www.hackthebox.eu Open in urlscan Pro
2606:4700:10::6814:3744 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://6650o.r.ag.d.sendibm3.com/mk/cl/f/18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCpOFMCGtn_aTpzBJU0VvQ2...
Effective URL:
https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Fol...
Submission Tags: falconsandbox
Submission: On July 07 via api (July 7th 2021, 10:34:56 am UTC) from US

Summary HTTP 130 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 130 HTTP transactions. The main IP is 2606:4700:10::6814:3744, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hackthebox.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2021. Valid for: a year.

This is the only time www.hackthebox.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.107.232.244 185.107.232.244	200484 (SENDINBLU...) (SENDINBLUE-ASN)
1	2606:4700:e2:... 2606:4700:e2::ac40:8126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.107.232.249 185.107.232.249	200484 (SENDINBLU...) (SENDINBLUE-ASN)
59	2606:4700:10:... 2606:4700:10::6814:3744	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b8::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.88.208.102 52.88.208.102	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
130	22

1 185.107.232.244 (France)

ASN200484 (SENDINBLUE-ASN, FR)

6650o.r.ag.d.sendibm3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8126 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.107.232.249 (France)

ASN200484 (SENDINBLUE-ASN, FR)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700:10::6814:3744 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hackthebox.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b8::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.208.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-208-102.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	hackthebox.eu www.hackthebox.eu	5 MB
25	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
12	google.com www.google.com	152 KB
7	typekit.net use.typekit.net p.typekit.net	181 KB
4	hubspot.com api.hubspot.com track.hubspot.com	2 KB
4	unpkg.com 2 redirects unpkg.com	84 KB
3	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	70 KB
3	hsforms.net js.hsforms.net	272 KB
2	hsforms.com forms.hsforms.com perf.hsforms.com	3 KB
2	hs-scripts.com js.hs-scripts.com	1 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	usemessages.com js.usemessages.com	20 KB
1	segment.io api.segment.io	144 B
1	segment.com cdn.segment.com	55 KB
1	sendinblue.com in-automate.sendinblue.com	226 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	sibautomation.com sibautomation.com	2 KB
1	sendibm3.com 6650o.r.ag.d.sendibm3.com	1 KB
130	19

	Domain	Requested by
59	www.hackthebox.eu	6650o.r.ag.d.sendibm3.com www.hackthebox.eu
17	www.gstatic.com	www.google.com www.gstatic.com
12	www.google.com	js.hsforms.net www.gstatic.com www.google.com
8	fonts.gstatic.com	www.google.com
6	use.typekit.net	www.hackthebox.eu use.typekit.net
4	unpkg.com	2 redirects www.hackthebox.eu
3	js.hsforms.net	www.hackthebox.eu js.hsforms.net
2	track.hubspot.com
2	api.hubspot.com	js.usemessages.com
2	js.hs-scripts.com	www.hackthebox.eu consent.cookiebot.com
2	consent.cookiebot.com	www.hackthebox.eu consent.cookiebot.com
1	perf.hsforms.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	forms.hsforms.com	js.hsforms.net
1	api.segment.io	cdn.segment.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	cdn.segment.com	www.hackthebox.eu
1	p.typekit.net	use.typekit.net
1	in-automate.sendinblue.com	sibautomation.com
1	static.cloudflareinsights.com	sibautomation.com
1	sibautomation.com	6650o.r.ag.d.sendibm3.com static.cloudflareinsights.com
1	6650o.r.ag.d.sendibm3.com
130	24

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.cookiebot.com
segment.com
www.solarwinds.com
www.workable.com
legal.hubspot.com
www.intercom.com
youtu.be
www.twitch.tv
www.synack.com
hello.global.ntt
resources.hackthebox.eu
ctf.hackthebox.eu
discord.com
ctftime.org
discord.gg
www.linkedin.com
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
academy.hackthebox.eu
hackthebox.store
help.hackthebox.eu
forum.hackthebox.eu

Subject Issuer	Validity	Valid
*.r.ag.d.sendibm3.com R3	`2021-06-24` - `2021-09-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
*.sendinblue.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-07` - `2021-12-12`	a year	crt.sh
hackthebox.eu Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.cookiebot.com DigiCert Secure Site ECC CA-1	`2020-09-03` - `2021-09-03`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
Frame ID: 275C24935CE259923DB4A071025028FD
Requests: 90 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=3579920
Frame ID: DF1E9DB3ADEEBFC4D71112F2682C4F30
Requests: 5 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: C0727C53C93AEBA89A53859B6CA0137F
Requests: 2 HTTP requests in this frame

Frame: https://js.hsforms.net/forms-next/shell-recaptcha
Frame ID: E99C08241AC0BF4A3C3BABA5E3A83FF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldTo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=u1h30aekvbg2
Frame ID: 0FB174F99E43912385E1287431E8BED1
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k
Frame ID: D3639E95212501DAB810820B4FCFBCD0
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=ta5etvh0zhxy
Frame ID: DCB10414E85F92A9745CE20635A44885
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj
Frame ID: 50925F326434FA7C1C622113B2124318
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://6650o.r.ag.d.sendibm3.com/mk/cl/f/18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCp... Page URL
https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HT... Page URL

Detected technologies

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

130
Requests

98 %
HTTPS

81 %
IPv6

19
Domains

24
Subdomains

22
IPs

3
Countries

6531 kB
Transfer

10087 kB
Size

0
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://segment.com/docs/legal/privacy/
Title: Segment

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/legal/privacy
Title: Pingdom

Search URL Search Domain Scan URL

URL: https://www.workable.com/privacy
Title: Workable

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy?_ga=2.250808134.1581177119.1522931914-1869930087.1510729546
Title: Hubspot

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy?hubs_signup-url=www.hubspot.com/&hubs_signup-cta=null&_ga=2.233684958.1918253292.1599215465-564717415.1599033587&_gac=1.204737188.1599033588.EAIaIQobChMI-_PzpIDK6wIViLh3Ch01XAS2EAAYASAAEgJK6vD_BwE
Title: Hubspot

Search URL Search Domain Scan URL

URL: https://www.intercom.com/terms-and-policies#privacy
Title: Intercom

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://youtu.be/e94TyqrSwuE
Title: Youtube channel.

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/hackthebox
Title: Twitch channel.

Search URL Search Domain Scan URL

URL: https://www.synack.com/
Title:

Search URL Search Domain Scan URL

URL: https://hello.global.ntt/en-us/solutions/cybersecurity
Title:

Search URL Search Domain Scan URL

URL: https://resources.hackthebox.eu/hubfs/HTBBusinessCTF_SponsorshipBrief_2021.pdf
Title: here.

Search URL Search Domain Scan URL

URL: https://ctf.hackthebox.eu/
Title: https://ctf.hackthebox.eu.

Search URL Search Domain Scan URL

URL: https://discord.com/invite/hackthebox
Title: Discord Server

Search URL Search Domain Scan URL

URL: https://ctftime.org/event/1386
Title: CTFtime

Search URL Search Domain Scan URL

URL: https://discord.gg/hackthebox
Title: here

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hackthebox/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/hackthebox_eu
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hackthebox/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hackthebox.eu
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/HackTheBox/featured
Title:

Search URL Search Domain Scan URL

URL: https://academy.hackthebox.eu/
Title: Academy

Search URL Search Domain Scan URL

URL: https://hackthebox.store/
Title: Swag

Search URL Search Domain Scan URL

URL: https://resources.hackthebox.eu/hack-the-box-newsletter-sign-up
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://help.hackthebox.eu/
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: https://forum.hackthebox.eu/
Title: Forum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://6650o.r.ag.d.sendibm3.com/mk/cl/f/18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCpOFMCGtn_aTpzBJU0VvQ2PmxlBtLdkWvzZ0oPb8DYGQDxJBLFj3hVM3KKzTbtlHt4s7KdJnwBvDRAW029GVAzGVt6Zvj5Ep9xivdjVYRKraQ6CvuqoGQ0on-IeQNXNNn2ZlzrMZVS32b18qbEcZ_Ol1SjaePTqbF1CXjio-sjd88_WtP3Xx9N3_37UxRkcDBjxbsh1fML5GNDODTZVdEX2Ntcm31xmj9kyTvUWW7zzx3DfwrF4jMjb7FomErmA3h9mvH9PA Page URL
https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@1.1.1/dist/lottie-player.js

Request Chain 13

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-interactivity@0.1.5/dist/lottie-interactivity.min.js

