMIBn7SSn1x0CAmZAxLAjSVdKHl1Z/KOSNbh4tVlcZaeJ6YkOMuWzIfGKMH0=$jwdc6yxOy77BuKvKQarzrA==
cf-chl-out-s
0gc6II567pZGMaqJvzeHYGwNP9aO2ifnLCHnyrpn/Vxbos9ZnHe6sXcBmwsWJV+L02D4Q1nj7jpK7/ngd5o1B0hsEzssLTMKs6NoXrS0YgO2Vb35IZXGKOXuoZqwU8hBcQnL2lP2ugCFNO9elefdzA==$MLMuY1qECRmTDPIasDSSxQ==
date
Tue, 31 Oct 2023 15:45:36 GMT
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
81ed06aa0977d536-CDG
alt-svc
h3=":443"; ma=86400
Primary Request login
play.picoctf.org/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/login
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=81ed06a4ed912a29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfc16162e00fdc3a9fc70cd1ebdb043f112c2251831c94ed2da175a57ec7bd1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://play.picoctf.org/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81ed06b8ed51d536-CDG
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 15:45:39 GMT
last-modified
Wed, 04 Oct 2023 17:15:53 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 14:57:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 15:45:39 GMT
main.d30fd6af.js
play.picoctf.org/static/js/ 		2 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/static/js/main.d30fd6af.js
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a6feb6106803a9ba722b04735600a39b1096e1aa2d40f89e189774cfb6ed97

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 17:15:53 GMT
server
cloudflare
age
718001
etag
W/"651d9dc9-1a8110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
81ed06bc9b27d536-CDG
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Oct 2024 08:18:57 GMT
main.d53e0ead.css
play.picoctf.org/static/css/ 		632 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/static/css/main.d53e0ead.css
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5f97290dae4d6d476b6275707f9859a7a93c973683b86dbf24d4059d291774

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 17:15:53 GMT
server
cloudflare
age
1846722
etag
W/"651d9dc9-9e09e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000, immutable
cf-ray
81ed06bc9b2ed536-CDG
alt-svc
h3=":443"; ma=86400
expires
Wed, 09 Oct 2024 06:46:57 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://play.picoctf.org/
Origin
https://play.picoctf.org
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
81ed06bcdd3c029c-CDG
/
play.picoctf.org/api/settings/ 		361 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/api/settings/
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/static/js/main.d30fd6af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf54d6491c125ac5894d36afe2b8a90a83dc282db470d2e5c2420970f59b486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
X-CSRFToken
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept-Encoding, Cookie
content-type
application/json
allow
GET, OPTIONS
cf-ray
81ed06bf5f77d536-CDG
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/static/js/main.d30fd6af.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 13:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6957
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 15:49:42 GMT
/
play.picoctf.org/api/user/ 		58 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/api/user/
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/static/js/main.d30fd6af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
X-CSRFToken
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:40 GMT
www-authenticate
Session
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
server
cloudflare
vary
Cookie
allow
GET, POST, PATCH, DELETE, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
cf-ray
81ed06bf9fced536-CDG
alt-svc
h3=":443"; ma=86400
content-length
58
/
play.picoctf.org/api/notices/ 		52 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/api/notices/
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/static/js/main.d30fd6af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
X-CSRFToken
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept-Encoding, Cookie
content-type
application/json
allow
GET, HEAD, OPTIONS
cf-ray
81ed06bf9fd4d536-CDG
alt-svc
h3=":443"; ma=86400
picoctf-logo-horizontal-white.17fdf0dcdef08dc3396a195b95e3bc29.svg
play.picoctf.org/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.picoctf.org/static/media/picoctf-logo-horizontal-white.17fdf0dcdef08dc3396a195b95e3bc29.svg
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe395703fa73a9625110186eb2e4e14234c2fb97cd508642f4b199cb643e1848

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Mar 2023 19:16:05 GMT
server
cloudflare
age
20593679
etag
W/"64024775-da0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
81ed06bf9fe1d536-CDG
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Mar 2024 07:17:40 GMT
picoctf-logo.b48dd31601be6b1cd24a45e02067704f.svg
play.picoctf.org/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.picoctf.org/static/media/picoctf-logo.b48dd31601be6b1cd24a45e02067704f.svg
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141b05b5d0177517bc8714b4dc426a4cf3c6423b45af0020927d0fdac003a921

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Mar 2023 19:16:05 GMT
server
cloudflare
age
20593679
etag
W/"64024775-b44"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
cf-ray
81ed06bf9fe2d536-CDG
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Mar 2024 07:17:40 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3c3d63a12837ef66fcc8b72de8e2619f17861cd4f3092ef92390d947273d200

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cb88c0f9ca00e211b672f6b4652bcc924bf0e4bc9cf7190ab48f5681de7ca52

