tryhackme.com Open in urlscan Pro
2606:4700:10::6816:37e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVEsxUVVEQVBpNWxBSDN1WlFCQVpCYkVscExOd0xYNXVVVV83YTJ4dz09IiwiaHJlZiI6Imh0...
Effective URL:
https://tryhackme.com/r/room/airplane
Submission: On July 11 via api (July 11th 2024, 4:11:12 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 18 domains to perform 57 HTTP transactions. The main IP is 2606:4700:10::6816:37e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is tryhackme.com. The Cisco Umbrella rank of the primary domain is 264517.
TLS certificate: Issued by E1 on May 20th 2024. Valid for: 3 months.

This is the only time tryhackme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.227.225.220 35.227.225.220	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 19	2606:4700:10:... 2606:4700:10::6816:37e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266a:a00:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:500... 2600:141b:5000:59e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.139.29.40 108.139.29.40	16509 (AMAZON-02) (AMAZON-02)
1	34.120.62.213 34.120.62.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
1	18.164.96.77 18.164.96.77	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	142.251.179.155 142.251.179.155	15169 (GOOGLE) (GOOGLE)
2	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
4	2606:4700:440... 2606:4700:4400::6812:24cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.96.97 18.164.96.97	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:23c... 2600:9000:23ca:2000:1f:54cc:9ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.201.104.32 54.201.104.32	16509 (AMAZON-02) (AMAZON-02)
3	52.218.98.162 52.218.98.162	16509 (AMAZON-02) (AMAZON-02)
57	23

1 35.227.225.220 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com

e.customeriomail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::6816:37e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tryhackme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:a00:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:5000:59e::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-40.jfk50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.62.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.62.120.34.bc.googleusercontent.com

o4507096022450176.ingest.de.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

flag.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:24cd (United States)

ASN13335 (CLOUDFLARENET, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-97.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:23ca:2000:1f:54cc:9ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.tryhackme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.104.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-104-32.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.98.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

tryhackme-images.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tryhackme.com 1 redirects tryhackme.com — Cisco Umbrella Rank: 264517 assets.tryhackme.com — Cisco Umbrella Rank: 509226	3 MB
9	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4619 flag.lab.amplitude.com — Cisco Umbrella Rank: 7810 api.lab.amplitude.com — Cisco Umbrella Rank: 5098 api2.amplitude.com — Cisco Umbrella Rank: 1437	19 KB
6	gstatic.com fonts.gstatic.com	137 KB
3	amazonaws.com tryhackme-images.s3.amazonaws.com — Cisco Umbrella Rank: 824383	64 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	3 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1271	138 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 239	306 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	179 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1311 script.hotjar.com — Cisco Umbrella Rank: 1952	60 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4682	230 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5142	24 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5116	26 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 208	252 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5457	1 KB
1	sentry.io o4507096022450176.ingest.de.sentry.io — Cisco Umbrella Rank: 875177	299 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1033	957 B
1	customer.io assets.customer.io — Cisco Umbrella Rank: 30518	3 KB
1	customeriomail.com 1 redirects e.customeriomail.com — Cisco Umbrella Rank: 121780	164 B
57	18

	Domain	Requested by
19	tryhackme.com	1 redirects tryhackme.com
6	fonts.gstatic.com	fonts.googleapis.com
4	api.lab.amplitude.com	tryhackme.com
3	tryhackme-images.s3.amazonaws.com	tryhackme.com
3	fonts.googleapis.com	tryhackme.com
2	api2.amplitude.com	tryhackme.com
2	unpkg.com	1 redirects tryhackme.com
2	assets.tryhackme.com	tryhackme.com
2	flag.lab.amplitude.com	tryhackme.com
2	analytics.google.com	tryhackme.com
2	www.googletagmanager.com	tryhackme.com www.googletagmanager.com
1	vc.hotjar.io	tryhackme.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	tryhackme.com
1	o4507096022450176.ingest.de.sentry.io	tryhackme.com
1	cdn.amplitude.com	tryhackme.com
1	cdn.optimizely.com	tryhackme.com
1	assets.customer.io	tryhackme.com
1	e.customeriomail.com	1 redirects
57	23

This site contains links to these domains. Also see Links.

Domain
store.tryhackme.com
twitter.com
www.linkedin.com
discord.com
www.facebook.com
www.youtube.com
instagram.com
www.pinterest.co.uk

Subject Issuer	Validity	Valid
tryhackme.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.customer.io Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
ingest.de.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
api.lab.amplitude.com E6	`2024-06-24` - `2024-09-22`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
assets.tryhackme.com Amazon RSA 2048 M03	`2024-01-28` - `2025-02-25`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://tryhackme.com/r/room/airplane
Frame ID: 423ADD95869D37E85B311E72422DA93E
Requests: 54 HTTP requests in this frame

Frame: https://tryhackme.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 02A0ABE741613DF83E9E52C20644936C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TryHackMe | Airplane

Page URL History Show full URLs

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVEsxUVVEQVBpNWxBSDN1WlFCQVpCYkVscExOd0xYNXVVVV83YTJ4... HTTP 302
https://tryhackme.com/r/room/airplane Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

57
Requests

95 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

23
IPs

2
Countries

3273 kB
Transfer

10361 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://store.tryhackme.com/
Title: Swag Shop