130 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCpOFMCGtn_aTpzBJU0VvQ2PmxlBtLdkWvzZ0oPb8DYGQDxJBLFj3hVM3KKzTbtlHt4s7KdJnwBvDRAW029GVAzGVt6Zvj5Ep9xivdjVYRKraQ6CvuqoGQ0on-IeQNXNNn2Z... Show response
6650o.r.ag.d.sendibm3.com/mk/cl/f/ 938 B
1 KB 155ms
72ms Document
text/html 185.107.232.244
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://6650o.r.ag.d.sendibm3.com/mk/cl/f/18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCpOFMCGtn_aTpzBJU0VvQ2PmxlBtLdkWvzZ0oPb8DYGQDxJBLFj3hVM3KKzTbtlHt4s7KdJnwBvDRAW029GVAzGVt6Zvj5Ep9xivdjVYRKraQ6CvuqoGQ0on-IeQNXNNn2ZlzrMZVS32b18qbEcZ_Ol1SjaePTqbF1CXjio-sjd88_WtP3Xx9N3_37UxRkcDBjxbsh1fML5GNDODTZVdEX2Ntcm31xmj9kyTvUWW7zzx3DfwrF4jMjb7FomErmA3h9mvH9PA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.107.232.244 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

82435337e0c00e334e32d8e1f42907d1a0ac4752c7710ec4f5f2a078733f66c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: 6650o.r.ag.d.sendibm3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 938
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jul 2021 10:34:19 GMT
X-Content-Type-Options: nosniff
X-Sib-Server: SENDINBLUE-red1-3
X-Xss-Protection: 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame DF1E 3 KB
2 KB 61ms
22ms Document
text/html 2606:4700:e2::ac40:8126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibautomation.com/cm.html?id=3579920

Requested by

Host: 6650o.r.ag.d.sendibm3.com
URL: https://6650o.r.ag.d.sendibm3.com/mk/cl/f/18-T6nQVb5pg1ZFKfPi9eWYfmHgRJfz-2xH3FquIela0vjW1AhQsU2Zl1fkCCXM9xiCpOFMCGtn_aTpzBJU0VvQ2PmxlBtLdkWvzZ0oPb8DYGQDxJBLFj3hVM3KKzTbtlHt4s7KdJnwBvDRAW029GVAzGVt6Zvj5Ep9xivdjVYRKraQ6CvuqoGQ0on-IeQNXNNn2ZlzrMZVS32b18qbEcZ_Ol1SjaePTqbF1CXjio-sjd88_WtP3Xx9N3_37UxRkcDBjxbsh1fML5GNDODTZVdEX2Ntcm31xmj9kyTvUWW7zzx3DfwrF4jMjb7FomErmA3h9mvH9PA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Sails <sailsjs.com>

Resource Hash

f3cc552995dd1376c51e2a4bb19a4a249c3bb3e57de400f70bb87ad47bc19cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: sibautomation.com
:scheme: https
:path: /cm.html?id=3579920
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6650o.r.ag.d.sendibm3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6650o.r.ag.d.sendibm3.com/

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-apo-via: origin,host
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Sails <sailsjs.com>
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web2-3
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: max-age=7200
cf-cache-status: HIT
age: 220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wxPpUBX1eiLi3DY3yzmpPweArxHvHCg2K1GdCka21M58h%2FanNPolgCfMjW7aA8BZrOWLrVnrfhN%2F%2FtjAnaK9J%2B6BtqBOP%2BD9jbaMgPe%2F2f3wz8egkBSP2C08Q9MG3SnN1yCJzAnucWQHVvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66b06b6dbaee008f-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame DF1E 13 KB
5 KB 35ms
20ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=3579920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 66b06b6df9dd073e-FRA

GET
H/1.1 204
No Content cm
in-automate.sendinblue.com/ Frame DF1E 0
226 B 126ms
29ms XHR
text/plain 185.107.232.249
SENDINBLUE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://in-automate.sendinblue.com/cm?uuid=4c0f98d9-fdd0-426b-9b86-6443e6798e47&key=fq9zuyy2crzzc0fpp4frw6kp&trans=0&user_id=405540

Requested by

Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=3579920

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.107.232.249 , France, ASN200484 (SENDINBLUE-ASN, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 07 Jul 2021 10:34:19 GMT
Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Sib-Server: SENDINBLUE-srv-pr-rancher-worker-11

GET
H2 200 Primary Request htb-business-ctf-2021 Show response
www.hackthebox.eu/ 57 KB
12 KB 217ms
185ms Document
text/html 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a70ea3990abc9759f8fdfb65d673774d62150c0e3b840ca411a9be827f21f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.hackthebox.eu
:scheme: https
:path: /htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://6650o.r.ag.d.sendibm3.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6650o.r.ag.d.sendibm3.com/

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; expires=Wed, 07-Jul-2021 12:34:19 GMT; Max-Age=7200; path=/; secure hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9; expires=Wed, 07-Jul-2021 12:34:19 GMT; Max-Age=7200; path=/; secure; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://app.hackthebox.eu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 66b06b6e48eb4eb6-FRA
content-encoding: gzip

POST rum
sibautomation.com/cdn-cgi/ Frame DF1E 0
0

GET
H2 200 ryt3opf.css
use.typekit.net/ 13 KB
2 KB 99ms
73ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ryt3opf.css

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a6d7b6a09c279e7f64988dc41c4bacfd12a4819fc0a474b7afacc632f9d3d4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 07 Jul 2021 10:34:19 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1322

GET
H2 200 ctf_business.min.css
www.hackthebox.eu/assets/css/ 113 KB
24 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2d89a0078bdb6da95f82b7c3a621302cd886f4451a5846ff4366a9df46eb67

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/css/ctf_business.min.css?v=1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-1c32a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b6f8b724eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 ctf_business.min.js Show response
www.hackthebox.eu/assets/js/ 252 KB
79 KB 24ms
24ms Script
application/javascript 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackthebox.eu/assets/js/ctf_business.min.js

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032f68b72109acdf6ac019354fcea41e61c0eb58d5ae3b02ea95df0ad200d8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/js/ctf_business.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-3f044"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b6f8b754eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 hack-the-box.woff
www.hackthebox.eu/landingV3Fonts/ 6 KB
6 KB 42ms
41ms Font
font/woff 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackthebox.eu/landingV3Fonts/hack-the-box.woff

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a58b0fdd9d1f4c8a826d123b0deaa62cc0fac336e3bc3004a72642f4ce8017f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hackthebox.eu
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
:path: /landingV3Fonts/hack-the-box.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hackthebox.eu
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7079
vary: Accept-Encoding
content-length: 6108
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-17dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b6f8b7a4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 permanent-marker-latin-400-normal.woff2
www.hackthebox.eu/landingV3Fonts/ 29 KB
29 KB 31ms
31ms Font
font/woff2 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackthebox.eu/landingV3Fonts/permanent-marker-latin-400-normal.woff2

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.hackthebox.eu
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
:path: /landingV3Fonts/permanent-marker-latin-400-normal.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hackthebox.eu
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
content-length: 29564
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-737c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b6f8b7c4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 574 KB
135 KB 72ms
54ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7f21878684ce340ee52c11eb27d08dbc697789b485422c43e44612b1c07069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 30 Jun 2021 01:56:04 UTC
server: cloudflare
etag: W/"1affce2513473ae91b2f4fd57b7b4ff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TUM2S9JS7A%2FElllPlYqbwnzGD0vGXM0LbI8wEQHWVWurpYzPubb7LhukcIwsaM5ZOYyFVj6aL5EFkcBDKRe6LUQBRnjumxff%2FF13w1h%2Fg4Yi4N2Kza3OBAS9tBgHPKNwgcGyharY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: Luoigh5RWH9p_gcdeqZV9fSrXnMxdIFC
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66b06b6faab54ed9-FRA
x-amz-cf-id: EKpU0rB2iD09RcQRnm571XUaieBSN3iqmi37eWDbQcJhwj0ZM93P3Q==
x-hs-target-asset: FormsNext/static-5.333/bundles/project_with_deps.js

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@1.1.1/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@1.1.1/dist/lottie-player.js

341 KB
81 KB

32ms
32ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@1.1.1/dist/lottie-player.js

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3d03db4b852936c021da82acc3be6e11cba04f91a65e998381eebafb14c032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112846
fly-request-id: 01F9WWWPFT6F8X4GR8HER4A59V
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"55516-KgLUgJp8kuIAjgR91iD2zsNGUr4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66b06b6fced14e6d-FRA

Redirect headers

date: Wed, 07 Jul 2021 10:34:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FA083JSN6D03HXNXJB3HJTBV
server: cloudflare
age: 422
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@lottiefiles/lottie-player@1.1.1/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66b06b6f9e774e6d-FRA
access-control-allow-origin: *

GET
H2

200

lottie-interactivity.min.js Show response
unpkg.com/@lottiefiles/lottie-interactivity@0.1.5/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js
https://unpkg.com/@lottiefiles/lottie-interactivity@0.1.5/dist/lottie-interactivity.min.js

5 KB
2 KB

15ms
15ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-interactivity@0.1.5/dist/lottie-interactivity.min.js

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e257f48beab7e56562636cfbf382c8861f706b35f65f4cd848f51066cb676714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 684593
fly-request-id: 01F9BVMBWWPY3SQTWD8Y8NCCEX
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"13ca-0e70/xlL3UAkRBCQ8MwYCoYy+vg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66b06b6fcec14e6d-FRA

