ctf.hackthebox.com Open in urlscan Pro
109.176.239.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Submission: On October 23 via manual (October 23rd 2024, 9:09:59 pm UTC) from EG — Scanned from GB

Summary HTTP 132 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 30 domains to perform 132 HTTP transactions. The main IP is 109.176.239.69, located in Nottingham, United Kingdom and belongs to HTB-AS, GB. The main domain is ctf.hackthebox.com.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.

This is the only time ctf.hackthebox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	109.176.239.69 109.176.239.69	214618 (HTB-AS) (HTB-AS)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
3	34.98.107.242 34.98.107.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.244.18.80 18.244.18.80	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:886::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	52.20.195.32 52.20.195.32	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
5	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f26c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	18.245.46.55 18.245.46.55	16509 (AMAZON-02) (AMAZON-02)
1	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.80.32.50 54.80.32.50	14618 (AMAZON-AES) (AMAZON-AES)
1	15.197.143.135 15.197.143.135	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:984	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.32.36 216.239.32.36	() ()
132	46

33 109.176.239.69 (Nottingham, United Kingdom)

ASN214618 (HTB-AS, GB)

ctf.hackthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fygapokei.hackthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.107.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.107.98.34.bc.googleusercontent.com

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-80.fra56.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com

okt.hackthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f26c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.46.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-55.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.80.32.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-32-50.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:984 (United States)

ASN13335 (CLOUDFLARENET, US)

ingest.sentry.hackthebox.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	hackthebox.com ctf.hackthebox.com fygapokei.hackthebox.com — Cisco Umbrella Rank: 519126 okt.hackthebox.com — Cisco Umbrella Rank: 751313	1 MB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	8 KB
9	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 113	6 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	685 KB
8	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401	2 KB
7	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3146 downloads.intercomcdn.com — Cisco Umbrella Rank: 13331	536 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	23 KB
5	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 5087	318 B
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3554 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687 api.hubspot.com — Cisco Umbrella Rank: 5132 track.hubspot.com — Cisco Umbrella Rank: 2324	28 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	107 KB
4	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2183 api-iam.intercom.io — Cisco Umbrella Rank: 2649	11 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	3 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4618 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320 imgsct.cookiebot.com — Cisco Umbrella Rank: 5372	122 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
3	recurly.com js.recurly.com — Cisco Umbrella Rank: 12708 api.recurly.com — Cisco Umbrella Rank: 21939	104 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	1 KB
2	t.co t.co — Cisco Umbrella Rank: 859	1 KB
1	hackthebox.eu ingest.sentry.hackthebox.eu — Cisco Umbrella Rank: 683990	356 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3796	927 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3483	835 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2191	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2172	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3176	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5048	26 KB
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 37857	4 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2500	909 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	gstatic.com www.gstatic.com	216 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
132	30

	Domain	Requested by
24	ctf.hackthebox.com	ctf.hackthebox.com
9	www.facebook.com	1 redirects ctf.hackthebox.com
9	fygapokei.hackthebox.com	ctf.hackthebox.com fygapokei.hackthebox.com
8	www.googletagmanager.com	ctf.hackthebox.com www.googletagmanager.com www.google-analytics.com js.hsadspixel.net
6	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
6	www.google.com	ctf.hackthebox.com www.gstatic.com
5	www.google.co.uk	ctf.hackthebox.com
5	td.doubleclick.net	www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com ctf.hackthebox.com
4	use.typekit.net	ctf.hackthebox.com use.typekit.net
3	api-iam.intercom.io	js.intercomcdn.com
3	stats.g.doubleclick.net	www.googletagmanager.com ctf.hackthebox.com
3	px.ads.linkedin.com	1 redirects ctf.hackthebox.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	region1.analytics.google.com	ctf.hackthebox.com
2	api.hubspot.com	ctf.hackthebox.com
2	analytics.twitter.com	ctf.hackthebox.com
2	t.co	ctf.hackthebox.com
2	region1.google-analytics.com	ctf.hackthebox.com
2	consent.cookiebot.com	ctf.hackthebox.com consent.cookiebot.com
2	js.recurly.com	ctf.hackthebox.com
1	ingest.sentry.hackthebox.eu	ctf.hackthebox.com
1	downloads.intercomcdn.com
1	track.hubspot.com
1	imgsct.cookiebot.com
1	widget.intercom.io	fygapokei.hackthebox.com
1	perf-na1.hsforms.com	ctf.hackthebox.com
1	api.hubapi.com	ctf.hackthebox.com
1	cta-service-cms2.hubspot.com	ctf.hackthebox.com
1	px4.ads.linkedin.com	ctf.hackthebox.com
1	okt.hackthebox.com	static.oktopost.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	static.oktopost.com	ctf.hackthebox.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	api.recurly.com	ctf.hackthebox.com
1	www.gstatic.com	www.google.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	ctf.hackthebox.com
132	46