Search URL Search Domain Scan URL

URL: https://twitter.com/realtryhackme

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tryhackme/

Search URL Search Domain Scan URL

URL: https://discord.com/invite/tryhackme

Search URL Search Domain Scan URL

URL: https://www.facebook.com/people/Tryhackme/100069557747714/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRnWD3BsY5Co2MMETB7lHQw

Search URL Search Domain Scan URL

URL: https://instagram.com/realtryhackme

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/RealTryHackMe/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVEsxUVVEQVBpNWxBSDN1WlFCQVpCYkVscExOd0xYNXVVVV83YTJ4dz09IiwiaHJlZiI6Imh0dHBzOi8vdHJ5aGFja21lLmNvbS9yL3Jvb20vYWlycGxhbmUiLCJpbnRlcm5hbCI6ImNhZDUwNTUxYzcxMWY4Yjk5NDAxIiwibGlua19pZCI6NzIzNn0/bd3931b2ab32fa020f500af62c28147994ddc64374c789c7293c4e959144677b HTTP 302
https://tryhackme.com/r/room/airplane Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://tryhackme.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tryhackme.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

Request Chain 46

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

57 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request airplane Show response
tryhackme.com/r/room/
Redirect Chain

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVEsxUVVEQVBpNWxBSDN1WlFCQVpCYkVscExOd0xYNXVVVV83YTJ4dz09IiwiaHJlZiI6Imh0dHBzOi8vdHJ5aGFja21lLmNvbS9yL3Jvb20vYWlycGxhbmUiLCJpbnRlcm5hbCI6ImNhZDUw...
https://tryhackme.com/r/room/airplane

3 KB
2 KB

610ms
452ms

Document
text/html

2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfe6bd5ae39620264db90a18761a7aa9a1db31297f323c9a21f41e28abe4707

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a1a11100c385233-LAX
content-encoding: br
content-type: text/html
date: Thu, 11 Jul 2024 16:10:58 GMT
last-modified: Thu, 11 Jul 2024 14:32:43 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: bbt5+XOyRTp01boZYU76q4rxOThfjW+RjX3H5NP+sw2yMxejW66ve6ZMoHRx1aV2QdsE5UF4i6c=
x-amz-request-id: PWTM9YSWF12WNX9S

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
date: Thu, 11 Jul 2024 16:10:57 GMT
location: https://tryhackme.com/r/room/airplane
via: 1.1 google

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
947 B 474ms
170ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23fbc3f016b95a5aae84dc26e15de0969e6df6e60f40d3bb1ae7db8dd6ca7d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 16:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 16:10:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
2 KB 471ms
167ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,400&family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

611c0f4c5a45b03e9544f275284cb35dba88915bed5c37b5271266c1b10941aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 16:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:08:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 16:10:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
531 B 471ms
167ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bungee&display=swap

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

daaec1906c407789b2c144e862bbab9e44353e999b8376268141552d4f7c067c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 16:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 16:01:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 16:10:58 GMT

GET
H2 200 main.815ed3bf.js Show response
tryhackme.com/r/static/js/ 8 MB
2 MB 101ms
101ms Script
text/javascript 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b8872d462c47c9facce726adb6c725790513917c64d2459b929c09741259bf

Request headers

Referer: https://tryhackme.com/r/room/airplane
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:10:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 14:32:46 GMT
cf-bgj: minify
server: cloudflare
age: 5869
x-amz-request-id: EN7041JYFW8QT198
etag: W/"d5da81c1640e3e64ff3f0e1eeb1b5d27-2"
cf-polished: origSize=8728990
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8a1a11160baf5233-LAX
x-amz-id-2: FGR6S6SyVe8HTcOB54NnNc0VS0XhhE5yQskNMO9A3k8eViQDntFrr3dTuw+GaxTZe11wMGNqaA4=

GET
H2 200 main.b7b34309.css
tryhackme.com/r/static/css/ 35 KB
6 KB 112ms
111ms Stylesheet
text/css 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/r/static/css/main.b7b34309.css
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16e5028615a5515e816558d330a42aa23b84486306f6c0eabd21caaefd301fe

Request headers

Referer: https://tryhackme.com/r/room/airplane
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:10:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 10:07:48 GMT
cf-bgj: minify
server: cloudflare
age: 758
x-amz-request-id: DEV3TMREGQ7NT0VX
etag: W/"4935d55a56800e60097ab27dc061dbf1"
cf-polished: origSize=35484
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a1a111318695233-LAX
x-amz-id-2: 0aVxqtC8J5EBOB6uERbLNqaXV8QWKbe3FtcgLgEoioQ6eRKb4SsLF6TkmuXgdaYQP7roeji7g0c=

GET
H2 200 track-eu.js Show response
assets.customer.io/assets/ 7 KB
3 KB 451ms
142ms Script
application/javascript 2600:9000:266a:a00:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track-eu.js
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:a00:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7522401622d57760fd44e914b7a54c641d5c4356aae91c35bdc2ed0ef11f1f0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 18:56:19 GMT
x-amz-version-id: jUxUt_qUdX36U5sWuXWqnMcR930RxMa.
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 20:40:42 GMT
server: AmazonS3
via: 1.1 b4aed0fc17149bbf4e91539a66d546a0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
etag: W/"c73f650511262844608d2b9ed259c082"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
age: 76481
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6PoujLu-nNf7RndPOA4Bh1xNZJpfUiOpEEbwn-_qGLcc7u91L-DxQg==