Redirect headers

date: Wed, 07 Jul 2021 10:34:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FA08FRSK0YZ68QWH0BZSP1YT
server: cloudflare
age: 26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@lottiefiles/lottie-interactivity@0.1.5/dist/lottie-interactivity.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66b06b6f9e7c4e6d-FRA
access-control-allow-origin: *

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 72 KB
24 KB 81ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 08:28:35 GMT
server: Microsoft-IIS/10.0
etag: "358f2a14a73d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=652
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 23897
expires: Wed, 07 Jul 2021 10:45:11 GMT

GET
H2 200 logo-htb.svg
www.hackthebox.eu/images/ 5 KB
2 KB 35ms
35ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/logo-htb.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f0d928a1a7f4e81180c8aef6ac9219f1662ad823294016f0bd396586031f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/logo-htb.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7079
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-134e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b702cba4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 hero-image.png
www.hackthebox.eu/images/landingv3/ctf_business/ 385 KB
386 KB 124ms
124ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hero-image.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c39e23d9ea7c6eac21e644374d34ab15622c265c6b55aa16199a4c503be4ec7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hero-image.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=png, origSize=812303
content-disposition: inline; filename="hero-image.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 394592
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-c650f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b704cff4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 team.svg
www.hackthebox.eu/images/landingv3/ctf_business/icons/ 2 KB
777 B 70ms
62ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/icons/team.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b925026db5b6b2d4757fdc16a8eb0b1833017d492c89d6bcc6f708828f9e25c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/icons/team.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709da44eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 date.svg
www.hackthebox.eu/images/landingv3/ctf_business/icons/ 2 KB
624 B 121ms
113ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/icons/date.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c578e8ec8b21e47e7b82d9c5283246160481c027258161dd24e6cf5f852eebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/icons/date.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709da94eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 difficulty_icon.svg
www.hackthebox.eu/images/landingv3/ctf_business/icons/ 975 B
731 B 137ms
129ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/icons/difficulty_icon.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec5db54eb1c94554047e88cf6e831fd5b63186d6d39af153de39e8e44f0f427

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/icons/difficulty_icon.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-3cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709dac4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 content_icon.svg
www.hackthebox.eu/images/landingv3/ctf_business/icons/ 2 KB
1 KB 40ms
31ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/icons/content_icon.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222ee537379e13ecb32e496e7d34dd4a7cca239105a37c1822e1e37eee33552f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/icons/content_icon.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-6be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709daf4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 ctf.svg
www.hackthebox.eu/images/landingv3/ctf_business/icons/ 963 B
669 B 70ms
61ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/icons/ctf.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a4f2068f4a618e326bc073e5fbe28fc65763ddd2adc4f4d9c755b21911c9742

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/icons/ctf.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-3c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709db14eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 BIZ_CTF-Certificate.png
www.hackthebox.eu/images/landingv3/ctf_business/ 2 MB
2 MB 56ms
47ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/BIZ_CTF-Certificate.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be44876cd46ded2ef6bb815239832037166dc0caf7d02c4cd6467bb3e37b7847

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/BIZ_CTF-Certificate.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=png, origSize=3878755
content-disposition: inline; filename="BIZ_CTF-Certificate.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 1885234
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-3b2f63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709db24eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 marcin-intel.jpeg
www.hackthebox.eu/images/landingv3/b2b_ctf/ 62 KB
63 KB 75ms
67ms Image
image/jpeg 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/b2b_ctf/marcin-intel.jpeg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d445b0767a551f0530d4c750a9b5f70876500ecf7721c3a9ba030ddea29bfa7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/b2b_ctf/marcin-intel.jpeg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origSize=68663, status=webp_bigger
vary: Accept-Encoding
content-length: 63996
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-10c37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709db34eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 intel-logo.svg
www.hackthebox.eu/images/landingv3/b2b_ctf/ 2 KB
1 KB 92ms
83ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/b2b_ctf/intel-logo.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797e35ad6be9ed1d765daed8988e9ee0975e5323419ceea6868c07e52f60f4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/b2b_ctf/intel-logo.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-817"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709db54eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 jordan-with-you.jpg
www.hackthebox.eu/images/landingv3/b2b_ctf/ 54 KB
54 KB 37ms
29ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/b2b_ctf/jordan-with-you.jpg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15862fe7d8be3563d52192b18b516df5cadf0a4c49edf96653a221832561edc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/b2b_ctf/jordan-with-you.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=jpeg, origSize=94529
content-disposition: inline; filename="jordan-with-you.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 55172
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-17141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709db64eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 withyouwithme-logo.svg
www.hackthebox.eu/images/landingv3/b2b_home/ 5 KB
2 KB 123ms
115ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/b2b_home/withyouwithme-logo.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6cfdd5a85e9c005d8f6e85403254d524959a6dc65e09060b212c33402a8c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/b2b_home/withyouwithme-logo.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 717
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-125f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709db74eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 farzan-easports.jpg
www.hackthebox.eu/images/landingv3/b2b_ctf/ 44 KB
44 KB 33ms
25ms Image
image/jpeg 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/b2b_ctf/farzan-easports.jpg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738e6ca999b5be17682c93a9556fd15f1d46f65d2c98ae8e27240d9aa4e9d7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/b2b_ctf/farzan-easports.jpg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origSize=47044, status=webp_bigger
vary: Accept-Encoding
content-length: 44725
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-b7c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709db84eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 easports-logo.svg
www.hackthebox.eu/images/landingv3/companies/ 4 KB
2 KB 49ms
40ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/companies/easports-logo.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffaa161d72be61680ad2fa29a223636f94cc52818b9363cd509bf9ed7bf4d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/companies/easports-logo.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7077
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-11c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709dbb4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 ctf_timeline.png
www.hackthebox.eu/images/landingv3/ctf_business/ 49 KB
49 KB 46ms
38ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/ctf_timeline.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bbc934e36c0638364d19829ef83d4d9770bf950488390b6c8d5d9a48a588264

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/ctf_timeline.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=png, origSize=120011
content-disposition: inline; filename="ctf_timeline.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 50278
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-1d4cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dbc4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Swti.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
9 KB 77ms
68ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Swti.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d52da3e99236b154c8672b864f8f14795bfa41e7766e1228f8ce39c63d830657

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Swti.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=png, origSize=16782
content-disposition: inline; filename="Swti.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 9308
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-418e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dbd4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Dimitrios.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
10 KB 59ms
50ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Dimitrios.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b10ae2b33ce5621d0adaecc275fa6ab22367c8d4c48051d116503b3fa6c184

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Dimitrios.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5891
cf-polished: origFmt=png, origSize=17464
content-disposition: inline; filename="Dimitrios.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 9628
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-4438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dbe4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Ben.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 8 KB
8 KB 137ms
129ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Ben.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79fcbf50f2c920e4af05791d3a18be6bff1251fc81a9c274f535d1502a1e692

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Ben.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=15771
content-disposition: inline; filename="Ben.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 8468
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-3d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dd34eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Nikos.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
9 KB 52ms
44ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Nikos.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1fd85d8905d19a7880c3d91761c1d1fb8c94c69efb7f8f5ce835ebc21a94b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Nikos.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=16751
content-disposition: inline; filename="Nikos.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 9214
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-416f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dda4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Tom.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
9 KB 52ms
43ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Tom.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a29b7db587890115158af348f5e0396fad448da8a41b136f22460557014e86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Tom.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=16685
content-disposition: inline; filename="Tom.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 9122
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-412d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709ddb4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Kat.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
9 KB 113ms
105ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Kat.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d0f2d49d701c64044cf717a7fdc88167ba8820a180dd995df729ce501fe368

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Kat.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=16711
content-disposition: inline; filename="Kat.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 9100
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-4147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dde4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Ian.png
www.hackthebox.eu/images/landingv3/ctf_business/avatars/ 9 KB
9 KB 39ms
31ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/avatars/Ian.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ffce67795a844fd0520e492bb9862f1d1b5f67db6c0e3d561efcb4f86e0d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/avatars/Ian.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=15509
content-disposition: inline; filename="Ian.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 8712
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-3c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de14eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Misc@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 19 KB
19 KB 59ms
51ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Misc@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e458379fdf477a16b8203ab5c466f352ee3b11726bb5dc0963cff31a4ce66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Misc@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=39988
content-disposition: inline; filename="Misc@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 19190
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-9c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de24eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Crypto@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 21 KB
21 KB 35ms
27ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Crypto@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47793e8a75a1d8f3aef15a095f79db2eb0b43faf692d0d160b857a13fddba16