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
business.safety.google
legal.hubspot.com
twitter.com
www.linkedin.com
www.intercom.com
www.facebook.com

Subject Issuer	Validity	Valid
hackthebox.com WE1	`2024-08-30` - `2024-11-29`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.recurly.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-06-04`	10 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-02` - `2024-10-31`	3 months	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.oktopost.com Amazon RSA 2048 M02	`2024-07-29` - `2025-08-28`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-19` - `2025-08-18`	a year	crt.sh
okt.hackthebox.com R10	`2024-09-25` - `2024-12-24`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.google.co.uk WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hubapi.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
intercom-attachments-10.com Amazon RSA 2048 M03	`2024-06-08` - `2025-07-06`	a year	crt.sh
hackthebox.eu E6	`2024-10-09` - `2025-01-07`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Frame ID: 58CDA5C41B56DD77825412BFD24C13B9
Requests: 118 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fctf.hackthebox.com
Frame ID: 4EDE1629D4CADCE19523069EFFB37DDC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfkf8MUAAAAAIlUexmcCT-cBqqb9Q_x2kYcpreU&co=aHR0cHM6Ly9jdGYuaGFja3RoZWJveC5jb206NDQz&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=xsl4jnpi66k1
Frame ID: BEEFEF37E587FCC43E757C3EA929B48F
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 4678E0453DD1F2A0095C40E8546B3171
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/757546894?random=1729717794364&cv=11&fst=1729717794364&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 473CCD0A634FCE932D33C32FC0E9DFC1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/757546894?random=1729717794391&cv=11&fst=1729717794391&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 4929004BD702E9F28A8673D79BB06DBF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-BFR4KR7D60&gacid=387847818.1729717794&gtm=45je4ah0v9136092264za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101794737~101823848&z=29592396
Frame ID: 7602679A93D58EE9BB9E3E01AE91AEE9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/757546894?random=1729717795050&cv=11&fst=1729717795050&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339za200zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&did=dMWZhNz%2CdZTQ1Zm&gdid=dMWZhNz.dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: BDF80728CD45E0E9C5C587BFB925568A
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.68cbc9f2.js
Frame ID: 225DB002061012FC6EDD6A08BFD556E5
Requests: 9 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-DNFM29HYQ4&gacid=387847818.1729717794&gtm=45je4ah0h1v9126121099za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101794737~101823848&z=758417942
Frame ID: F303BBE405FCAF4B6E4D66B99C41A11B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HTB - Capture The Flag

Detected technologies

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

132
Requests

98 %
HTTPS

47 %
IPv6

30
Domains

46
Subdomains

46
IPs

5
Countries

3323 kB
Transfer

10730 kB
Size

33
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Google

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy
Title: Hubspot

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Inc.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.intercom.com/terms-and-policies#privacy
Title: Intercom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Meta Platforms, Inc.

