tbhaxor.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tbhaxor.com/linux-privilege-escalation/
Submission: On December 03 via manual (December 3rd 2024, 5:58:40 pm UTC) from US — Scanned from NL

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 56 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is tbhaxor.com.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time tbhaxor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
18 38	104.17.247.203 104.17.247.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
56	8

14 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tbhaxor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.17.247.203 (None, ) 18 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	unpkg.com 18 redirects unpkg.com — Cisco Umbrella Rank: 740	34 KB
14	tbhaxor.com 2 redirects tbhaxor.com	1 MB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	404 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	178 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
56	7

	Domain	Requested by
38	unpkg.com	18 redirects tbhaxor.com
14	tbhaxor.com	2 redirects tbhaxor.com
7	cdn.jsdelivr.net	tbhaxor.com
2	www.googletagmanager.com	tbhaxor.com www.googletagmanager.com
2	cdnjs.cloudflare.com	tbhaxor.com
1	region1.google-analytics.com	www.googletagmanager.com
1	code.jquery.com	tbhaxor.com
56	7

This site contains links to these domains. Also see Links.

Domain
twitter.com
ghost.org

Subject Issuer	Validity	Valid
tbhaxor.com WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
unpkg.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://tbhaxor.com/linux-privilege-escalation/
Frame ID: 2302151F847D4A98E332A7DBB238FCB7
Requests: 52 HTTP requests in this frame

Frame: https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: BFA447BEEB1602144377993087A57AE2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Linux Privilege Escalation

Detected technologies

KaTeX (JavaScript graphics) Expand

Overall confidence: 100%
Detected patterns

katex(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

56
Requests

45 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1840 kB
Transfer

5605 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/jeswinMathai
Title: Jeswin Mathai

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Powered by Ghost

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://unpkg.com/prismjs/components/prism-php.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-php.min.js

Request Chain 23

https://unpkg.com/prismjs/components/prism-markup-templating.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-markup-templating.js

Request Chain 24

https://unpkg.com/prismjs/components/prism-bash.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-bash.min.js

Request Chain 25

https://unpkg.com/prismjs/components/prism-python.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-python.min.js

Request Chain 26

https://unpkg.com/prismjs/components/prism-cpp.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-cpp.min.js

Request Chain 27

https://unpkg.com/prismjs/components/prism-c.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-c.min.js

Request Chain 28

https://unpkg.com/prismjs/components/prism-clike.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-clike.min.js

Request Chain 32

https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

Request Chain 39

https://unpkg.com/prismjs/plugins/line-highlight/prism-line-highlight.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/plugins/line-highlight/prism-line-highlight.min.js

Request Chain 41

https://unpkg.com/prismjs/components/prism-sql.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-sql.min.js

Request Chain 42

https://unpkg.com/prismjs/components/prism-perl.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-perl.min.js

Request Chain 43

https://unpkg.com/prismjs/components/prism-diff.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-diff.min.js

Request Chain 44

https://unpkg.com/prismjs/components/prism-nginx.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-nginx.min.js

Request Chain 45

https://unpkg.com/prismjs/components/prism-json.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-json.min.js

Request Chain 46

https://unpkg.com/prismjs/components/prism-csharp.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-csharp.min.js

Request Chain 47

https://unpkg.com/prismjs/components/prism-yaml.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-yaml.min.js

Request Chain 48

https://unpkg.com/prismjs/components/prism-docker.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-docker.min.js

Request Chain 49

https://unpkg.com/prismjs/components/prism-powershell.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/components/prism-powershell.min.js

Request Chain 50

https://unpkg.com/prismjs/plugins/diff-highlight/prism-diff-highlight.min.js HTTP 302
https://unpkg.com/prismjs@1.29.0/plugins/diff-highlight/prism-diff-highlight.min.js

Request Chain 53

https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
tbhaxor.com/linux-privilege-escalation/ 26 KB
8 KB 665ms
562ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b0ec08839236dde93ddda4170d9c123d0c76aee0ea2c76e03f6df5bf1402da66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ec572112e866619-AMS
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 17:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27ujuoVDW84RkC5VNEZup91MIFJ%2Br89xH1ozXRTrLGq2ABF5sUaIVXp68vdeOERPaWYG%2FfuIE5xcj1NSttAE6dHOqIyMC5qlfrIOLw6WBOCdKPZTed9uLDNGVxitVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24832&min_rtt=14300&rtt_var=9351&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4220&recv_bytes=4464&delivery_rate=866&cwnd=12000&unsent_bytes=0&cid=1849365354bd9555&ts=576&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express

GET
H3 200 screen.css
tbhaxor.com/assets/built/ 47 KB
10 KB 48ms
47ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/assets/built/screen.css?v=ffa7c93e5d