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Crypto@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=40863
content-disposition: inline; filename="Crypto@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 21258
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-9f9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de44eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Quick@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 27 KB
27 KB 44ms
37ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Quick@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d8e3776c0fe4d30a0e232a7cc3d31a0a2e9d519aa208dfbccea158ebc08a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Quick@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=46811
content-disposition: inline; filename="Quick@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 27672
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-b6db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de64eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Revers@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 15 KB
15 KB 72ms
65ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Revers@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3f5fe80f757ea51cd7955f7cf5560888c7ec9c187cb860b69f4662e5034687

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Revers@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=33363
content-disposition: inline; filename="Revers@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 15524
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-8253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de84eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Web@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 19 KB
20 KB 77ms
70ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Web@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43547b50bf10ebf836d7afb37c0b161c0b0c076ae6b52b11fe51ac6550372aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Web@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=37539
content-disposition: inline; filename="Web@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 19864
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-92a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709de94eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Cache@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/content/ 29 KB
30 KB 50ms
43ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/content/Cache@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

487cbf69be8b525d9eb95e7852d275453283907666853600dae2d02699a719a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/content/Cache@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=49454
content-disposition: inline; filename="Cache@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 30036
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-c12e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dec4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Web@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 844 B
976 B 46ms
39ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Web@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06919188842d64543de76afa899baa6fc4a3754a24355add6de39a75d170fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Web@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=1838
content-disposition: inline; filename="Web@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 844
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-72e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709ded4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Crypto@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 2 KB
2 KB 117ms
110ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Crypto@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c527168ea3538500052b1ea5afda629da608afbfc2c950cee1fad1135dc55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Crypto@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=3694
content-disposition: inline; filename="Crypto@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 1782
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-e6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709def4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Reversing@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 892 B
1 KB 128ms
122ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Reversing@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98686a2c7a5036e605fc615c8341e139a0be2d88688103078bbb4c2982849e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Reversing@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=1959
content-disposition: inline; filename="Reversing@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 892
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df14eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Cloud@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 1 KB
2 KB 70ms
64ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Cloud@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2da70eda058c52170f0b8ebb07d052000d0dc817c6290c6f2109a5bc0feb132f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Cloud@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=2863
content-disposition: inline; filename="Cloud@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 1396
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df34eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Forensics@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 2 KB
2 KB 79ms
73ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Forensics@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9a7c33811ad778dc13922b51938e60320b74bd6dfcbf298e2435b0c832e107

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Forensics@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=4471
content-disposition: inline; filename="Forensics@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 2120
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-1177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df54eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Pwn@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 2 KB
2 KB 160ms
154ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Pwn@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b8c57cab929956e431658f88df198fbd23469aea41e4a37379962fbb9267e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Pwn@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=4322
content-disposition: inline; filename="Pwn@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 2118
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-10e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df64eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Misc@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/ 2 KB
2 KB 41ms
35ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/hacking_content/Misc@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fd0fa3d037659c39b8be1312be7aa2164f29638d419922ac45144c7be5f897

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/hacking_content/Misc@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=4327
content-disposition: inline; filename="Misc@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 1984
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-10e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df74eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 AcademyCubes2x.png
www.hackthebox.eu/images/landingv3/ctf_business/trophies/ 33 KB
33 KB 51ms
45ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/trophies/AcademyCubes2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c64afea3191b4671df91e597f311a2a1ac1d2102468ab9d8ff4161777fcd5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/trophies/AcademyCubes2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=61897
content-disposition: inline; filename="AcademyCubes2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 33808
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-f1c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709df94eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 DedicatedLabs2x.png
www.hackthebox.eu/images/landingv3/ctf_business/trophies/ 44 KB
44 KB 74ms
68ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/trophies/DedicatedLabs2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcfd8b1763ef5f8468e2ec01f7d2c56082fa3a8dfeb0b64f8fe6bc5ae31d73c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/trophies/DedicatedLabs2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=83505
content-disposition: inline; filename="DedicatedLabs2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 45290
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-14631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dfa4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Group%20170.svg
www.hackthebox.eu/images/landingv3/ctf_business/trophies/ 13 KB
5 KB 47ms
42ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/trophies/Group%20170.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8ed0b58e1de29216c74947ae15714bda0880f58490770ca8bff916ee0de9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/trophies/Group%20170.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-33e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709dfb4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 SwagGiftCard2x.png
www.hackthebox.eu/images/landingv3/ctf_business/trophies/ 90 KB
90 KB 46ms
40ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/trophies/SwagGiftCard2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b2bf839736fc1bf958ad7dd0b5e2e95434c628833b3664d8df474484d65ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/trophies/SwagGiftCard2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=156845
content-disposition: inline; filename="SwagGiftCard2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 92072
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-264ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dfc4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 ProLabs2x.png
www.hackthebox.eu/images/landingv3/ctf_business/trophies/ 117 KB
118 KB 139ms
134ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/trophies/ProLabs2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c38fded9400fd3d6d33ea27dab8eeef47934276f1210ea794779b24f990972a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/trophies/ProLabs2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=196947
content-disposition: inline; filename="ProLabs2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 120288
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-30153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dfe4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Sponsors_Logos_Synack@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/ 21 KB
21 KB 134ms
129ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/Sponsors_Logos_Synack@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a79080d6a78bb36e546ebd64e83a7060b8f420cdeed31aa0dbc639bea287412

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/Sponsors_Logos_Synack@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=42356
content-disposition: inline; filename="Sponsors_Logos_Synack@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 21290
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-a574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709dff4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 NTT_Horizontal_White@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/ 3 KB
3 KB 55ms
50ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/NTT_Horizontal_White@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97fab856ccb6d8a868c431803c832456f2408afb5dd043f2279619b29ed72dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/NTT_Horizontal_White@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=9762
content-disposition: inline; filename="NTT_Horizontal_White@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 2982
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-2622"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709e024eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Coming-Soon.png
www.hackthebox.eu/images/landingv3/ctf_business/ 8 KB
8 KB 64ms
59ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/Coming-Soon.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53c6a3c7363abf15cadd059630722aea971b8d70832428a12901083315f8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/Coming-Soon.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=16959
content-disposition: inline; filename="Coming-Soon.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 7900
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-423f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709e034eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 HackerOne@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/ 3 KB
3 KB 118ms
113ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/HackerOne@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8f9a10d65e7ef919990d06e479fea46e09c9deb1153c1a51380166353dbe3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/HackerOne@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=7381
content-disposition: inline; filename="HackerOne@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 2960
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-1cd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709e044eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Hack5@2x.png
www.hackthebox.eu/images/landingv3/ctf_business/ 5 KB
5 KB 117ms
112ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/Hack5@2x.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74b84f818bc8df2fbd1ed5ccda5c5221bb37225075c0690a60b1685bbff3971

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/Hack5@2x.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=10930
content-disposition: inline; filename="Hack5@2x.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 4808
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-2ab2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709e074eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 TrophyMockup.png
www.hackthebox.eu/images/landingv3/ctf_business/ 1 MB
1 MB 95ms
91ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/TrophyMockup.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f150431ae64ec71b576db274541c778d9ac8f5e35557c5c86dd517c32b44ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/TrophyMockup.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=1453516
content-disposition: inline; filename="TrophyMockup.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 1061230
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-162dcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b709e0a4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 Icon_rules.svg
www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/ 1 KB
697 B 47ms
42ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/Icon_rules.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07b76973a9e8c1c7a7287447fb52792f94b7251942c1eae7203187b66917de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/rule_bubbles/Icon_rules.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-5a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709e0c4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Icon_flag.svg
www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/ 1 KB
724 B 76ms
72ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/Icon_flag.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83d8f4a66e7583cf5718ea6c8b5db328706c45eed8cd65fb62489733319c27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/rule_bubbles/Icon_flag.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-5a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709e0f4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Icon_team.svg
www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/ 2 KB
822 B 125ms
121ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/Icon_team.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5e53256e4e2015a5c868b83217c5300735622ba56989b6b41dde2be8ce0aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/rule_bubbles/Icon_team.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-7aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709e124eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 404 Icon_eye.svg
www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/ 5 KB
5 KB 132ms
128ms Image
text/html 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/Icon_eye.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6227cd8a575ad7a43810508a6bb15dccc438c693a54eafaa775c048170a30edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /images/landingv3/ctf_business/rule_bubbles/Icon_eye.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app.hackthebox.eu
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 66b06b709e164eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 Icon_hacker.svg
www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/ 3 KB
1 KB 80ms
76ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/rule_bubbles/Icon_hacker.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e418719384419807d3447f4b580720d4043e1043c70cfeabb3c2a44caede08

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/rule_bubbles/Icon_hacker.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-b22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709e194eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 5514032.js Show response
js.hs-scripts.com/ 1 KB
909 B 138ms
119ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5514032.js
Requested by: Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8043a4ce83d0c67b4e7d06064060109aab25cb7fe873587bd6186d4517f8572

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: e6a4233c-f775-4590-b721-6a639704c401
x-trace: 2B7218B8B2B02F5F40396D8877F5EF4D178002791E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.hackthebox.eu
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 66b06b70bd5a1f51-FRA
expires: Wed, 07 Jul 2021 10:35:19 GMT