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&e_ipv6=AQLFeRyMQOruzAAAAZK7NvdxpU1waI82H4ubjCYgbpLtbkE7lp5FSWEdnWvADMIWduEV8Ug

Request Chain 99

https://www.facebook.com/tr/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794843&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1729717794416&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1729717794663.54600582242716252&o=12318&ec=1&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.173&sh=1200&sw=1600&ts=1729717794843&if=false&rl=&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ev=PageView&id=2910598162406194

132 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request login Show response
ctf.hackthebox.com/ 5 KB
3 KB 173ms
135ms Document
text/html 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

bd51f8ff9d264a4b26ff416a06c0c0969df51b9c8d8dff131f495d340578eef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://ctf.hackthebox.eu
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d74b5f0baf3bd80-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 21:09:53 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 ryt3opf.css
use.typekit.net/ 10 KB
1 KB 198ms
36ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ryt3opf.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ce2c4e3790d580c8b19ce4f9634be0fc5000f33a0a3c6d2b93fff82cea3db86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1154
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 145ms
46ms Script
text/javascript 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

ESF /

Resource Hash

667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 21:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 23 Oct 2024 21:09:53 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 437 KB
103 KB 117ms
27ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.js
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 53ededee0a1d91ad8a2f86a7726d7e11e92eaca1a12c84863718f6335b477062

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: public,max-age=3600
content-encoding: gzip
etag: W/"67005593-6d22c"
age: 167
access-control-allow-credentials: false
access-control-allow-methods: GET
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105029
date: Wed, 23 Oct 2024 21:07:06 GMT
last-modified: Fri, 04 Oct 2024 20:52:35 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding

GET
H2 200 recurly.css
js.recurly.com/v4/ 544 B
782 B 116ms
27ms Stylesheet
text/css 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.css
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: public,max-age=3600
etag: "67005595-220"
age: 3137
access-control-allow-credentials: false
access-control-allow-methods: GET
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 544
date: Wed, 23 Oct 2024 20:17:36 GMT
last-modified: Fri, 04 Oct 2024 20:52:37 GMT
content-type: text/css
server: nginx

GET
H3 200 app-e0736d51.css
ctf.hackthebox.com/build/assets/ 937 KB
128 KB 169ms
168ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

e47be120b0bbd8ff8464ab1062fe9322d4d71c08e9dfa3c2546d959b501e7436

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-ea5f7"
age: 2482
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:53 GMT
cf-polished: origSize=959991
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f19c11bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 app-eab3de37.css
ctf.hackthebox.com/build/assets/ 314 KB
40 KB 58ms
57ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/app-eab3de37.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

d825c0d315df557770c7bab47d4e1a00eacb92b69db886aefa09e8188bfa5729

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-4eb3a"
age: 4606
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:53 GMT
cf-polished: origSize=322362
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f19c12bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 app-3dc411e1.js Show response
ctf.hackthebox.com/build/assets/ 2 MB
592 KB 108ms
107ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6a485235f956e6c092a90af9325792dedbb3d17104b6a26c501ed52586be81

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-26a80a"
age: 728
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:53 GMT
cf-polished: origSize=2533386
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f19c16bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 85ms
34ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d74b5f38c02773d-LHR
access-control-allow-origin: *
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
119 KB 133ms
56ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

296d6893e3576a164a33ade7637c3f49d2bd4fb0341f517cda8ca7476d7e8582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 21:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120816
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 63ms
37ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ryt3opf&ht=tk&f=27815.39512.39516.39518.39521.39523.40863.40866.40868.40878.40879.40881.40890&a=85813155&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f74c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Wed, 23 Oct 2024 21:09:53 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 96ms
35ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
age: 31468
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 12:25:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 12:25:25 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H3 200 htb-anal.min.js Show response
fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/ 103 KB
29 KB 142ms
130ms Script
text/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c92f342c57c2372e6241dabeba6a8297c7caeb22e31f99b68d34608e263e29d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"34e34568c8f704e9b3cb48e285d43941"
x-amz-version-id: 8DcGJU3jqlK1Gcs7mOKHBWJ7P8uNcdvd
access-control-allow-methods: GET, HEAD
expires: Thu, 24 Oct 2024 05:09:53 GMT
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: RTGaEO5Cdj6oiG1GNKEj5H0ExraQbNboKCpcoP2u9Xfe7dkMF9jGsw==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 22:43:16 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: public, max-age=28800
via: 1.1 4c36faabfc67dbcb121ad26f9612cc3a.cloudfront.net (CloudFront)
cf-ray: 8d74b5f3df3ebd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
970 B 47ms
46ms Script
text/javascript 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