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c23478c8d56370a2f60d9432d8ba30ff0d1328077d85cdd869c39d6bad67bfa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ba2d-7438674ba0"
age: 3193519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dR2a4xAb8Fvm4%2Flvm5Ul0wyXc7w3MTR79XgNdV9AwbKREQNTsw%2Bt0g0uIUI%2FkXqUZiB4LMketfpKM5cmBUR2ExgDgoPCqHjfeLEr8j6pLwFenyiVnoCI3vtL6q9SyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23154&min_rtt=14300&rtt_var=4603&sent=34&recv=18&lost=0&retrans=0&sent_bytes=24670&recv_bytes=6327&delivery_rate=15939&cwnd=12000&unsent_bytes=0&cid=1849365354bd9555&ts=619&x=1", cfExtPri, cfHdrFlush;dur=14
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
cf-ray: 8ec572147ab66619-AMS
x-powered-by: Express
server: cloudflare

GET
H3 200 casper.js Show response
tbhaxor.com/assets/built/ 51 KB
19 KB 35ms
34ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/assets/built/casper.js?v=ffa7c93e5d

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8f0ca894df691e254301aa9039b3547cc4d878840931170056380a0582f92086

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"cddd-7438674ba0"
age: 471525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ufr1ZuUus5zXeR3TUDXgSfBPyoGTuAEplfeQeRFDgzbh%2Ff38fs4NHd6WzJi6hthjSbzmEYJm2H9XxlE6ixOHELDLBSHuVhJjy0tMYtz%2Bh6JDVrDoe7bQDfKjcTBAJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23154&min_rtt=14300&rtt_var=4603&sent=27&recv=18&lost=0&retrans=0&sent_bytes=17132&recv_bytes=6327&delivery_rate=15939&cwnd=12000&unsent_bytes=0&cid=1849365354bd9555&ts=616&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
cf-ray: 8ec572147ab76619-AMS
x-powered-by: Express
server: cloudflare

GET
H3 200 cards.min.css
tbhaxor.com/public/ 39 KB
7 KB 49ms
47ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/public/cards.min.css?v=ffa7c93e5d

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b5bc58ad174c5b7b8fba7a1d3661f83849362a8e62d11dd85409e491627a7b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "440db603eb8a79bad48f8602489f392c"
age: 1156939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2hqFQ6EP7oczzU6XliVVDwVwdqlE6R3a4E6cshz%2FQkrRJbsJkWHYA2swSJ4VUE00%2F77IPZ7%2BP6rcB5nQyemjm2A5A%2FxJ4s7fvy%2FLZrGzYnLvt%2B8NOP6PIlygd4IKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23154&min_rtt=14300&rtt_var=4603&sent=34&recv=18&lost=0&retrans=0&sent_bytes=24670&recv_bytes=6327&delivery_rate=15939&cwnd=12000&unsent_bytes=0&cid=1849365354bd9555&ts=619&x=1", cfExtPri, cfHdrFlush;dur=15
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: text/css
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec572147ab96619-AMS
x-powered-by: Express
server: cloudflare

GET
H2 200 prism-vsc-dark-plus.css
cdn.jsdelivr.net/gh/PrismJS/prism-themes/themes/ 4 KB
2 KB 1010ms
363ms Stylesheet
text/css 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/PrismJS/prism-themes/themes/prism-vsc-dark-plus.css

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c68105c1a605d49907feca9f09e11fcbc2938725539f5e99724c0f4156cc7150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1052-hgAhLbGVGq3rfiA2tcRjDWH7m50"
age: 0
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:35 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220054-FRA, cache-mad22053-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1204
x-jsd-version: 1.9.0

GET
H2 200 prism-diff-highlight.min.css
unpkg.com/prismjs@1.27.0/plugins/diff-highlight/ 336 B
326 B 632ms
39ms Stylesheet
text/css 104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.27.0/plugins/diff-highlight/prism-diff-highlight.min.css

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9bf8290358d99a8712516b0a1c1d18c0639ad1f0a5033c390880c20a9c9ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "150-P/dbbnBJAoQfUgfwsbwuAVcqa1M"
age: 1590948
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:35 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JCQDH35K459KTYXAJNT9DFWP-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572182f816563-AMS
access-control-allow-origin: *
server: cloudflare

GET
H2 200 prism-line-highlight.min.css
unpkg.com/prismjs@1.27.0/plugins/line-highlight/ 1 KB
927 B 627ms
34ms Stylesheet
text/css 104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.27.0/plugins/line-highlight/prism-line-highlight.min.css

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c88655f7eb58bc7e89b98ceeb3d5c9b456f2b89a238a448bacf7a87b550cdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "46d-txwuVZAOgZCKVoo4B7pT9yWNlbk"
age: 1143948
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:35 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JD4QTF8KPJD0W29MZ2HPKNAS-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572182f856563-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 565 B
892 B 52ms
27ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.css

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fff-235"
age: 391073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKXLzIMg7c0I52RQy9MMA7f8VKVx8UYv5vUKalNesMUu6DCNX1W%2FDAabOrhPU%2BA576gYcUywaTYbdaWOPwyu3JZFk5H4zwzs5eMp%2FH%2BGGFwVfUg%2Fe9jloXA5D%2B%2B%2FlRQZC0giMjIi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 17:58:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ec572149fb1661b-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 228
server: cloudflare