GET
H2 200 logo-htb-white.svg
www.hackthebox.eu/images/ 5 KB
2 KB 42ms
38ms Image
image/svg+xml 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/logo-htb-white.svg

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b7e1dc3f50dd30c42562fcea3289d8bbe27442ccfd1f46370babd476b0336b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/logo-htb-white.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e34a50-134e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
cf-ray: 66b06b709e1b4eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 20ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ryt3opf&ht=tk&f=39512.39516.39517.39518.39521.39523.40863.40866.40868.40872.40878.40879.40881.40888.40890.40891.40899.40905.40906&a=29927922&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/897ZUJzEmt1RCzOiBwsvWNdp3d2l5tae/ 353 KB
55 KB 101ms
42ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/897ZUJzEmt1RCzOiBwsvWNdp3d2l5tae/analytics.min.js
Requested by: Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec75ec30d35e7b22e3bf4a8d0898f0f66f0285b1ea5bb18f7ba6f536b8b49973

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iZVNdnVeC8qTtqQhLHvWAgit0DJiebJ.
content-encoding: br
etag: W/"6b07c26b58f39b25903a77a683d21c7a"
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sun, 27 Jun 2021 07:35:08 GMT
server: AmazonS3
date: Wed, 07 Jul 2021 10:34:19 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: 1x1oRzPevk1luIdtvex2d38gPkwkFGy52H1k9dMw4I3IkLRkjEG6rw==

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/ee54d4ba-9660-4515-a764-a6ec3109f2a5/hackthebox.eu/ 0
245 B 48ms
20ms Script
application/x-javascript 2a02:26f0:6c00:2b8::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/ee54d4ba-9660-4515-a764-a6ec3109f2a5/hackthebox.eu/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b8::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
last-modified: Tue, 06 Jul 2021 09:52:06 GMT
server: AkamaiNetStorage
etag: "d41d8cd98f00b204e9800998ecf8427e:1625565126.40706"
content-type: application/x-javascript
cache-control: max-age=75768
server-timing: cdn-cache; desc=HIT, edge; dur=12
accept-ranges: bytes
content-length: 0
expires: Thu, 08 Jul 2021 07:37:07 GMT

GET
H2 200 Countdown.png
www.hackthebox.eu/images/landingv3/ctf_business/ 299 KB
299 KB 55ms
52ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/ctf_business/Countdown.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88fc6e6707b7397285708d88dba12795f1ee579423c2ba923dd4eaecdec4847a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/ctf_business/Countdown.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=1026592
content-disposition: inline; filename="Countdown.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 305954
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-faa20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b70be224eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 mountainbg.png
www.hackthebox.eu/images/landingv3/cyber_apocalypse/ 139 KB
140 KB 73ms
72ms Image
image/webp 2606:4700:10::6814:3744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackthebox.eu/images/landingv3/cyber_apocalypse/mountainbg.png

Requested by

Host: www.hackthebox.eu
URL: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:3744 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6c8f4ffb482b3ccc86925bbfd8928b9a5a05144de9bf7dfb6bee9ec1d758cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/landingv3/cyber_apocalypse/mountainbg.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InlFMVJyTnl3Z2FTQXE3eHZVZzNJbWc9PSIsInZhbHVlIjoibFwvamVLV0w4VlBnVWdOY24rM2ZVOXRrNkp4T2lhRU41dUdzTXJDcGFjOHVwVVwvSUt0MG05SXpINFBWVGhkTGExQitHQ3JVS1FPeGpaTjVxeFhsUDBBbDY0a1BJQWlOSXdLTmx6Yk9KQktFWjN0SnlcL3NGNGdBeGpoeGFscnVFeHYiLCJtYWMiOiI1Yzg4NDc2MWVhYjI4YTlmNjk0NTAwODIzYWYzYTQzYjc0MzFjNGU0MDlhMmJhMDA2NzI5ZTI3ODYyN2U2OWI0In0%3D; hackthebox_session=eyJpdiI6IjVWYWJFSm1RamcxV0t3XC9zczFIcWpBPT0iLCJ2YWx1ZSI6IlpjYUtPeUVkVEVvcUVOY29LazB0XC9Ob2NnR0w3WFRGNURCaVdscytQWEFkTXBMSnMrRTNVcTZFUTNxNkR4RXpxQWttUVhRNVNLSERCWXl5ZktscFEydjhzd1o5T0Jqczc0UXVOWjhHQW8zRnlcL2Urcm9EVzJ0XC9KYVRLYzJRNmVxIiwibWFjIjoiM2IyOTA2MWE5ODY0ZjM1ZTVlYzNiYWRhMWQ2NjgwZTdiZGQ0OGE4OGE3MDhmMGQ2ZjNiZWY5YjhjNDk5NDRkOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hackthebox.eu
referer: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hackthebox.eu/assets/css/ctf_business.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5890
cf-polished: origFmt=png, origSize=246402
content-disposition: inline; filename="mountainbg.webp"
strict-transport-security: max-age=0; includeSubDomains
content-length: 142662
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Jul 2021 18:07:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e34a50-3c282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: https://app.hackthebox.eu
cache-control: max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66b06b70be234eb6-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-bgj: imgq:100,h2pri

GET
H2 200 l
use.typekit.net/af/dff101/00000000000000003b9b2061/27/ 35 KB
35 KB 40ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dff101/00000000000000003b9b2061/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d766219e6e00a1f8c9bf585c803db384434c921d453e4a6f160486d1bfca0f5

Request headers

Origin: https://www.hackthebox.eu
Referer: https://use.typekit.net/ryt3opf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
server: nginx
etag: "e7b83e8ab836eca23dcc393f2949230d57b4b201"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35640

GET
H2 200 l
use.typekit.net/af/3da9bf/00000000000000003b9b2063/27/ 35 KB
35 KB 51ms
27ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3da9bf/00000000000000003b9b2063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5a13e0db4587921af06ee3154ab4616ec587d956474fd944002e23bbe1e19909

Request headers

Origin: https://www.hackthebox.eu
Referer: https://use.typekit.net/ryt3opf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
server: nginx
etag: "d6768399f3b9304a9ed13c680eb3e17f92e754f3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35996

GET
H2 200 l
use.typekit.net/af/6a58f8/00000000000000003b9b2058/27/ 35 KB
36 KB 74ms
51ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6a58f8/00000000000000003b9b2058/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4db9f95486ac0b8ca512862697d244eddf4805cfa9bf9c90ee09bfe70669c1f4

Request headers

Origin: https://www.hackthebox.eu
Referer: https://use.typekit.net/ryt3opf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
server: nginx
etag: "f69d833e2bf2a44bbe589484c1bae03ab200d7d2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36068

GET
H2 200 l
use.typekit.net/af/6559ad/00000000000000003b9b205c/27/ 36 KB
36 KB 92ms
69ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6559ad/00000000000000003b9b205c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8ee4d0737f290c2190ff306d8f4a2dbb5a249d7fbed217282df5e54021ce5bd4

Request headers

Origin: https://www.hackthebox.eu
Referer: https://use.typekit.net/ryt3opf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
server: nginx
etag: "6e660ad70bf39df7b15641b23ea13f679ff95dbd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36824

GET
H2 200 l
use.typekit.net/af/18efc2/00000000000000003b9b205e/27/ 37 KB
37 KB 37ms
15ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/18efc2/00000000000000003b9b205e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f902f011c9881e619662b8711659a12bcdcb93fd173c58f5d04ab75800861546

Request headers

Origin: https://www.hackthebox.eu
Referer: https://use.typekit.net/ryt3opf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:19 GMT
server: nginx
etag: "55800daaa8d18082310ae3d55355ce57cfb12b43"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38036

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
144 B 573ms
191ms XHR
application/json 52.88.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/897ZUJzEmt1RCzOiBwsvWNdp3d2l5tae/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.208.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-208-102.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.hackthebox.eu
date: Wed, 07 Jul 2021 10:34:20 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 cc.js Show response
consent.cookiebot.com/ee54d4ba-9660-4515-a764-a6ec3109f2a5/ 182 KB
46 KB 158ms
158ms Script
application/x-javascript 2a02:26f0:6c00::210:ba83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/ee54d4ba-9660-4515-a764-a6ec3109f2a5/cc.js?renew=false&referer=www.hackthebox.eu&dnt=false&forceshow=false&cbid=ee54d4ba-9660-4515-a764-a6ec3109f2a5&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 141761e0c2b755c70ed36863263ccf338733473b08a77b64b7b5cc931d261e55

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 10:34:19 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 46712
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbaf9db799af2b2ff89831f5fc3aa7de380838c3ee1fc634165118488beb3597

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5514032.js Show response
js.hs-scripts.com/ 1 KB
557 B 18ms
18ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5514032.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7549a0d3e4dda0874037cc3fdc7fea9007de63134ebce73065c36fa50260786