GET
H2 200 csrf Show response
tryhackme.com/api/v2/auth/ 76 B
585 B 423ms
423ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/auth/csrf
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2a3358e59684192cdcd1c0294d893b7a38afbfbd6a6b571136361daf9542b847

Request headers

Referer: https://tryhackme.com/r/room/airplane
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"4c-2IK9/BEoua5HnZTslNgl8gNcs48"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a111ecd795233-LAX
x-robots-tag: noindex

GET
H2 403 24671560256.json Show response
cdn.optimizely.com/datafiles/ 243 B
957 B 520ms
221ms XHR
application/xml 2600:141b:5000:59e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/24671560256.json

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000:59e::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb1b1b8c33b643aba80bc15776ff2e413508a13284419f2e41f6a16f359d8c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:00 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 0S4SKA6BJC28JRF1
server-timing: cdn-cache; desc=MISS, edge; dur=68, origin; dur=8, cdn;desc="AkamaiION";dur=0,rtt;desc="141";dur=0,cdnip;desc="2600:141b:5000:59e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1720714260640_3088891582_1261123282_7605_2998_141_145_219";dur=1
content-length: 243
x-amz-id-2: 2p7zaqRNtyAVt1lWDTXp6igiNkAMEG1wn7XPPi/KwTnqN2KFja1vX2XObgtjOTntYpy8o8AQlDo=
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 604800
content-type: application/xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length
cache-control: max-age=118
access-control-allow-credentials: false
access-control-allow-headers: *

GET
H2 200 analytics-browser-2.4.0-min.js.gz Show response
cdn.amplitude.com/libs/ 64 KB
18 KB 2650ms
614ms Fetch
application/javascript 108.139.29.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-2.4.0-min.js.gz
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-40.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fedcc6e34694f3a5417ed9113180525de34fa7dce3dac8ed9f87e494537eab9

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 02 Jun 2024 10:33:48 GMT
content-encoding: gzip
via: 1.1 c4ce298584668e99f320a46c88c4a04a.cloudfront.net (CloudFront)
x-amz-version-id: Y2luVzwITpmqQSMdRJSBf4lsYEOFoPKO
x-amz-cf-pop: JFK50-P2
age: 3389836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17746
last-modified: Wed, 24 Jan 2024 22:53:48 GMT
server: AmazonS3
etag: "0fd4d24c8a5acde285e6d60fcb54ae7b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: M3ltqsRGTDZ50ejFqlNEIoMrOzOTg_wI591G7dSvVBGE2qxnTzxT_g==

POST
H2 200 / Show response
o4507096022450176.ingest.de.sentry.io/api/4507096429756496/envelope/ 2 B
299 B 647ms
209ms Fetch
application/json 34.120.62.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4507096022450176.ingest.de.sentry.io/api/4507096429756496/envelope/?sentry_key=175180b5f191796714d2f9138c06c76a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.110.1

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.62.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

213.62.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 16:11:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 hotjar-1950941.js Show response
static.hotjar.com/c/ 11 KB
5 KB 733ms
422ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1950941.js?sv=6

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

7d07b257dc11da4486078491d4e39cf7aaf62a023c1329c9551a4ab891e38314

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 16:10:23 GMT
via: 1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 38
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/dcae2831f8434ce96deff5e007e324e5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: X-_inW-l5ZndRtZN3ZiMpy1lAbLDgi8FjxJkdQXESC7zC7GNuFDJgQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 638ms
327ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPFM5LPL&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8da9340661b6b2b3929451a4797773544ba856cb9b8a7c07d11d64a7df331c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78096
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 16:11:01 GMT

GET
H2

200

main.js Show response
tryhackme.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 02A0
Redirect Chain

https://tryhackme.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tryhackme.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

83ms
83ms

Script
application/javascript

2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tryhackme.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Server

2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b248196a94049334e6bcb7657c4dbc5c67720f76391aa258b869e5c52a134b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a1a11242b6b5233-LAX

Redirect headers

date: Thu, 11 Jul 2024 16:11:01 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a1a11235a995233-LAX
content-length: 0

GET
BLOB 200
OK e082c72e-e309-4e69-b7d5-5f4572cd1874
https://tryhackme.com/ 10 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tryhackme.com/e082c72e-e309-4e69-b7d5-5f4572cd1874
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 10285
Content-Type

GET
H2 200 feature-flags Show response
tryhackme.com/api/v2/ 4 KB
1 KB 416ms
416ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/feature-flags
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d843b284799056360c1da46037d53408a3d0581a46774ba9e9487386642ee23b

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=7bae4e1e30d64ebbbd45d893d1ba849a,sentry-sample_rate=0.0027,sentry-sampled=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 7bae4e1e30d64ebbbd45d893d1ba849a-99e3220e20572457-0

Response headers

date: Thu, 11 Jul 2024 16:11:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"f16-nBumVBdcu5QRXcpiCKnpHvpV1+c"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a11242b745233-LAX
x-robots-tag: noindex

POST
H2 200 8a1a11100c385233 Show response
tryhackme.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 02A0 0
382 B 2059ms
2054ms XHR
text/plain 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/cdn-cgi/challenge-platform/h/g/jsd/r/8a1a11100c385233
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jul 2024 16:11:02 GMT
server: cloudflare
cf-ray: 8a1a11253cb55233-LAX
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 2477ms
405ms Script
application/javascript 18.164.96.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1950941.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-77.jfk50.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 892796
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aacIixuyIsROUqX6VIThJzX0GPeyyn6IL9MWN09MHiuEI8VVAoHmoQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 489ms
488ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z8D4WL3D4P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPFM5LPL&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6ca439fff86b6039835ee6ec7b18ebd33e61531682ee2f70297165a31df67bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 16:11:02 GMT