GET
H2 200 katex.min.css
cdn.jsdelivr.net/npm/katex@0.16.9/dist/ 23 KB
4 KB 688ms
42ms Stylesheet
text/css 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/katex@0.16.9/dist/katex.min.css

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

505d5f829022bb7b4f24dfee0aa1141cd7bba67afe411d1240335f820960b5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"5a9c-lO28SQaT2n884EhUbtO3kNiBAkc"
age: 2306471
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:35 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220130-FRA, cache-mad22049-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3464
x-jsd-version: 0.16.9

GET
H3 200 unnamed.png
tbhaxor.com/content/images/size/w2000/2024/10/ 1 MB
1 MB 49ms
49ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tbhaxor.com/content/images/size/w2000/2024/10/unnamed.png

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

385eda93d98980344d958403ec9b7a4ec961afcf626eec3af640a0eb49c1330f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

cf-cache-status: HIT
etag: W/"11a13c-192d89a9609"
age: 262128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMVyBMOWCGouqTCQpgjZajfGrL%2Bc4CQGxArqUbCav5e%2FdiWiKX8B3J49dbs2tUXRZ6w8z%2FYKUaV77CSShnoCf%2FWUOoCgfEaXhVLuQ06DNHQDDKoxqkiuX2RGdujp3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23154&min_rtt=14300&rtt_var=4603&sent=34&recv=18&lost=0&retrans=0&sent_bytes=24670&recv_bytes=6327&delivery_rate=15939&cwnd=12000&unsent_bytes=0&cid=1849365354bd9555&ts=618&x=1", cfExtPri, cfHdrFlush;dur=19
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 14:07:42 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec572147abc6619-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1155388
x-powered-by: Express
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
23ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"6740aa56-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCY710yByNfVC4mZ60odPzyeFvGl0BuG3PVG2QXDsuk4s1N9lo5v2MWF5vcNRckXIWxuwmdW3EEm%2FhXWB3trbZnYOJCsq0eG9YwAEWdPGNP0y%2FqhNV9QP41pW0T43Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec572148acd6619-AMS
expires: Thu, 05 Dec 2024 17:58:34 GMT
date: Tue, 03 Dec 2024 17:58:34 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 15:59:18 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 tocbot.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.3/ 11 KB
4 KB 39ms
39ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.12.3/tocbot.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23028739cb79ca98b9f6f2edf55051f7315eefbc864f46768ae50fb2e374486a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "60be2f3a-c90"
age: 518994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNruBQdQ5gqkFx1Pyl9wFy%2F2ytHZHfykCn3Si8HKM%2BWFqZob0%2FC3nIe%2FPO0HhjW%2FSfdZOTpv8sA6hAc39k59c7%2BL49zEIWdlzuQJX1crIrVta1oN5OQBLel%2B%2Bgdk2MKfwRMAv716"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 17:58:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Jun 2021 14:37:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8ec5721aef96661b-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3216
server: cloudflare

GET prism-line-highlight.min.js
unpkg.com/prismjs/plugins/line-highlight/ 0
0

GET prism-diff-highlight.min.js
unpkg.com/prismjs/plugins/diff-highlight/ 0
0

GET prism-json.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-powershell.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-docker.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-yaml.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-csharp.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-nginx.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-diff.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-perl.min.js
unpkg.com/prismjs/components/ 0
0

GET prism-sql.min.js
unpkg.com/prismjs/components/ 0
0

GET
H2

200

prism-php.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-php.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-php.min.js

6 KB
2 KB

30ms
30ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-php.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec5c5a78996db36f16d000b81e3f1cd27ac4edb3e1fc0ff6fe5aba9f9c7b377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "18b7-d/NKH5ndcFKEwC1R2NmrjrrzDnw"
age: 616914
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDMEEAGSXF5M3WJD16JFHET7-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721cedb36563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-php.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b3c6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS37NR71Z54545YSDWA5R-ams
server: cloudflare

GET
H2

200

prism-markup-templating.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-markup-templating.js
https://unpkg.com/prismjs@1.29.0/components/prism-markup-templating.js

3 KB
2 KB

41ms
40ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-markup-templating.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3bf3a8498fb379fcc3128195e10c85e7ddc382ce2e420239fa5012f05260235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "dd0-kajgfkJbKtPmBTYLw2cgxG7hJGI"
age: 471519
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDRS3AEYG5EAK3H24TTBRWNG-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721c3cd86563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-markup-templating.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b3d6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS37Q7RHJ7FF662DY0CM1-ams
server: cloudflare

GET
H2

200

prism-bash.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-bash.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-bash.min.js

6 KB
4 KB

34ms
34ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-bash.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6260814110e5182f2956e3bd257429548d9dbf2a9b66a63719b26cf9fac966a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "17ff-jYvBDSXyVcZe1D4zVQyY/Zg3438"
age: 22256451
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSFHC3XN8JXYX4XXVHZ8SYBG-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721b3b7f6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-bash.min.js
content-encoding: br
cf-cache-status: HIT
age: 221
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b3e6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TJC17JQ33DGJB6A4FY0Q3-ams
server: cloudflare