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1
cf-polished: origSize=1474
x-hubspot-correlation-id: e6a4233c-f775-4590-b721-6a639704c401
cf-bgj: minify
server: cloudflare
x-trace: 2B7218B8B2B02F5F40396D8877F5EF4D178002791E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.hackthebox.eu
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 66b06b73ab7f1f51-FRA
expires: Wed, 07 Jul 2021 10:35:20 GMT

GET
H2 200 bd7e41a6-0f35-4900-baf6-cbe4753d80d3 Show response
forms.hsforms.com/embed/v3/form/5514032/ 12 KB
3 KB 158ms
140ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5514032/bd7e41a6-0f35-4900-baf6-cbe4753d80d3?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9804cb7e9ed71034cf04f6b4aa36a6c373e09f8f0cc4611d8e219b99ccf68569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 236aed47-8a6b-434d-a722-c1bbc56924dc
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2B8847B9A65899DA1B223757678307E10A06922EFC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 66b06b73cf8b05e9-FRA

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 40ms
20ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b9ee5ba3186e11d0758183d285cdbc02970270fa510c151e015df50971b459

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
via: 1.1 d9057c384f4ac5ba2672d2ff44de7e09.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 530
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9015/bundles/project.js&cfRay=66b05e830e524ab6-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:54:17 UTC
server: cloudflare
etag: W/"ed623f218e0389473699bb74cba7dde1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: hnNUpZlmHiPXmGko4RSMxmNZRXP.D2Iq
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66b06b73e894d6b9-FRA
x-amz-cf-id: XsvOKHDm6O6SrGZ8E-_fMI9KnqVUyFi5UdVNheDzaMIjrobeA7oqpw==
x-hs-target-asset: conversations-embed/static-1.9015/bundles/project.js

GET
H2 200 5514032.js Show response
js.hs-analytics.net/analytics/1625653800000/ 62 KB
19 KB 216ms
196ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1625653800000/5514032.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9687728c837ff1fe013d484843f697c42659258c9bc978adc552197ffe8a6dc3

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 89XAFKQSJWBNM7CE
x-amz-server-side-encryption: AES256
cf-ray: 66b06b73e93b3240-FRA
x-amz-id-2: nS9s1oTeaY0lWFAjA1HXYQ29fk3HvtwnhcqMeKS5etbUvT99RM3C9nrDX8cxQiKyZYULRCYPktU=
last-modified: Wed, 12 May 2021 19:56:43 GMT
server: cloudflare
etag: W/"4b5eb8eb377180f29b9a15f9b7909084"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 07 Jul 2021 10:39:20 GMT

GET
H2 200 5514032.js Show response
js.hs-banner.com/ 60 KB
15 KB 139ms
121ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5514032.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c953c38b811d92b7e73849fdb168236ca44346ab2ba010e5cfa07ed6e38b937b

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 0HNTXGPGT0V61ZWX
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 4MyQ4Ksa0adL34+w+klD5BbTbM15FtgDUjoZv+JVDFhVyIdE7CCcHk9+aLDiHkJez748vr92oKs=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 17:20:46 GMT
server: cloudflare
etag: W/"937f7fcdcb6f1dd24b7e7037b82fbe17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: VEDxBHhe2RjJ.WV4._lNo3Oi8WVvpnY7
access-control-allow-origin: https://meetings.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 66b06b73e9fdc2a4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 07 Jul 2021 10:39:20 GMT

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 364 B
1 KB 429ms
418ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5514032&conversations-embed=static-1.9015&mobile=false&messagesUtk=42a9119767394eaaab9fea1ca9f907c2&traceId=42a9119767394eaaab9fea1ca9f907c2&referrer=https%3A%2F%2F6650o.r.ag.d.sendibm3.com%2F

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bdddc1a1015035bb7d246f3420d1a20d06c1012b4e9aef8a53b75243e99ed5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.hackthebox.eu/htb-business-ctf-2021?utm_source=sendinblue&utm_medium=email&utm_campaign=HTB_Business_CTF_-_Follow_Up_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackthebox.eu/

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 586eb0a1-28bd-4f31-904b-08231fd14316
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 280
server: cloudflare
x-trace: 2B1F2512B9567E932FCC0B626A665A6670F2032150000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wjH%2BUFXyppzlJSy8gPH4rDFc8hsQN723u1cmeE0upngDEVNQOJ6HrMA9vAVxebH0cfXkIZXX37VeKs%2FaIqqTkM97gqRpCxSK2NQ7bJHz%2FoAHIBTtknEbdqpzheoK01fcWFtD3N80cTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.hackthebox.eu
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 66b06b754de14a86-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 170ms
151ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.hackthebox.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 66b06b744afb177e-FRA
access-control-allow-origin: https://www.hackthebox.eu
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 799ca0b4-7a3a-457b-8962-914b8b5e35ad
x-trace: 2B2A7119888EE61E61DC26DF15B7725265C255D1F6000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jV%2Bv1qOcRPUycV%2Fu3IERTPEfV4nafMMjQof9OnYsTbc3xUJyLlMjdwMJXrA8fVAvydtBjETMOqz9DaLRlUCl3%2Bb5EyNyUxAsofWpnZnhc6AIpMiBj9%2BB6FO88JGLgu8nawvsjyVNWJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
834 B 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94176d09b9382e90f71916d8875bb97d85ce988c6844893d1451e511afadbd95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 v2.js Show response
js.hsforms.net/forms/ Frame C072 574 KB
135 KB 71ms
60ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7f21878684ce340ee52c11eb27d08dbc697789b485422c43e44612b1c07069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
via: 1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 30 Jun 2021 01:56:04 UTC
server: cloudflare
etag: W/"1affce2513473ae91b2f4fd57b7b4ff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UBnzCNGe58ZyDfTSozowsZlINmn0FY1WR5Wo1vCcuQL%2BY51ci9mMZhp1tsgvd1lKlBiVrUrYVqeN0e35KsNw7xnW81d2MJJcbRcAAdF8%2FjigZGLx5rQ0%2F8AoA8q%2FMlw6LgdzoZbYXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: Luoigh5RWH9p_gcdeqZV9fSrXnMxdIFC
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 66b06b74cc192bdd-FRA
x-amz-cf-id: EKpU0rB2iD09RcQRnm571XUaieBSN3iqmi37eWDbQcJhwj0ZM93P3Q==
x-hs-target-asset: FormsNext/static-5.333/bundles/project_with_deps.js

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hackthebox.eu
Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
784 B 45ms
28ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=bd7e41a6-0f35-4900-baf6-cbe4753d80d3&fci=d30a765e-df27-4d21-a723-473005b5177a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=5514032&r=https%3A%2F%2F6650o.r.ag.d.sendibm3.com%2F&pu=https%3A%2F%2Fwww.hackthebox.eu%2Fhtb-business-ctf-2021%3Futm_source%3Dsendinblue%26utm_medium%3Demail%26utm_campaign%3DHTB_Business_CTF_-_Follow_Up_1&t=Hack+The+Box+Business+CTF+2021+%7C+A+Hacking+Competition+For+Companies&cts=1625654060350&vi=772c0f64843e804cbd80002672fef1b8&nc=true&u=224355716.772c0f64843e804cbd80002672fef1b8.1625654060346.1625654060346.1625654060346.1&b=224355716.1.1625654060346&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3535020c-9a39-4624-8bfd-b587e0429cf1
cf-ray: 66b06b755bc00eb7-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6hbWIrPF7ciMJo9aIJArbCfrw0fSur1EuF3MEXEc9Dl0wL53ApydNRLesL4Y3BaGV6%2B57dc%2FsbIfC1N2nqNeH8zGLnhhZoa2UXhUzSZTIXsKd%2BQ4VSHHMgCo9bUkcS%2BZcrWtHouGVspmRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
364 B 51ms
34ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=5514032&r=https%3A%2F%2F6650o.r.ag.d.sendibm3.com%2F&pu=https%3A%2F%2Fwww.hackthebox.eu%2Fhtb-business-ctf-2021%3Futm_source%3Dsendinblue%26utm_medium%3Demail%26utm_campaign%3DHTB_Business_CTF_-_Follow_Up_1&t=Hack+The+Box+Business+CTF+2021+%7C+A+Hacking+Competition+For+Companies&cts=1625654060351&vi=772c0f64843e804cbd80002672fef1b8&nc=true&u=224355716.772c0f64843e804cbd80002672fef1b8.1625654060346.1625654060346.1625654060346.1&b=224355716.1.1625654060346&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.hackthebox.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 490b0ce2-02cb-406d-99f1-d7f8dc181ee9
cf-ray: 66b06b755bc50eb7-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8aiW98Y%2BlkDnjZLWP88J7C40CcDE7kEG8zvOv%2FTGgd89dDT2b5RFeCAwGEed1wVEev1LSPTZY1LHbwOytHoSGGY%2BIndpGK%2BQg%2B0oQ%2B30aK21yzdVTTMuu6ReEJnpxgXHXKSVrjVgRJ%2BLww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 shell-recaptcha Show response
js.hsforms.net/forms-next/ Frame E99C 852 B
1 KB 134ms
133ms Document
text/html 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms-next/shell-recaptcha