GET
H2 200 7168674.js Show response
js.hs-scripts.com/ 901 B
1 KB 1524ms
98ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/7168674.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPFM5LPL&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d2825aba38b2ecb243dc443dfde3291782d44b7ff3fe8efe0967f9ceb1ad5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 01aa764a-e76c-4920-8631-558cce820a2a
cf-polished: origSize=1009
age: 4
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 01aa764a-e76c-4920-8631-558cce820a2a
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 16:10:59 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://tryhackme.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-94hvq
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8a1a11337ec60cd3-LAX
expires: Thu, 11 Jul 2024 16:12:33 GMT

POST
H2 204 collect Show response
analytics.google.com/g/ 0
252 B 759ms
453ms Fetch
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z8D4WL3D4P&gtm=45je4790v890603083z89138706448za200zb9138706448&_p=1720714260969&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1854466296.1720714263&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720714262&sct=1&seg=0&dl=https%3A%2F%2Ftryhackme.com%2Fr%2Froom%2Fairplane&dt=TryHackMe%20%7C%20Cyber%20Security%20Training&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5413&_z=fetch
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:11:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryhackme.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 748ms
149ms Ping
text/plain 142.251.179.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z8D4WL3D4P&cid=1854466296.1720714263&gtm=45je4790v890603083z89138706448za200zb9138706448&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z8D4WL3D4P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:11:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryhackme.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 flags
flag.lab.amplitude.com/sdk/v2/ Frame 0
0 232ms
67ms Preflight 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://flag.lab.amplitude.com/sdk/v2/flags

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-library
Access-Control-Request-Method: GET
Origin: https://tryhackme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-library
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://tryhackme.com
access-control-max-age: 1800
age: 15
cache-control: no-store
content-length: 0
date: Thu, 11 Jul 2024 16:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66900409-03ee13b3040c260f3cf7efe6
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-served-by: cache-lax-kwhp1940070-LAX
x-timer: S1720714264.822322,VS0,VE1

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/v2/ Frame 0
0 425ms
200ms Preflight 2606:4700:4400::6812:24cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://tryhackme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://tryhackme.com
access-control-max-age: 86400
cache-control: no-store
cf-ray: 8a1a11355dff7c68-LAX
content-length: 0
date: Thu, 11 Jul 2024 16:11:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/v2/ Frame 0
0 425ms
201ms Preflight 2606:4700:4400::6812:24cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://tryhackme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://tryhackme.com
access-control-max-age: 86400
cache-control: no-store
cf-ray: 8a1a11355e027c68-LAX
content-length: 0
date: Thu, 11 Jul 2024 16:11:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 flags Show response
flag.lab.amplitude.com/sdk/v2/ 2 B
169 B 83ms
82ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://flag.lab.amplitude.com/sdk/v2/flags

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
Authorization: Api-Key client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Amp-Exp-Library: experiment-js-client/1.10.0

Response headers

date: Thu, 11 Jul 2024 16:11:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 46
x-cache: HIT
cache-tag: client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
content-length: 2
x-served-by: cache-lax-kwhp1940070-LAX
x-timer: S1720714264.898611,VS0,VE1
x-amzn-trace-id: Root=1-669003e9-12761619269af5e578da6b6e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tryhackme.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/v2/ 2 B
319 B 387ms
386ms Fetch
application/json 2606:4700:4400::6812:24cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
Authorization: Api-Key client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI2IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiI2MDM5OWE2Ny1lZjhjLTQ4ODMtOTgwYy02NGUwNGVmYjIyMzYiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 2
surrogate-key: client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
last-modified: Thu, 11 Jul 2024 16:11:04 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66900418-08c85c6531cd7ab64fefb986
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tryhackme.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8a1a11369f7e7c68-LAX
expires: Thu, 11 Jul 2024 20:11:04 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/v2/ 2 B
73 B 480ms
92ms Fetch
application/json 2606:4700:4400::6812:24cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
Authorization: Api-Key client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI2IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiI2MDM5OWE2Ny1lZjhjLTQ4ODMtOTgwYy02NGUwNGVmYjIyMzYiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
content-length: 2
surrogate-key: client-KsETFcRbQMN9hDMtAaA0aSSgCasMxJkv
last-modified: Thu, 11 Jul 2024 16:11:04 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66900418-08c85c6531cd7ab64fefb986
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tryhackme.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8a1a11390ae37c68-LAX
expires: Thu, 11 Jul 2024 20:11:04 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7168674/ 71 KB
26 KB 1193ms
97ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/7168674/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7168674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d79f40a57dd5f65ba71256c0c0066d96a699232b646f3f163a26b931c5b5cca