GET
H2

200

prism-python.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-python.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-python.min.js

2 KB
2 KB

31ms
31ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-python.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4385685bcf2d4935c8dbbab4bde16603da1329e092d2bf36c3dadd67e9a85c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "841-gVo1cmAclS5xmWWcGBrJEQ+MRpg"
age: 22895456
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFZ6T76H72ZZDCYQW6GXXN-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721b3b816563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-python.min.js
content-encoding: br
cf-cache-status: HIT
age: 221
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b3f6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TJC17GR0GP31NFZSKH7V6-ams
server: cloudflare

GET
H2

200

prism-cpp.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-cpp.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-cpp.min.js

3 KB
2 KB

29ms
29ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-cpp.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12077d9ea67882c149066e94843a6ede9036994b3724bfc45b31d97619328e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "a24-oaqko+5jw/WCcBDNHCi8XrnylNY"
age: 22902805
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW8YT8XKH2EHAQD616VMN3Y-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721cfdc26563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-cpp.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b416563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS37N8T4AE5M0VY4HTQNG-ams
server: cloudflare

GET
H2

200

prism-c.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-c.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-c.min.js

2 KB
1 KB

32ms
32ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-c.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e05cf21207bff46afbf80cb8f43bb58bc4a4a87b68f28bc0470342f69345209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "765-5+0+dY9YrbjPn/B9DEpQFmKHl78"
age: 554225
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDPA7G8FCYC9YHD7WQZ8GZ3R-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721c3cdd6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-c.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b426563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS37R5WA14VRDFKWEANRC-ams
server: cloudflare

GET
H2

200

prism-clike.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-clike.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-clike.min.js

708 B
643 B

32ms
32ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-clike.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76ba4e240932bdc75546be30e550f5ba5e13815ff71511c76e9e27ac3072444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2c4-eLePD/UyZJ+P+9dXHqx250saqaM"
age: 22017691
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSPN2G1ENHAWC3RHF8N7QRKY-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721c3cdc6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-clike.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721b0b436563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS37QFVFE8E3C5TJT6KW2-ams
server: cloudflare

GET
H2 200 prism.min.js Show response
cdn.jsdelivr.net/npm/prismjs@1.24.1/ 18 KB
7 KB 57ms
54ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prismjs@1.24.1/prism.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60448eb4ec5dee1eafcc52d24c54f4df643e2dc7aef48dcd7c7df15fbcf28d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4791-9nNdDQOHUWiWX3bqmhOUFI+SgaI"
age: 1785622
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230143-FRA, cache-mad22053-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6741
x-jsd-version: 1.24.1

GET
H3 200 cards.min.js Show response
tbhaxor.com/public/ 7 KB
2 KB 26ms
25ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/public/cards.min.js?v=ffa7c93e5d

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "431228c753b74a6958600d170f921e6d"
age: 3192033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZo12Ob0%2BVTKUG0EgJpwEI0J52q8snMu6swM%2FiI3cBhP5ffDGymoVJuRVpE%2B36sR9uZuTHmNWkM9Xg%2FjV%2FYYsRiLWDSwRyCi3Yc6JAmx3YCiZB39%2F8wOM%2FPFvKRZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20833&min_rtt=14047&rtt_var=4221&sent=1067&recv=105&lost=0&retrans=0&sent_bytes=1238804&recv_bytes=11047&delivery_rate=10172931&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1647&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:35 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec5721aebb96619-AMS
x-powered-by: Express
server: cloudflare

GET
H2 200 sodo-search.min.js Show response
cdn.jsdelivr.net/ghost/sodo-search@~1.3/umd/ 2 MB
313 KB 43ms
41ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.3/umd/sodo-search.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f12d41908f84a1f47af0eef703c868b1528813ff0ab2eb4dbbe9651af3139c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"19a9a0-YeT3AkumrAbGBLZhI2AijptRrE0"
age: 15235
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230079-FRA, cache-mad22049-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 319717
x-jsd-version: 1.3.0

GET
H3

200

main.js Show response
tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame BFA4
Redirect Chain

https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
5 KB

27ms
27ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db7848e1b57eea95d722fb1b7bb2ad479f51f347910d4447c0f262e35e807a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnIO0YNzqL1on0r%2Bq3Gz0oSURhwSyWkKrp7AiNvrxRzjGTTznRsnn0woBnREbz8k6w6TSrUBK0QyjcJSV1tRqKevYxwa19MIcJSmAzqM3iYtOV5j3B%2Fw9dCOLD1xcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5721b1be16619-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19751&min_rtt=14047&rtt_var=4192&sent=1070&recv=107&lost=0&retrans=0&sent_bytes=1241150&recv_bytes=11379&delivery_rate=147147&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1673&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ynkm1aAJqrGg%2FiJ6gb0G6cuOgRhOL5RwPAiLzt%2BWwIl%2BxgkwHZhEyu%2BEExvrE9Pau1OPAxPmomAdjSaxothCbkpgJlNDnODrn5u6yTYEcKd86spKbgzuBwcry77iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5721aebbc6619-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=20833&min_rtt=14047&rtt_var=4221&sent=1066&recv=105&lost=0&retrans=0&sent_bytes=1238046&recv_bytes=11047&delivery_rate=10172931&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1644&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:35 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
74 KB 390ms
35ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57CDLG8