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9472f2905671d4aec6a0dcca1db8cce909a8c67067a503fc98595bc1a90fd99a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
main.js
play.picoctf.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 5FAC
Redirect Chain
  • https://play.picoctf.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/login
Protocol
H3
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6033ab925062f6a10275a9c5f95dad821e969d73e00631649fe7264eaa1388ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81ed06c0791ed536-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 31 Oct 2023 15:45:39 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control
max-age=300, public
cf-ray
81ed06bfc811d536-CDG
alt-svc
h3=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.picoctf.org
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
422866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:17:53 GMT
81ed06b8ed51d536
play.picoctf.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5FAC 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/challenge-platform/h/g/jsd/r/81ed06b8ed51d536
Requested by
Host: play.picoctf.org
URL: https://play.picoctf.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 15:45:40 GMT
content-encoding
br
server
cloudflare
cf-ray
81ed06c30c92d536-CDG
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		15 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1528093061&t=pageview&_s=1&dl=https%3A%2F%2Fplay.picoctf.org%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=picoCTF%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1596689402&gjid=1159038338&cid=1860383296.1698767140&tid=UA-93258343-6&_gid=1999613612.1698767140&_r=1&_slc=1&z=1859707243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e1448583ee66bc983f47e388e57419487139cc75e79d81344cca015b3ab8c2b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.picoctf.org/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 15:45:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://play.picoctf.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
play.picoctf.org/cdn-cgi/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.picoctf.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:164e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://play.picoctf.org/login
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
application/json

Response headers

date
Tue, 31 Oct 2023 15:45:40 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://play.picoctf.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
81ed06c35d05d536-CDG
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L6FT52K063&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d0a574a5f9cbb4dbf64a7954291c4fef3b4908dc7e0a2f0514c057a05104b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:45:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82391
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 15:45:40 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L6FT52K063&gtm=45je3ap0v9125197491&_p=1528093061&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1860383296.1698767140&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fplay.picoctf.org%2Flogin&dp=%2Flogin&dt=picoCTF%20-%20Login&sid=1698767140&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6FT52K063&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://play.picoctf.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 15:45:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://play.picoctf.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
.picoctf.org/ Name: __cf_bm
Value: Qd7wgUu14ACya.uSVHyrsoiEcpMfRmTUg5PpB1WBPPQ-1698767135-0-ARToBvH7kx4KkZZcA2/GUb5vBSIk0UHbvt6tikzeeXfXLZK4MShmS8y1IA5AQfzjivhJaJCbpQyqt62YXK7Z/ew=
play.picoctf.org/ Name: cf_chl_rc_m
Value: 1

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://play.picoctf.org/login
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: blob:https://play.picoctf.org/72a55a85-8a82-4da2-8530-0f8fb65f4c79
Message:
The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://play.picoctf.org' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
network error URL: https://play.picoctf.org/api/user/
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
play.picoctf.org
region1.google-analytics.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com

2001:4860:4802:34::36
2606:4700:10::6816:164e
2606:4700::6810:3865
2606:4700::6811:3b8
2a00:1450:4001:800::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:831::200e
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
0cf54d6491c125ac5894d36afe2b8a90a83dc282db470d2e5c2420970f59b486
141b05b5d0177517bc8714b4dc426a4cf3c6423b45af0020927d0fdac003a921
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
4cb88c0f9ca00e211b672f6b4652bcc924bf0e4bc9cf7190ab48f5681de7ca52
4d0a574a5f9cbb4dbf64a7954291c4fef3b4908dc7e0a2f0514c057a05104b42
6033ab925062f6a10275a9c5f95dad821e969d73e00631649fe7264eaa1388ab
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
71bc6e436109b9bbdad7854f82d2fc028e611dcf9dd4833ca36a2553f8487b24
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
9472f2905671d4aec6a0dcca1db8cce909a8c67067a503fc98595bc1a90fd99a
963c17390398dbac07a486e5d7ecd18bc27f47a36fedbec2ff192e7e9964b479
98abeec1f1551f8ef03f6fd2cc34ba33bbe08da046a643c3da87b5f96ff4b2ba
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9dfc16162e00fdc3a9fc70cd1ebdb043f112c2251831c94ed2da175a57ec7bd1
a6fa6941f6faeabaddabe7f524f7c4e98f9aac5899f5e24758eb1564d7cd2399
ae5f97290dae4d6d476b6275707f9859a7a93c973683b86dbf24d4059d291774
bc0c362431a3e24bc0b73971c115a3a077dd40761069cb160ad402c40c529caa
c3c3d63a12837ef66fcc8b72de8e2619f17861cd4f3092ef92390d947273d200
d5a6feb6106803a9ba722b04735600a39b1096e1aa2d40f89e189774cfb6ed97
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1448583ee66bc983f47e388e57419487139cc75e79d81344cca015b3ab8c2b9
e153d47f5fc9cc46c9358eb0a76f352e308dd8269650a7b1946a0450913fb2c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9686aeea0055ab0c2b1f0eba66dec9b6dd487b4ec34b0fc9106edc7cd3a52cb
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
fe395703fa73a9625110186eb2e4e14234c2fb97cd508642f4b199cb643e1848