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:04 GMT
x-amz-version-id: FAYleKNbrTvBU_Qh7uGjQLp_r84sBmwo
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 975QA3B8EH41RAG4
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e77b0ba1-e4b5-4e0c-b52a-8bb82cd1c660
age: 46
x-envoy-upstream-service-time: 30
x-amz-id-2: 6ZQlzu10FJpqD9HOM2PJ4175us3XF1RwKXxzbxvNgY5Ak4mhCvdBPk3kQEZqHhkaW41ZtlwBrILJoSx67+/3LzvehcfQ+ikVeeUfUgYQkDg=
x-evy-trace-listener: listener_https
x-request-id: e77b0ba1-e4b5-4e0c-b52a-8bb82cd1c660
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 17 May 2024 14:50:33 GMT
server: cloudflare
etag: W/"01043e0216fb6b610c4b30f402025a6c"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://tryhackme.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a1a113afc332ef6-LAX
expires: Thu, 11 Jul 2024 16:15:18 GMT

GET
H2 200 7168674.js Show response
js.hs-analytics.net/analytics/1720714200000/ 67 KB
24 KB 240ms
88ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1720714200000/7168674.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7168674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a64a921703ea23eb6edbd19f498b1f3f4307630d67d601c6dcd7f3acdde47b2

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:03 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: H2045SYEXNAJ4XCP
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d2b0f91b-130a-4f42-ad14-1207c9f3236a
age: 4
x-envoy-upstream-service-time: 35
x-amz-id-2: uT5KuTFZRRFDJrONNHdZ8vvbCAotVVuDJIBgEmd11qxig0l8trNPmbYDOYLaTu2rqmAsO4nLfNw=
x-evy-trace-listener: listener_https
x-request-id: d2b0f91b-130a-4f42-ad14-1207c9f3236a
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 Jul 2024 18:02:30 GMT
server: cloudflare
etag: W/"c336a54217863758406718be68666534"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-zmwrp
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a1a11350a2c7cf5-LAX
expires: Thu, 11 Jul 2024 16:15:59 GMT

GET
H2 204 1950941 Show response
vc.hotjar.io/sessions/ 0
230 B 2329ms
986ms XHR
text/plain 18.164.96.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1950941?s=0.25&r=0.15016866884925362
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-97.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jul 2024 16:11:05 GMT
cache-control: no-store
via: 1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-amz-cf-id: UT2KLEuCBiwe1lj8Do3_8Uwa2F3euosqT1nvv6rz6yVwfbhgZY5V1w==
x-cache: Miss from cloudfront

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 1181ms
882ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,400&family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Jul 2024 07:54:53 GMT
x-content-type-options: nosniff
age: 548172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Jul 2025 07:54:53 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 936ms
638ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Jul 2024 07:59:50 GMT
x-content-type-options: nosniff
age: 547875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Jul 2025 07:59:50 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 1056ms
759ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 18:12:07 GMT
x-content-type-options: nosniff
age: 79138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 18:12:07 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 1353ms
1055ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 08:51:58 GMT
x-content-type-options: nosniff
age: 112747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 08:51:58 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 738ms
440ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 22:31:15 GMT
x-content-type-options: nosniff
age: 63590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 22:31:15 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 1352ms
1055ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tryhackme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 18:05:14 GMT
x-content-type-options: nosniff
age: 79551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 18:05:14 GMT

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43f5f26fce90b03b3262aee19fc9582dd7112603dbf983cc742d4659f13806d6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tryhackme_logo_full.svg
assets.tryhackme.com/img/logo/ 20 KB
21 KB 1353ms
446ms Image
image/svg+xml 2600:9000:23ca:2000:1f:54cc:9ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.tryhackme.com/img/logo/tryhackme_logo_full.svg
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:2000:1f:54cc:9ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8582638dc2f8a9a97d4c167892592c9757e357a284d6a34b6f1a9b40f63279ab

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:35:51 GMT
x-amz-version-id: k3.ejHgeOygRmc2i4j4uIxVlknpv9_Yc
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 14:30:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 5714
etag: "f7960ed89a507f28f0bcfc3e5c783532"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 20707
x-amz-cf-id: FAatatcQrF8hATLiYgc3ciNnQIZh0jQuJSyKws1fuygs81IohhhU9g==

GET
H2 200 details Show response
tryhackme.com/api/v2/rooms/ 3 KB
2 KB 482ms
476ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/rooms/details?roomCode=airplane
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1e73820665a782543131ac02b4673e2f23762b15054a07f5aa4dfd476c2f5c2b

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"bed-bE0EJLarnb3Guj3rCjrb7dw0c4k"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113a9fa75233-LAX
x-robots-tag: noindex

GET
H2 200 votes Show response
tryhackme.com/api/v2/rooms/ 54 B
451 B 597ms
592ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/rooms/votes?roomCode=airplane
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0a4fb826aa24a7c0a6a81ea9b88985f27f070386b3d4aab8547b25afb8c0a59

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"36-J2+yAUCT2cxaNL5ne+D22OdF3k8"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b988e5233-LAX
x-robots-tag: noindex

GET
H2 401 badges Show response
tryhackme.com/api/v2/ 43 B
406 B 608ms
603ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/badges
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2b-Rih9aWYMb4GwzEPSZO5wMUAD4eU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b988f5233-LAX
x-robots-tag: noindex
content-length: 43

GET
H2 401 experiments Show response
tryhackme.com/api/v2/users/ 43 B
460 B 586ms
583ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/users/experiments?experimentKeys[]=linkPathsPopUp
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2b-Rih9aWYMb4GwzEPSZO5wMUAD4eU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b98905233-LAX
x-robots-tag: noindex
content-length: 43