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/linux-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

90cf381fd870198bf6a1ad73c8606b3787ac44f40daf062dbf970baec4751cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 17:58:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 17:11:49 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74863
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
31 KB 432ms
41ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d84"
age: 2623391
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 21664, 340979
x-served-by: cache-lga21981-LGA, cache-mad2200136-MAD
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1733248716.393065,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30879
server: nginx

GET
H3 200 favicon.ico
tbhaxor.com/ 15 KB
4 KB 202ms
202ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

467b9feccbe0d278bd918d989b50c1b956a730dc2dbc7cf4b650840f031a326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "a9c6dbdcdc3ae568f4e0dad92149a0e3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVIvewwmIU0OhmnKRwLiMZHOzipMnF5%2FXVGl9LN4v8UevyXAh2dT3vmE%2BhUQVM%2FVwKrhsFxj%2FCQfCim8vAlasgXuRY3W2ETePptlFtTqGUPp%2BV7YboZEembOCQpB8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19415&min_rtt=14047&rtt_var=3815&sent=1083&recv=123&lost=0&retrans=0&sent_bytes=1246358&recv_bytes=28605&delivery_rate=293101&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1824&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: image/x-icon
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec5721aebbd6619-AMS
x-powered-by: Express
server: cloudflare

POST
H3 200 8ec572112e866619 Show response
tbhaxor.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BFA4 0
1 KB 115ms
109ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec572112e866619

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODX6h3ikiioYBVE5bwzXTpwrWk5AMHOO7lDFOU2CrcGVaYMosmGcoyXrkQzR%2Ba0wRKdjWElvq3%2FJoyguTNddilCwv5iypa6g7GJwBrR1kYitWCxUw3eyBxPLL97Tqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5721b7c696619-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19415&min_rtt=14047&rtt_var=3815&sent=1087&recv=123&lost=0&retrans=0&sent_bytes=1250973&recv_bytes=28605&delivery_rate=293101&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1827&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
105 KB 56ms
56ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8149R648V2&l=dataLayer&cx=c&gtm=45He4bk0v849703852za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57CDLG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e9d972fd198251a266f95205b1a68435d1164510c11f07aa103bdbec151b4b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 17:58:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106690
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sodo-search.min.js
cdn.jsdelivr.net/ghost/sodo-search@~1.3/umd/ 2 MB
234 B 43ms
43ms Other
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.3/umd/sodo-search.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f12d41908f84a1f47af0eef703c868b1528813ff0ab2eb4dbbe9651af3139c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"19a9a0-YeT3AkumrAbGBLZhI2AijptRrE0"
age: 15235
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-mad22030-MAD
vary: Accept-Encoding
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 319717
x-jsd-version: 1.3.0

GET
H2

200

prism-line-highlight.min.js Show response
unpkg.com/prismjs@1.29.0/plugins/line-highlight/
Redirect Chain

https://unpkg.com/prismjs/plugins/line-highlight/prism-line-highlight.min.js
https://unpkg.com/prismjs@1.29.0/plugins/line-highlight/prism-line-highlight.min.js

4 KB
2 KB

32ms
32ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/plugins/line-highlight/prism-line-highlight.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063ece5bd3ad41dcb2834ce96682fc0f1f0424071537a8f714ec722925c0f8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "e7a-wLEZD4FJibA7QZPfz/wZgMQniT0"
age: 1332169
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JCZ4ADFFNB86RP6K8J0F77X9-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721ef8a66563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/plugins/line-highlight/prism-line-highlight.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721def166563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS3P5E95ZDP6PKESW33TA-ams
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 351ms
17ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8149R648V2&gtm=45je4bk0v893871330z8849703852za200zb849703852&_p=1733248715979&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1509911598.1733248717&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733248716&sct=1&seg=0&dl=https%3A%2F%2Ftbhaxor.com%2Flinux-privilege-escalation%2F&dt=Linux%20Privilege%20Escalation&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2253
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8149R648V2&l=dataLayer&cx=c&gtm=45He4bk0v849703852za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://tbhaxor.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

prism-sql.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-sql.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-sql.min.js

3 KB
3 KB

36ms
36ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-sql.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc5f8ce69950ec73adc972f061df42aaea78faa4864709134ea2adc083f3a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "cbd-nhDtsCkWveyB9UqOTI9vS2mstPI"
age: 22904107
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW7Q6C0TVT1CW9XKR0D8F17-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5721fe9f66563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-sql.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5721f38e26563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS3WKJD792KBPC773RP7K-ams
server: cloudflare