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: js.hsforms.net
:scheme: https
:path: /forms-next/shell-recaptcha
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Jun 2021 01:56:04 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: elLfJpvZXnpPFb7lXxt.oVm990f.vp8m
x-cache: Hit from cloudfront
via: 1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: K9WLiRlQ0cTDsjiNMJq5GuXIOX9BoSMJHjgsTcIKr3qcrEstWqdb8Q==
age: 2020
cache-control: s-maxage=600, max-age=0
x-hs-target-asset: FormsNext/static-5.333/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=og5wP0RLcEGRqOrGeNH%2B%2BfPOn4DRTrNuUB3MtQch%2FnclGudiuJksmC5BwA9QC5Uos%2FwHF2BET1mzpoCkxjTKYOqQKtFHM0qGxFdj4%2BiAzDeuqM5KCbLEu8D6X3rnWoBrH%2Bs4BVGaZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 66b06b759db42bdd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ Frame C072 35 B
191 B 127ms
126ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=5514032

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
cf-cache-status: MISS
server: cloudflare
x-hubspot-correlation-id: b3cc2f9d-9fcc-4e4f-b0df-ffb403fba9b7
x-trace: 2B1E9827A0BCB5CBDC82B78B9F7347176A93B5F3B7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 66b06b759c9a05e9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 0FB1 39 KB
20 KB 23ms
23ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldTo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=u1h30aekvbg2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65bb8a64bf5306ef4a66683628b194db91e40b3341071141ca3bff4e7b25f7be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E3gz275FyO12lBFwRxBdqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldTo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=u1h30aekvbg2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackthebox.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackthebox.eu/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 10:34:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-E3gz275FyO12lBFwRxBdqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20384
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 0FB1 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldTo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=u1h30aekvbg2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:37:33 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 0FB1 341 KB
133 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 0FB1 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaGFja3RoZWJveC5ldTo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=u1h30aekvbg2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame D363 7 KB
1 KB 17ms
16ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc023d435062c150b7e2d6ea32a0cf2439e443ae046e3279fda55ba22be41c53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K1AjdxvBz2QKbUSkVcbacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hackthebox.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hackthebox.eu/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 10:34:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-K1AjdxvBz2QKbUSkVcbacQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1117
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 enterprise.js Show response
www.google.com/recaptcha/ Frame E99C 1008 B
638 B 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms-next/shell-recaptcha

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94176d09b9382e90f71916d8875bb97d85ce988c6844893d1451e511afadbd95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://js.hsforms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame D363 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:37:33 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame D363 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame E99C 341 KB
133 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.hsforms.net
Referer: https://js.hsforms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame DCB1 39 KB
20 KB 28ms
28ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=ta5etvh0zhxy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c86cecdac91d1bc98d1d27945f3010a4d08f8f2360f4507f0b0e226f274d2f2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zv42QpWGLVsG8oki1UFQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=ta5etvh0zhxy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.hsforms.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.hsforms.net/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 10:34:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-zv42QpWGLVsG8oki1UFQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20507
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame D363 35 KB
21 KB 57ms
56ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03067eeb2501827edb40d2db65bd2a6a291a7dab69cabb001a4fe0b86c5cba2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21539
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame DCB1 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=ta5etvh0zhxy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:37:33 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame DCB1 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DCB1 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 126015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:34:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DCB1 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 121884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DCB1 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 122608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame D363 600 B
622 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:57:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 92187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Tue, 13 Jul 2021 08:57:53 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame D363 530 B
552 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 13:51:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 74564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 13 Jul 2021 13:51:36 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame D363 665 B
687 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 113635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Tue, 13 Jul 2021 03:00:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D363 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 121884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D363 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:41:59 GMT
x-content-type-options: nosniff
age: 114741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:41:59 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D363 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 122608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/enterprise/ Frame D363 43 KB
43 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq265hvJd28gTK6xL1lo-Iw6N5aHf1KTHBMFpye_D69NiLH5l592eoxNZYCjpVVEJvnUp2eyUsqNPi3ki0vnuGiD65CfIIpjYq1-z6aY3I1IVRRjlLSJIdKldsPWOrjXj08qITuGTEnLnmSMYzGr67MAVjNSd1Swxu476VGPTFRVKTG_k1yjJ84-VkwxcTi2P9qx2NhK2YSyX6z9LOKqq7ie74juwyQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e648b42f02e5435634e04226a91e2e0ecb495eaaaaef7e5ea1c2c6d83e3d4507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=faeap19f9c2k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43974
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame DCB1 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&badge=inline&cb=ta5etvh0zhxy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:20 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 5092 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2886403bdc4ac2d787b9e447adccf55ee005a9c049d414278b45b01760f805dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bdnl2ut82cH5nRGUBKp3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.hsforms.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _GRECAPTCHA=09AHvtmbBPs3PeQdbH1wwDWTtne7ShrIK_aUh96pd3-mNSyD70CJDrRbW0T8zt-wcruZ4z0NRdIpEwPtSLb9ZwtPM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.hsforms.net/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 10:34:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-bdnl2ut82cH5nRGUBKp3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 5092 52 KB
25 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:37:33 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 5092 341 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 09:24:48 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 5092 35 KB
21 KB 72ms
72ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94a1a3da7cc6498f14acf9e4d337d5804657a7e127196a79c29abe283203c6b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Jul 2021 10:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21032
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:21 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5092 600 B
622 B 8ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:57:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 92188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Tue, 13 Jul 2021 08:57:53 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5092 530 B
552 B 8ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 13:51:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 74565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 13 Jul 2021 13:51:36 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5092 665 B
687 B 8ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 113636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Tue, 13 Jul 2021 03:00:25 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5092 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 122609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5092 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 121885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5092 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:41:59 GMT
x-content-type-options: nosniff
age: 114742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:41:59 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/enterprise/ Frame 5092 24 KB
24 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq24km5u05wXELOo8Q6U0FOjKP6czTF8_l3nZXF0WRNetPBpAswIr-EMSp6okD8-O0oprt1bRt0vvwKcIwqK75vVtJmDcgrGph9TLbku-cPDyySvOdGU1pFFOy1ZVbjFGe1qSU-j-NnTpQXNZQwUSi7OFEmPTGnnkP7AF0H3sBmxkoi1BmG2Hx5rYpddSCaoCmHwl8kr0hanAlQw7yucy5RiDIaFRdA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e5c4022aee337f404b6333a8fe5767c2aac68854820f348a83cb2e11bf75fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&cb=6ou6tzloidmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 10:34:21 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24179
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 10:34:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sibautomation.com
URL: https://sibautomation.com/cdn-cgi/rum?req_id=66b0660dfd2aa8a9

Domain: sibautomation.com
URL: https://sibautomation.com/cdn-cgi/rum?req_id=66b0660dfd2aa8a9