GET
H2 200 scoreboard Show response
tryhackme.com/api/v2/rooms/ 4 KB
1 KB 873ms
870ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/rooms/scoreboard?roomCode=airplane&limit=10
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d48c3acf1758716d1f203f5f3070db53bf0c9a7882e32a545039b9cccd767c3b

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"10ff-d9RHX3WGmMXJz63X4jefAuDK8Qk"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b98915233-LAX
x-robots-tag: noindex

GET
H2 200 glossary Show response
tryhackme.com/api/v2/ 104 KB
32 KB 872ms
870ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/glossary
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9899e8addce52c7c655f180c0256d08845dbd692e74b2c4373282d05635b0a0c

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"19f8f-8JyA0SSyECJku8nMhPeZB/5LimY"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b98925233-LAX
x-robots-tag: noindex

POST
H2 200 anonymous-page-view Show response
tryhackme.com/api/v2/analytics/ 32 B
427 B 589ms
587ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/analytics/anonymous-page-view
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 46062cc10aed23dfff73eab8b2bdb89f65c6f4b912a2eb2e31328cc9128e7559

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37
content-type: application/json

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"20-bff5r/a5MyNNWy9hjn8a8pOLDxA"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b98945233-LAX
x-robots-tag: noindex
content-length: 32

GET
H2 401 running Show response
tryhackme.com/api/v2/vms/ 43 B
437 B 578ms
576ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/vms/running
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2b-Rih9aWYMb4GwzEPSZO5wMUAD4eU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113b98955233-LAX
x-robots-tag: noindex
content-length: 43

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
137 KB

196ms
196ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9936123
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HS955K6MH7KD0PPX6XHHKQG7-lax
server: cloudflare
etag: "5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1a113f9c59dbc2-LAX

Redirect headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J2H8K5CVN734NMQ0P36FEQSB-lax
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 421
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8a1a113dd9dedbc2-LAX

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
307 B 1436ms
1435ms Fetch
application/json 54.201.104.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.201.104.32 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-104-32.us-west-2.compute.amazonaws.com

Software

Resource Hash

2961c33f9c8c5bf6d69a20da58feef84460d8e5787999c5bc7aaf153344bb1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jul 2024 16:11:06 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-6690041a-6599da690d6ed2bd7ecc0e94
content-length: 93

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 590ms
361ms Preflight 54.201.104.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.201.104.32 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-104-32.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tryhackme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 11 Jul 2024 16:11:05 GMT
strict-transport-security: max-age=15768000

GET
H2 200 default_tryhackme.png
assets.tryhackme.com/img/banners/ 19 KB
19 KB 978ms
604ms Image
image/png 2600:9000:23ca:2000:1f:54cc:9ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.tryhackme.com/img/banners/default_tryhackme.png
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:2000:1f:54cc:9ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ddfbf47b176637deff91eb7a1dd2c89a0bcf915b073dd19d84683d45c766f27

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:36:10 GMT
x-amz-version-id: CL6bsmMSHw_pOZM2cfuYYkHAbqFPYm8N
via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 14:29:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 5696
etag: "d24199263b65a0bfa3a552429aebc3af"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 19475
x-amz-cf-id: DIulvTkEa2bsBc1_LDvsGyK_u4TqdCZhyjolK5hoRHH7nOGqI1LUmQ==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1504aeddc505d04b465b5f551e70e66ebdbe12abedde5024dbb22584203e1d4e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tasks Show response
tryhackme.com/api/v2/rooms/ 460 B
685 B 345ms
345ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/rooms/tasks?roomCode=airplane
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4bd24e324ecda100a5b36d82a5534ca14066050ba346a349b1229375c5427b19

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"1cc-JJ9a2GuIaPo2m1oYP0w8h4msqd4"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a113deb995233-LAX
x-robots-tag: noindex

GET
H/1.1 200
OK 6b9f423bda07437c11975e4db7892bee.svg
tryhackme-images.s3.amazonaws.com/room-icons/ 41 KB
41 KB 932ms
235ms Image
image/svg+xml 52.218.98.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryhackme-images.s3.amazonaws.com/room-icons/6b9f423bda07437c11975e4db7892bee.svg
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.98.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6ec3dcc9cf40aa1fa550ec0097d3805e4c6695884a4f51d4a1c4f045670f82d

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 16:11:07 GMT
Last-Modified: Wed, 13 Dec 2023 13:34:02 GMT
Server: AmazonS3
x-amz-request-id: F2FM7V0JJXN4NNQX
ETag: "b5a770328ac4558ea3a625d69ea5c0cd"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 41555
x-amz-id-2: 0P8qK1lntCu1vinH7JpWVeSFZLMZDtttnwGVwpz3iBeEom9RngnDEu9zar2d8uoLwHcjri+EFeU=

GET
H/1.1 200
OK af7feb2c43a2c7d5f111b98ccbd15048.png
tryhackme-images.s3.amazonaws.com/user-avatars/ 22 KB
23 KB 1361ms
236ms Image
image/png 52.218.98.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryhackme-images.s3.amazonaws.com/user-avatars/af7feb2c43a2c7d5f111b98ccbd15048.png
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.98.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d9ecc2e1a1e6a4e8111228069fdf310b84b78b0293dac173bc2e3f69c2d0823

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 16:11:07 GMT
Last-Modified: Sun, 12 Jan 2020 11:33:53 GMT
Server: AmazonS3
x-amz-request-id: F2FGAVC3GJMJ9K0W
ETag: "36a0843d9be2e52c7998cbcc77fd9f62"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23030
x-amz-id-2: m6PqfgCuwrDGwNnFjT7NePztvA26T6+FO7cFIokEfley8z5cPHhAWFfK5mytSSjdcAsvudLV9Zk=