GET
H2

200

prism-perl.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-perl.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-perl.min.js

2 KB
1 KB

35ms
35ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-perl.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bad12c8983d7a09a6c8640d22b6ba89eb7e78cc76ae8076ba002e727769cae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "87f-AwsnNDGFJRWlaDkXgv5KO2QiqU8"
age: 471518
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDRS3G5PMMJCBXJH8GESCHR9-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572221d306563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-perl.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572201a496563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS413M821ZWEYZ6VFVCX1-ams
server: cloudflare

GET
H2

200

prism-diff.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-diff.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-diff.min.js

605 B
601 B

32ms
32ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-diff.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16816fb2242a84c6ff6715a48c6d0a3e469e3250912cb9f1b755ca537d02f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "25d-+qbhcs0gaztgcdNW8N9Wdm617g8"
age: 22902271
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW9F86EE3VB030W09D1YYE9-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572237ef96563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-diff.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572225d6d6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS4CAMSM6JGMS221560DA-ams
server: cloudflare

GET
H2

200

prism-nginx.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-nginx.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-nginx.min.js

727 B
591 B

39ms
39ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-nginx.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfd310f8cb3a53f2c4c71c371c0701a0b2d8aef82298d890d696448df5625ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2d7-lX+JWndkzs9K98c8iDzirY7M8e8"
age: 6434252
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J872KB9PZSR1DCBM9H037PYM-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec57224181b6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-nginx.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec57223af316563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS4JZ43VQ755XF0Z4E670-ams
server: cloudflare

GET
H2

200

prism-json.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-json.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-json.min.js

449 B
584 B

30ms
30ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-json.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

956d86baa5ae7ec4106758f354ac2d140bdcd7fc103dece02f73ed12b8d663e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c1-G5qtdiIxnMsiKLN6TqxqV65ZLFY"
age: 6434253
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J872KAKYZBS4BC47H553WB74-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec57224e97d6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-json.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5722458676563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS4PNG1JYPHSMNCXYZ1JS-ams
server: cloudflare

GET
H2

200

prism-csharp.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-csharp.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-csharp.min.js

6 KB
3 KB

45ms
45ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-csharp.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4eca14394e584a4a3a747fe6dc0a93ddbc657880f7dbac3f8d119ccb206107e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1823-rzbglTRaw3TA5/ZkDOXiv7s31dk"
age: 22890800
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWMDBFT416ZSYYSVBKF3QTY-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572260ae66563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-csharp.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec5722519c36563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS4T8BSA2D6K2KECNEG86-ams
server: cloudflare

GET
H2

200

prism-yaml.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-yaml.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-yaml.min.js

2 KB
1 KB

64ms
64ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-yaml.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

719c8e8b8c344dc9de510c729f65ba840b1502a0a8e7e25e2ad19ee715f65c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "7b2-ksZTcInym4rEmaYglMTxGa44Ook"
age: 741448
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDGQNXSTH3KCV7BJ6MKP769J-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572271c536563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-yaml.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572265b736563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:37 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS50793H0953NC78PWPHE-ams
server: cloudflare

GET
H2

200

prism-docker.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-docker.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-docker.min.js

1 KB
1 KB

80ms
79ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-docker.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cc0faa5977a40652f62798a692a5ae171e0380480df3ed056e117597ec52dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5f9-npPs3E8IRlHLJYFzbw0yahn0Q1k"
age: 471516
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDRS3J5HKKDKEFNSDPXEDD83-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572280d6d6563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-docker.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572277cca6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS5621VHSMK5BFJMCM4QX-ams
server: cloudflare

GET
H2

200

prism-powershell.min.js Show response
unpkg.com/prismjs@1.29.0/components/
Redirect Chain

https://unpkg.com/prismjs/components/prism-powershell.min.js
https://unpkg.com/prismjs@1.29.0/components/prism-powershell.min.js

2 KB
2 KB

50ms
50ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/components/prism-powershell.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed401e08fc42847849774f9c9e171545ead0e0495958ea050aa9188db6c9849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "85e-NJGhtrO/VR2Yw9IzM1r8d6bS7to"
age: 22039675
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSP03NEF810SST4Y966NQ7ZR-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec572291ea26563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/components/prism-powershell.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572288e0b6563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS5B9BX9N7KD9KM9364JZ-ams
server: cloudflare

GET
H2

200

prism-diff-highlight.min.js Show response
unpkg.com/prismjs@1.29.0/plugins/diff-highlight/
Redirect Chain

https://unpkg.com/prismjs/plugins/diff-highlight/prism-diff-highlight.min.js
https://unpkg.com/prismjs@1.29.0/plugins/diff-highlight/prism-diff-highlight.min.js

1 KB
1 KB

54ms
54ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/prismjs@1.29.0/plugins/diff-highlight/prism-diff-highlight.min.js