ESF /

Resource Hash

ef9a3f7202cba14fc1238b079f8ff4f90cd7869b8ab0cdcdae2063373d10b483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 21:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 23 Oct 2024 21:09:53 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 110 KB
34 KB 138ms
50ms Script
application/javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=c6744560-9be5-4645-9305-83ef9e0b993d
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=120
content-encoding: gzip
etag: "42d4c62e8219db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Wed, 23 Oct 2024 21:11:54 GMT
accept-ranges: bytes
content-length: 34533
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 13:01:25 GMT
vary: Accept-Encoding

GET
H2 200 info Show response
api.recurly.com/js/v1/risk/ 105 B
533 B 177ms
114ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/risk/info?version=4.32.0&key=ewr1-ZnWo6diSl0nB3aA5fqeliX&deviceId=QdzX5pWMtr8IQqV9&sessionId=UHJQSUfM8p7bk0Su&instanceId=QnDaTobSWkAuc20m
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6604083ae71cc792724fc7044fad943a093c8f92616af02eb1b336a1c2995f72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-request-id: f86823c2-bfbf-469b-8adb-cee275d22163
cache-control: max-age=0, private, must-revalidate
etag: W/"6604083ae71cc792724fc7044fad943a"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/json; charset=utf-8
vary: Accept
server: nginx
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With, Recurly-Credential-Checkout-Hostname

GET
H3 200 Login-25d6213b.js Show response
ctf.hackthebox.com/build/assets/ 7 KB
3 KB 82ms
78ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/Login-25d6213b.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1504c05d8c284b67765fead1043d40c118e8cb1ec352cf24ffd18bd44f0fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-1dc9"
age: 953
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=7625
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48804bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 AuthPage-eb856fa4.js Show response
ctf.hackthebox.com/build/assets/ 739 B
940 B 80ms
75ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/AuthPage-eb856fa4.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

e7df89359526cb5147f130526a4e2363c75dd9c443faa6ee745e1826936a9384

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-2e4"
age: 147
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=740
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48806bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 Footer-44ea3837.js Show response
ctf.hackthebox.com/build/assets/ 2 KB
1 KB 90ms
86ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/Footer-44ea3837.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5d77f441dc108978e566d1c8b2468ffeac36d028349ad387ef1242156cc7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-6fe"
age: 696
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=1790
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48807bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 urls-c2050826.js Show response
ctf.hackthebox.com/build/assets/ 957 B
903 B 53ms
51ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/urls-c2050826.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

d9cecb8407f1c1bcb730b2cb5960933d42f24205db904ffc3b1102abba02cb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-3be"
age: 6514
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=958
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48808bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 AuthPage-03ec9ecf.css
ctf.hackthebox.com/build/assets/ 357 B
611 B 73ms
71ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/AuthPage-03ec9ecf.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ea64c3c3ff820dbb890a70e4cf4f02a8111572a2d08adcac3ed2708b391017

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-166"
age: 6212
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=358
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f4880cbd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 trackers-92468ac0.js Show response
ctf.hackthebox.com/build/assets/ 259 B
637 B 98ms
96ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/trackers-92468ac0.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

a408d8fdc865b06db7ea084be9b199dce1579544eef05b4a8a60cd7cedf0a6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-104"
age: 953
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=260
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48811bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VDivider-a6f26359.js Show response
ctf.hackthebox.com/build/assets/ 1 KB
1 KB 117ms
116ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VDivider-a6f26359.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

77bb4ed7e5857c9c4f17a488a51b229064b948b5bb068abc53aa2857077dad0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-46f"
age: 728
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=1135
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48812bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VDivider-628a82e2.css
ctf.hackthebox.com/build/assets/ 836 B
803 B 106ms
104ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VDivider-628a82e2.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