GET
H/1.1 200
OK 62dbac7f111b3d005326fc9e-1718131986793
tryhackme-images.s3.amazonaws.com/user-avatars/ 19 KB
0 1379ms
232ms Image
image/jpeg 52.218.98.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tryhackme-images.s3.amazonaws.com/user-avatars/62dbac7f111b3d005326fc9e-1718131986793
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/room/airplane
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.98.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 16:11:07 GMT
Last-Modified: Tue, 11 Jun 2024 18:53:08 GMT
Server: AmazonS3
x-amz-request-id: F2FRESYYCNCHE7EG
ETag: "c10321315d4eafee7130630ad1e3ea4e"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 103002
x-amz-id-2: DKaINYg6bGt6/YSTKc9lMDlOmCXgvtTNlnnDezn/wf2baiTBe4jh/lcbUxCaIm7oHPvNMC82two=

GET
H2 401 running Show response
tryhackme.com/api/v2/vms/ 43 B
495 B 749ms
748ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/vms/running
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2b-Rih9aWYMb4GwzEPSZO5wMUAD4eU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a1140dffa5233-LAX
x-robots-tag: noindex
content-length: 43

GET
H2 401 search-progress Show response
tryhackme.com/api/v2/hacktivities/ 43 B
422 B 735ms
734ms Fetch
application/json 2606:4700:10::6816:37e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tryhackme.com/api/v2/hacktivities/search-progress?roomCodes=airplane
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859

Request headers

csrf-token: hVApfVHZ-N7oVBCTIINR10xd3pFm3Q536OWA
Referer: https://tryhackme.com/r/room/airplane
baggage: sentry-environment=production,sentry-release=production-5d5068a,sentry-public_key=175180b5f191796714d2f9138c06c76a,sentry-trace_id=0f129efa4155419e8c99da104d5ddd4a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sentry-trace: 0f129efa4155419e8c99da104d5ddd4a-8cafdce7f03dcd37

Response headers

date: Thu, 11 Jul 2024 16:11:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2b-Rih9aWYMb4GwzEPSZO5wMUAD4eU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8a1a1148f9c75233-LAX
x-robots-tag: noindex
content-length: 43

POST
H2 204 collect Show response
analytics.google.com/g/ 0
54 B 556ms
555ms Fetch
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Z8D4WL3D4P&gtm=45je4790v890603083za200zb9138706448&_p=1720714260969&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1854466296.1720714263&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720714262&sct=1&seg=0&dl=https%3A%2F%2Ftryhackme.com%2Fr%2Froom%2Fairplane&dt=TryHackMe%20%7C%20Cyber%20Security%20Training&en=scroll&epn.percent_scrolled=90&_et=11&tfd=10428&_z=fetch
Requested by: Host: tryhackme.com
URL: https://tryhackme.com/r/static/js/main.815ed3bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tryhackme.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 16:11:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tryhackme.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff3138dd71edc03e92f2e2f542f67ecf5d73f2f1b13c6702d9ef49d88364ece7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tryhackme.com/	1969-12-31 23:59:59	Name: _csrf Value: X0PHtla-2n4HqQePs9OQS_IN
.tryhackme.com/	1970-01-21 07:34:34	Name: _ga Value: GA1.1.1854466296.1720714263
.tryhackme.com/	1970-01-21 07:34:34	Name: _ga_Z8D4WL3D4P Value: GS1.1.1720714262.1.0.1720714262.60.0.0
.tryhackme.com/	1970-01-21 06:44:10	Name: cf_clearance Value: 2z51b5ffiOX7Dh2yYaUF68MAk41vtUxZ9i3Dqlgo2UM-1720714262-1.0.1.1-i_K7PEeH_omiRAMmyPLGYtpw51MO4AXQ.gZXa5WKTr5h8NcmIpjshxICtfl3EhlGaarPQhtLY0v55KlmfyQhEA
.tryhackme.com/	1970-01-21 06:44:10	Name: AMP_d09a34bd2d Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI2MDM5OWE2Ny1lZjhjLTQ4ODMtOTgwYy02NGUwNGVmYjIyMzYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzIwNzE0MjYzNjI4JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyMDcxNDI2MzYyOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.tryhackme.com/	1970-01-21 06:44:10	Name: _hjSessionUser_1950941 Value: eyJpZCI6ImJiNzRlZTE2LWIzNTUtNWQxZi04NmFkLTc3NDFhNDkyZWI1YyIsImNyZWF0ZWQiOjE3MjA3MTQyNjQyMzEsImV4aXN0aW5nIjp0cnVlfQ==
.tryhackme.com/	1970-01-20 21:58:36	Name: _hjSession_1950941 Value: eyJpZCI6IjljMzBkMTQxLWExNWUtNDg1NC04ZDcyLWJmZDQzMGM2NzlhMyIsImMiOjE3MjA3MTQyNjQyMzIsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
tryhackme.com/	1970-01-20 22:08:39	Name: AWSALB Value: jjeKNMGr6lGsFTHiMO0iN0pX6P0uMNfNgu97AF94fjhD1io13Dfm3eOzcjuVmG3ljwyvC5bSB9DCc2REO+1bJRTRmF3/QGFqhV3JsM1NAqv5aE4P3U0BsV0JsTM6