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775bfefc886a7d43acc543b7c08cfad67b83a9208e7d6677130ce19a4cacf7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5b0-G7cLUk1GaWLlBBHjgUxpx8O/hWQ"
age: 43850
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JE5GYYPR89N8D7AJQ047H23E-ams
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ec5722a79a06563-AMS
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /prismjs@1.29.0/plugins/diff-highlight/prism-diff-highlight.min.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8ec572297fb06563-AMS
access-control-allow-origin: *
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JE6TS5FW8D9QVJQWA5RDQE41-ams
server: cloudflare

GET
H3 200 katex.min.js Show response
cdn.jsdelivr.net/npm/katex@0.16.9/dist/ 271 KB
77 KB 62ms
62ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/katex@0.16.9/dist/katex.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc84b296ec3e884de093158f760fd9d45b6c7abe58b5381557f4e138f46a58ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"43a2e-pDv54tRaJ1S0ofgPUd83UBlfOEc"
age: 6199847
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220116-FRA, cache-mad22030-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78619
x-jsd-version: 0.16.9

GET
H3 200 auto-render.min.js Show response
cdn.jsdelivr.net/npm/katex@0.16.9/dist/contrib/ 3 KB
2 KB 58ms
57ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/katex@0.16.9/dist/contrib/auto-render.min.js

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cb8dacfc086c2966c9ec4ba54f4a2dc43b7cbe2b33cec1a2743d886c7fb47a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tbhaxor.com
Referer: https://tbhaxor.com/linux-privilege-escalation/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"d96-SRYWuMn9sE0zm2YNbPruEmBM8Yc"
age: 1180235
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220092-FRA, cache-mad22030-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1594
x-jsd-version: 0.16.9

GET
H3

200

main.js Show response
tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame BFA4
Redirect Chain

https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
0

0ms
0ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7db7848e1b57eea95d722fb1b7bb2ad479f51f347910d4447c0f262e35e807a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnIO0YNzqL1on0r%2Bq3Gz0oSURhwSyWkKrp7AiNvrxRzjGTTznRsnn0woBnREbz8k6w6TSrUBK0QyjcJSV1tRqKevYxwa19MIcJSmAzqM3iYtOV5j3B%2Fw9dCOLD1xcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5721b1be16619-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19751&min_rtt=14047&rtt_var=4192&sent=1070&recv=107&lost=0&retrans=0&sent_bytes=1241150&recv_bytes=11379&delivery_rate=147147&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1673&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ynkm1aAJqrGg%2FiJ6gb0G6cuOgRhOL5RwPAiLzt%2BWwIl%2BxgkwHZhEyu%2BEExvrE9Pau1OPAxPmomAdjSaxothCbkpgJlNDnODrn5u6yTYEcKd86spKbgzuBwcry77iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5721aebbc6619-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=20833&min_rtt=14047&rtt_var=4221&sent=1066&recv=105&lost=0&retrans=0&sent_bytes=1238046&recv_bytes=11047&delivery_rate=10172931&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=1644&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 17:58:35 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8ec572112e866619 Show response
tbhaxor.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BFA4 0
1 KB 88ms
81ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbhaxor.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec572112e866619

Requested by

Host: tbhaxor.com
URL: https://tbhaxor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQeSgO9sHMt%2BWIreLuoUfl8GdDe6m1Lny0qmDMEVE7RCH5O8z%2BHxXo%2FSLiv83hMvMg%2BZ4BBFbZEXdepILwHFn%2BiLczqOuW0G2EVY0i2yKvnNQNahspK8uHAr%2BbTrtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec5722c4c056619-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18854&min_rtt=14047&rtt_var=3110&sent=1097&recv=140&lost=0&retrans=0&sent_bytes=1252430&recv_bytes=46315&delivery_rate=52259&cwnd=420600&unsent_bytes=0&cid=1849365354bd9555&ts=4487&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 03 Dec 2024 17:58:38 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: unpkg.com
URL: https://unpkg.com/prismjs/plugins/line-highlight/prism-line-highlight.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/plugins/diff-highlight/prism-diff-highlight.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-json.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-powershell.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-docker.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-yaml.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-csharp.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-nginx.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-diff.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-perl.min.js