4e28794513335baa98a8cf9adf7895191975f1e2b49a55cf118b480d83c621b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-34f"
age: 242
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=847
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48816bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VCheckbox-395d767e.js Show response
ctf.hackthebox.com/build/assets/ 983 B
1 KB 88ms
86ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VCheckbox-395d767e.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

03ea7138f3ba379ef7505049fe2a9773c171e5cddf4bc3ad2dfeeeb4914b38c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-3d8"
age: 147
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=984
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48817bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VCheckboxBtn-841b0da5.js Show response
ctf.hackthebox.com/build/assets/ 939 B
955 B 79ms
77ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VCheckboxBtn-841b0da5.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

5efe790f6749376bd250b36fe68321ccdcb439a80ba18fe387ca2b8877e5e231

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-3ac"
age: 530
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=940
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f4881abd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VSelectionControl-1388207d.js Show response
ctf.hackthebox.com/build/assets/ 5 KB
2 KB 92ms
90ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VSelectionControl-1388207d.js

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

457bc376503701df8b0c3e1f0abccfe97a4a1ab37c217e512827695da98e99eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-1364"
age: 530
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=4964
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f4881cbd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VSelectionControl-ba4fdf84.css
ctf.hackthebox.com/build/assets/ 2 KB
1 KB 80ms
79ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VSelectionControl-ba4fdf84.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

c63e0950b6f0d631f9c46e7473ec197c5c985b59174807a012fe5d4bace63844

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-96a"
age: 5352
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=2410
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f4881ebd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 VCheckbox-547dff60.css
ctf.hackthebox.com/build/assets/ 108 B
533 B 102ms
101ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/VCheckbox-547dff60.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

61e54e1cca8c4cc3a0d50af26d84ea9015e205bed44c89a3d8af5673c93ee69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-6d"
age: 6540
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=109
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48821bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 Login-cb7e13c3.css
ctf.hackthebox.com/build/assets/ 974 B
779 B 81ms
79ms Stylesheet
text/css 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/Login-cb7e13c3.css

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc0d620961d23877b7f4f19893f34cf07bf92a070d1ea8933e3fb2bb1bc3139

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188107-3cf"
age: 885
cf-bgj: minify
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
cf-polished: origSize=975
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f48822bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 settings Show response
fygapokei.hackthebox.com/v1/projects/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/ 2 KB
2 KB 142ms
109ms Fetch
application/json 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/v1/projects/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/settings
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: f5cfa4dea571178ea50a2704a4a7b65a6f62e813df946b655ebafff6248d1c64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"2966c091724d07ab7bd21246d9c4b69c"
age: 10084
x-amz-version-id: FmDFphc_2E_G9bxw4MMGvQ2aRnN7nRB3
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PWuTueTXcV5DN14gpeTlba7B5AWlZACOyOjxpiQL8CtTJJUzUi9TGA==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/json; charset=utf-8
last-modified: Thu, 25 Jul 2024 21:49:30 GMT
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 b17ae12a9b26d355791fb59ca965e382.cloudfront.net (CloudFront)
cf-ray: 8d74b5f509a43858-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
104 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKKV7WGJ6V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b18141d6987164f2b5f8de9d9448758f142feda9faffb56ae31b8108c29f610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 21:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105958
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
age: 6219
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 21:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 19:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 146ms
37ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: max-age=52983
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 23 Oct 2024 21:09:54 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-757546894&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f77de9e9c6d25d39914e9852e81a6b5762fc53eaed2f25819dea96f553b8f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 21:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89547
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 132ms
37ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Wed, 23 Oct 2024 21:09:54 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220121-FRA
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 79ms
36ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: kV/0VsE0AtaIEvtCyGbg8ciryEx8flXN5x2i2yPM3sm9skiu8W7fMCxae4KP2y1rVU88Dztu/fIHXux9gttCwQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 5514032.js Show response
js.hs-scripts.com/ 2 KB
909 B 131ms
63ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5514032.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74588c20d419f3789dd9ac59288d53a510f52c6df8a67a292dc6bd8ead60395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 21:11:24 GMT
cf-polished: origSize=2447
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: c902b9bf-43fe-4e14-9abd-68525623ede1
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Wed, 23 Oct 2024 21:08:38 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8d74b5f588fc35de-LHR
access-control-allow-origin: https://www.hackthebox.com
server: cloudflare