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.optimizely.com/datafiles/24671560256.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://tryhackme.com/api/v2/vms/running Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://tryhackme.com/api/v2/users/experiments?experimentKeys[]=linkPathsPopUp Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://tryhackme.com/api/v2/badges Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://tryhackme.com/api/v2/vms/running Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://tryhackme.com/api/v2/hacktivities/search-progress?roomCodes=airplane Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
assets.customer.io
assets.tryhackme.com
cdn.amplitude.com
cdn.optimizely.com
e.customeriomail.com
flag.lab.amplitude.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
o4507096022450176.ingest.de.sentry.io
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tryhackme-images.s3.amazonaws.com
tryhackme.com
unpkg.com
vc.hotjar.io
www.googletagmanager.com
108.138.106.124
108.139.29.40
142.251.179.155
151.101.2.132
18.164.96.77
18.164.96.97
2600:141b:5000:59e::13b8
2600:9000:23ca:2000:1f:54cc:9ec0:93a1
2600:9000:266a:a00:11:9cfd:9400:93a1
2606:4700:10::6816:37e4
2606:4700:4400::6812:22e5
2606:4700:4400::6812:24cd
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6811:f9cb
2607:f8b0:4006:806::200e
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::200a
34.120.62.213
35.227.225.220
52.218.98.162
54.201.104.32
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d79f40a57dd5f65ba71256c0c0066d96a699232b646f3f163a26b931c5b5cca
0d9ecc2e1a1e6a4e8111228069fdf310b84b78b0293dac173bc2e3f69c2d0823
1504aeddc505d04b465b5f551e70e66ebdbe12abedde5024dbb22584203e1d4e
15d2825aba38b2ecb243dc443dfde3291782d44b7ff3fe8efe0967f9ceb1ad5c
1e73820665a782543131ac02b4673e2f23762b15054a07f5aa4dfd476c2f5c2b
23fbc3f016b95a5aae84dc26e15de0969e6df6e60f40d3bb1ae7db8dd6ca7d9a
2961c33f9c8c5bf6d69a20da58feef84460d8e5787999c5bc7aaf153344bb1f2
2a3358e59684192cdcd1c0294d893b7a38afbfbd6a6b571136361daf9542b847
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
43f5f26fce90b03b3262aee19fc9582dd7112603dbf983cc742d4659f13806d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b8872d462c47c9facce726adb6c725790513917c64d2459b929c09741259bf
46062cc10aed23dfff73eab8b2bdb89f65c6f4b912a2eb2e31328cc9128e7559
4bd24e324ecda100a5b36d82a5534ca14066050ba346a349b1229375c5427b19
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
611c0f4c5a45b03e9544f275284cb35dba88915bed5c37b5271266c1b10941aa
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bfe6bd5ae39620264db90a18761a7aa9a1db31297f323c9a21f41e28abe4707
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d07b257dc11da4486078491d4e39cf7aaf62a023c1329c9551a4ab891e38314
7ddfbf47b176637deff91eb7a1dd2c89a0bcf915b073dd19d84683d45c766f27
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8582638dc2f8a9a97d4c167892592c9757e357a284d6a34b6f1a9b40f63279ab
9899e8addce52c7c655f180c0256d08845dbd692e74b2c4373282d05635b0a0c
9a64a921703ea23eb6edbd19f498b1f3f4307630d67d601c6dcd7f3acdde47b2
9fedcc6e34694f3a5417ed9113180525de34fa7dce3dac8ed9f87e494537eab9
a7522401622d57760fd44e914b7a54c641d5c4356aae91c35bdc2ed0ef11f1f0
b248196a94049334e6bcb7657c4dbc5c67720f76391aa258b869e5c52a134b03
c8da9340661b6b2b3929451a4797773544ba856cb9b8a7c07d11d64a7df331c5
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d0a4fb826aa24a7c0a6a81ea9b88985f27f070386b3d4aab8547b25afb8c0a59
d136d36f0d2b9cf69a0d7cf10a532aaf6a71645a9401e19dbf639ff1c9304859
d48c3acf1758716d1f203f5f3070db53bf0c9a7882e32a545039b9cccd767c3b
d6ca439fff86b6039835ee6ec7b18ebd33e61531682ee2f70297165a31df67bc
d843b284799056360c1da46037d53408a3d0581a46774ba9e9487386642ee23b
daaec1906c407789b2c144e862bbab9e44353e999b8376268141552d4f7c067c
e16e5028615a5515e816558d330a42aa23b84486306f6c0eabd21caaefd301fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ec3dcc9cf40aa1fa550ec0097d3805e4c6695884a4f51d4a1c4f045670f82d
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
fb1b1b8c33b643aba80bc15776ff2e413508a13284419f2e41f6a16f359d8c9a
ff3138dd71edc03e92f2e2f542f67ecf5d73f2f1b13c6702d9ef49d88364ece7

tryhackme.com Open in urlscan Pro 2606:4700:10::6816:37e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

57 %IPv6

18 Domains

23 Subdomains

23 IPs

2 Countries

3273 kBTransfer

10361 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tryhackme.com Open in urlscan Pro
2606:4700:10::6816:37e4 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

23
IPs

2
Countries

3273 kB
Transfer

10361 kB
Size

8
Cookies

57 HTTP transactions
3 data transactions