Domain: unpkg.com
URL: https://unpkg.com/prismjs/components/prism-sql.min.js

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tbhaxor.com/	1970-01-21 11:03:28	Name: _ga_8149R648V2 Value: GS1.1.1733248716.1.0.1733248716.0.0.0
.tbhaxor.com/	1970-01-21 11:03:28	Name: _ga Value: GA1.1.1509911598.1733248717
.tbhaxor.com/	1970-01-21 10:13:04	Name: cf_clearance Value: belFHB8LVRinD6tO2nRhUkUz2JQU5_JEUZUF.NQrtDo-1733248718-1.2.1.1-dC58.qxKYafhCJGM05zPfqsxoa5kBXfwbx4ELEsJlD9n1dokFCfdao4G5koM6Y2NitsSdfE4Qiv9Ms_HN6TRbPBMYC28Ihb7WAClbmkg3_mrubXhhVH5GYrWChfbO8AAt3sQw0vmaKV3waxcCFFqeBEyyoOGUY7Trzbk.4GSA0ElXahbKUvoLkI3a6MYL5EXFKp_Jq4_OWmGrjzTWvE8R6oKokJZEhCWJ1uiDgHTw8j64EF.oGoTfIdQPSsy63ipypSxlnKRBDmIG7RV3UdAS.XKX4WcoZXvtvVaAu5SnDy0C7h6jOMpxpXVNutvfcVmkB7emiTP_2IlOk73UVvnrrCGhhjuzc5Y7JvHj9q7ejwdQMxqPihRnBqHW7E7RoYV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
region1.google-analytics.com
tbhaxor.com
unpkg.com
www.googletagmanager.com
unpkg.com
104.17.24.14
104.17.247.203
142.250.186.136
151.101.65.229
151.101.66.137
188.114.96.3
216.239.32.36
063ece5bd3ad41dcb2834ce96682fc0f1f0424071537a8f714ec722925c0f8fa
12077d9ea67882c149066e94843a6ede9036994b3724bfc45b31d97619328e14
1ed401e08fc42847849774f9c9e171545ead0e0495958ea050aa9188db6c9849
23028739cb79ca98b9f6f2edf55051f7315eefbc864f46768ae50fb2e374486a
2bad12c8983d7a09a6c8640d22b6ba89eb7e78cc76ae8076ba002e727769cae8
385eda93d98980344d958403ec9b7a4ec961afcf626eec3af640a0eb49c1330f
3fc5f8ce69950ec73adc972f061df42aaea78faa4864709134ea2adc083f3a33
467b9feccbe0d278bd918d989b50c1b956a730dc2dbc7cf4b650840f031a326d
505d5f829022bb7b4f24dfee0aa1141cd7bba67afe411d1240335f820960b5c3
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
60448eb4ec5dee1eafcc52d24c54f4df643e2dc7aef48dcd7c7df15fbcf28d0d
6260814110e5182f2956e3bd257429548d9dbf2a9b66a63719b26cf9fac966a7
6c88655f7eb58bc7e89b98ceeb3d5c9b456f2b89a238a448bacf7a87b550cdcd
719c8e8b8c344dc9de510c729f65ba840b1502a0a8e7e25e2ad19ee715f65c02
775bfefc886a7d43acc543b7c08cfad67b83a9208e7d6677130ce19a4cacf7d5
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
7cfd310f8cb3a53f2c4c71c371c0701a0b2d8aef82298d890d696448df5625ed
7db7848e1b57eea95d722fb1b7bb2ad479f51f347910d4447c0f262e35e807a0
8f0ca894df691e254301aa9039b3547cc4d878840931170056380a0582f92086
90cf381fd870198bf6a1ad73c8606b3787ac44f40daf062dbf970baec4751cd9
956d86baa5ae7ec4106758f354ac2d140bdcd7fc103dece02f73ed12b8d663e4
9cb8dacfc086c2966c9ec4ba54f4a2dc43b7cbe2b33cec1a2743d886c7fb47a7
9e05cf21207bff46afbf80cb8f43bb58bc4a4a87b68f28bc0470342f69345209
9ec5c5a78996db36f16d000b81e3f1cd27ac4edb3e1fc0ff6fe5aba9f9c7b377
a6cc0faa5977a40652f62798a692a5ae171e0380480df3ed056e117597ec52dd
b0ec08839236dde93ddda4170d9c123d0c76aee0ea2c76e03f6df5bf1402da66
b3bf3a8498fb379fcc3128195e10c85e7ddc382ce2e420239fa5012f05260235
b5bc58ad174c5b7b8fba7a1d3661f83849362a8e62d11dd85409e491627a7b9a
c23478c8d56370a2f60d9432d8ba30ff0d1328077d85cdd869c39d6bad67bfa4
c68105c1a605d49907feca9f09e11fcbc2938725539f5e99724c0f4156cc7150
c76ba4e240932bdc75546be30e550f5ba5e13815ff71511c76e9e27ac3072444
ca9bf8290358d99a8712516b0a1c1d18c0639ad1f0a5033c390880c20a9c9ba2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dc84b296ec3e884de093158f760fd9d45b6c7abe58b5381557f4e138f46a58ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d972fd198251a266f95205b1a68435d1164510c11f07aa103bdbec151b4b43
ed4385685bcf2d4935c8dbbab4bde16603da1329e092d2bf36c3dadd67e9a85c
f12d41908f84a1f47af0eef703c868b1528813ff0ab2eb4dbbe9651af3139c84
f16816fb2242a84c6ff6715a48c6d0a3e469e3250912cb9f1b755ca537d02f48
f4eca14394e584a4a3a747fe6dc0a93ddbc657880f7dbac3f8d119ccb206107e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

tbhaxor.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

45 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

1840 kBTransfer

5605 kBSize

3 Cookies

2 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

tbhaxor.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

45 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1840 kB
Transfer

5605 kB
Size

3
Cookies

56 HTTP transactions
0 data transactions