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6650o.r.ag.d.sendibm3.com
api.hubspot.com
api.segment.io
cdn.segment.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
forms.hsforms.com
in-automate.sendinblue.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.usemessages.com
p.typekit.net
perf.hsforms.com
sibautomation.com
static.cloudflareinsights.com
track.hubspot.com
unpkg.com
use.typekit.net
www.google.com
www.gstatic.com
www.hackthebox.eu
sibautomation.com
13.224.197.80
185.107.232.244
185.107.232.249
2606:4700:10::6814:3744
2606:4700::6810:5705
2606:4700::6810:5e41
2606:4700::6810:7aaf
2606:4700::6811:47b0
2606:4700::6811:b649
2606:4700::6811:d6cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700:e2::ac40:8126
2a00:1450:4001:808::2004
2a00:1450:4001:830::2003
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00:2b8::f09
2a02:26f0:6c00::210:ba2a
2a02:26f0:6c00::210:ba83
52.88.208.102
03067eeb2501827edb40d2db65bd2a6a291a7dab69cabb001a4fe0b86c5cba2d
032f68b72109acdf6ac019354fcea41e61c0eb58d5ae3b02ea95df0ad200d8ce
0a5e53256e4e2015a5c868b83217c5300735622ba56989b6b41dde2be8ce0aa3
0a70ea3990abc9759f8fdfb65d673774d62150c0e3b840ca411a9be827f21f8a
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
141761e0c2b755c70ed36863263ccf338733473b08a77b64b7b5cc931d261e55
15862fe7d8be3563d52192b18b516df5cadf0a4c49edf96653a221832561edc0
16ffce67795a844fd0520e492bb9862f1d1b5f67db6c0e3d561efcb4f86e0d30
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c
1e3f5fe80f757ea51cd7955f7cf5560888c7ec9c187cb860b69f4662e5034687
222ee537379e13ecb32e496e7d34dd4a7cca239105a37c1822e1e37eee33552f
25fd0fa3d037659c39b8be1312be7aa2164f29638d419922ac45144c7be5f897
2886403bdc4ac2d787b9e447adccf55ee005a9c049d414278b45b01760f805dc
2a4f2068f4a618e326bc073e5fbe28fc65763ddd2adc4f4d9c755b21911c9742
2c8ed0b58e1de29216c74947ae15714bda0880f58490770ca8bff916ee0de9f5
2d766219e6e00a1f8c9bf585c803db384434c921d453e4a6f160486d1bfca0f5
2da70eda058c52170f0b8ebb07d052000d0dc817c6290c6f2109a5bc0feb132f
2e6cfdd5a85e9c005d8f6e85403254d524959a6dc65e09060b212c33402a8c7b
35e418719384419807d3447f4b580720d4043e1043c70cfeabb3c2a44caede08
3a58b0fdd9d1f4c8a826d123b0deaa62cc0fac336e3bc3004a72642f4ce8017f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5c4022aee337f404b6333a8fe5767c2aac68854820f348a83cb2e11bf75fe2
42e458379fdf477a16b8203ab5c466f352ee3b11726bb5dc0963cff31a4ce66a
43547b50bf10ebf836d7afb37c0b161c0b0c076ae6b52b11fe51ac6550372aab
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
487cbf69be8b525d9eb95e7852d275453283907666853600dae2d02699a719a7
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
49d8e3776c0fe4d30a0e232a7cc3d31a0a2e9d519aa208dfbccea158ebc08a3c
4a29b7db587890115158af348f5e0396fad448da8a41b136f22460557014e86a
4db9f95486ac0b8ca512862697d244eddf4805cfa9bf9c90ee09bfe70669c1f4
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
4ffaa161d72be61680ad2fa29a223636f94cc52818b9363cd509bf9ed7bf4d30
52c64afea3191b4671df91e597f311a2a1ac1d2102468ab9d8ff4161777fcd5c
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a13e0db4587921af06ee3154ab4616ec587d956474fd944002e23bbe1e19909
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5ec5db54eb1c94554047e88cf6e831fd5b63186d6d39af153de39e8e44f0f427
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6227cd8a575ad7a43810508a6bb15dccc438c693a54eafaa775c048170a30edc
65bb8a64bf5306ef4a66683628b194db91e40b3341071141ca3bff4e7b25f7be
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
738e6ca999b5be17682c93a9556fd15f1d46f65d2c98ae8e27240d9aa4e9d7c0
74b8c57cab929956e431658f88df198fbd23469aea41e4a37379962fbb9267e0
797e35ad6be9ed1d765daed8988e9ee0975e5323419ceea6868c07e52f60f4f4
7bbc934e36c0638364d19829ef83d4d9770bf950488390b6c8d5d9a48a588264
82435337e0c00e334e32d8e1f42907d1a0ac4752c7710ec4f5f2a078733f66c5
82c527168ea3538500052b1ea5afda629da608afbfc2c950cee1fad1135dc55e
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
88fc6e6707b7397285708d88dba12795f1ee579423c2ba923dd4eaecdec4847a
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c38fded9400fd3d6d33ea27dab8eeef47934276f1210ea794779b24f990972a
8ee4d0737f290c2190ff306d8f4a2dbb5a249d7fbed217282df5e54021ce5bd4
94176d09b9382e90f71916d8875bb97d85ce988c6844893d1451e511afadbd95
94a1a3da7cc6498f14acf9e4d337d5804657a7e127196a79c29abe283203c6b7
9687728c837ff1fe013d484843f697c42659258c9bc978adc552197ffe8a6dc3
97fab856ccb6d8a868c431803c832456f2408afb5dd043f2279619b29ed72dfd
9804cb7e9ed71034cf04f6b4aa36a6c373e09f8f0cc4611d8e219b99ccf68569
98686a2c7a5036e605fc615c8341e139a0be2d88688103078bbb4c2982849e73
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d
9a79080d6a78bb36e546ebd64e83a7060b8f420cdeed31aa0dbc639bea287412
9bdddc1a1015035bb7d246f3420d1a20d06c1012b4e9aef8a53b75243e99ed5a
a06919188842d64543de76afa899baa6fc4a3754a24355add6de39a75d170fca
a07b76973a9e8c1c7a7287447fb52792f94b7251942c1eae7203187b66917de6
a1f150431ae64ec71b576db274541c778d9ac8f5e35557c5c86dd517c32b44ba
a47793e8a75a1d8f3aef15a095f79db2eb0b43faf692d0d160b857a13fddba16
a6d7b6a09c279e7f64988dc41c4bacfd12a4819fc0a474b7afacc632f9d3d4de
b4f0d928a1a7f4e81180c8aef6ac9219f1662ad823294016f0bd396586031f09
b7549a0d3e4dda0874037cc3fdc7fea9007de63134ebce73065c36fa50260786
b925026db5b6b2d4757fdc16a8eb0b1833017d492c89d6bcc6f708828f9e25c3
b9b10ae2b33ce5621d0adaecc275fa6ab22367c8d4c48051d116503b3fa6c184
bbaf9db799af2b2ff89831f5fc3aa7de380838c3ee1fc634165118488beb3597
be44876cd46ded2ef6bb815239832037166dc0caf7d02c4cd6467bb3e37b7847
c39e23d9ea7c6eac21e644374d34ab15622c265c6b55aa16199a4c503be4ec7f
c4b7e1dc3f50dd30c42562fcea3289d8bbe27442ccfd1f46370babd476b0336b
c578e8ec8b21e47e7b82d9c5283246160481c027258161dd24e6cf5f852eebc3
c83d8f4a66e7583cf5718ea6c8b5db328706c45eed8cd65fb62489733319c27a
c86cecdac91d1bc98d1d27945f3010a4d08f8f2360f4507f0b0e226f274d2f2f
c8f9a10d65e7ef919990d06e479fea46e09c9deb1153c1a51380166353dbe3b8
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c953c38b811d92b7e73849fdb168236ca44346ab2ba010e5cfa07ed6e38b937b
cb6c8f4ffb482b3ccc86925bbfd8928b9a5a05144de9bf7dfb6bee9ec1d758cc
cc023d435062c150b7e2d6ea32a0cf2439e443ae046e3279fda55ba22be41c53
cf3d03db4b852936c021da82acc3be6e11cba04f91a65e998381eebafb14c032
cf7f21878684ce340ee52c11eb27d08dbc697789b485422c43e44612b1c07069
d445b0767a551f0530d4c750a9b5f70876500ecf7721c3a9ba030ddea29bfa7e
d52da3e99236b154c8672b864f8f14795bfa41e7766e1228f8ce39c63d830657
d74b84f818bc8df2fbd1ed5ccda5c5221bb37225075c0690a60b1685bbff3971
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcfd8b1763ef5f8468e2ec01f7d2c56082fa3a8dfeb0b64f8fe6bc5ae31d73c0
df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724
e257f48beab7e56562636cfbf382c8861f706b35f65f4cd848f51066cb676714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2bf839736fc1bf958ad7dd0b5e2e95434c628833b3664d8df474484d65ae7
e53c6a3c7363abf15cadd059630722aea971b8d70832428a12901083315f8d36
e648b42f02e5435634e04226a91e2e0ecb495eaaaaef7e5ea1c2c6d83e3d4507
e8043a4ce83d0c67b4e7d06064060109aab25cb7fe873587bd6186d4517f8572
ea2d89a0078bdb6da95f82b7c3a621302cd886f4451a5846ff4366a9df46eb67
ec75ec30d35e7b22e3bf4a8d0898f0f66f0285b1ea5bb18f7ba6f536b8b49973
ec9a7c33811ad778dc13922b51938e60320b74bd6dfcbf298e2435b0c832e107
ed1fd85d8905d19a7880c3d91761c1d1fb8c94c69efb7f8f5ce835ebc21a94b6
f3b9ee5ba3186e11d0758183d285cdbc02970270fa510c151e015df50971b459
f3cc552995dd1376c51e2a4bb19a4a249c3bb3e57de400f70bb87ad47bc19cca
f3d0f2d49d701c64044cf717a7fdc88167ba8820a180dd995df729ce501fe368
f79fcbf50f2c920e4af05791d3a18be6bff1251fc81a9c274f535d1502a1e692
f902f011c9881e619662b8711659a12bcdcb93fd173c58f5d04ab75800861546
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

www.hackthebox.eu Open in urlscan Pro 2606:4700:10::6814:3744 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

81 %IPv6

19 Domains

24 Subdomains

22 IPs

3 Countries

6531 kBTransfer

10087 kBSize

0 Cookies

28 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hackthebox.eu Open in urlscan Pro
2606:4700:10::6814:3744 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

81 %
IPv6

19
Domains

24
Subdomains

22
IPs

3
Countries

6531 kB
Transfer

10087 kB
Size

0
Cookies

130 HTTP transactions
4 data transactions