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 142ms
39ms Script
application/javascript 18.244.18.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
age: 66350
via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: jhXyJufvFL9-yJ7cddTpK3b8bF5wLztiG0OTuiLikesjqTwvANBMDQ==
date: Wed, 23 Oct 2024 02:44:04 GMT
content-type: application/javascript
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
vary: Accept-Encoding

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 4EDE 0
0 105ms
33ms Document
text/html 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fctf.hackthebox.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 170348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 21:50:46 GMT
expires: Tue, 21 Oct 2025 21:50:46 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame BEEF 0
0 138ms
63ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfkf8MUAAAAAIlUexmcCT-cBqqb9Q_x2kYcpreU&co=aHR0cHM6Ly9jdGYuaGFja3RoZWJveC5jb206NDQz&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=xsl4jnpi66k1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ryudMaz_uUU7Lk9GYwbU-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ryudMaz_uUU7Lk9GYwbU-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 l
use.typekit.net/af/d7f1e9/00000000000000007735bb2a/30/ 35 KB
35 KB 154ms
41ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d7f1e9/00000000000000007735bb2a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b5e5eda757620af1c1e30b3c91cf2ca577c5b2c875b34c72b7f79dba61f8e871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://use.typekit.net/ryt3opf.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "745ae44ca8ec3614bd21fdb40f1ed2d23d46ad2d"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35524
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 key-02.svg
ctf.hackthebox.com/build/images/icons/various/ 2 KB
1 KB 74ms
73ms Image
image/svg+xml 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctf.hackthebox.com/build/images/icons/various/key-02.svg

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b6ced815028609e30a4be158b731d5727e6f8661e6cf2a6306015b06badf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188104-620"
age: 6211
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Oct 2024 04:52:20 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f60a2bbd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 stars-01.svg
ctf.hackthebox.com/build/images/icons/various/ 3 KB
1 KB 74ms
73ms Image
image/svg+xml 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctf.hackthebox.com/build/images/icons/various/stars-01.svg

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa2f2a884f83eec3a5b88e2afa5b4df2828ffbe12d3ac94dc74d757387e092d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67188104-af7"
age: 2592
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Oct 2024 04:52:20 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f60a2dbd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H2 200 l
use.typekit.net/af/579a71/00000000000000007735bb24/30/ 35 KB
35 KB 128ms
83ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/579a71/00000000000000007735bb24/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bddf66b5f26a66effd28744bc765ca694571690d8234908b4ac85814a6dfeb88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://use.typekit.net/ryt3opf.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "eb1f597302586830c52324102d75cf026ce677cb"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35476
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/92a736/00000000000000007735bb14/30/ 36 KB
36 KB 92ms
47ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/92a736/00000000000000007735bb14/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryt3opf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e64f39e509fcb7ecfef9df42c42514e0f8b05e706108c0b97829449f970e3515

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://use.typekit.net/ryt3opf.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "12f199cc757e537295001d19518257ff45040b53"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 36524
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 materialdesignicons-webfont-662fefa8.woff2
ctf.hackthebox.com/build/assets/ 394 KB
394 KB 79ms
78ms Font
application/octet-stream 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/build/assets/materialdesignicons-webfont-662fefa8.woff2?v=7.4.47

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/build/assets/app-e0736d51.css

Response headers

cf-cache-status: HIT
etag: "67188107-62710"
age: 4187
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/octet-stream
last-modified: Wed, 23 Oct 2024 04:52:23 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f61a45bd80-LHR
accept-ranges: bytes
access-control-allow-origin: https://ctf.hackthebox.com
content-length: 403216
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 4678 0
0 119ms
38ms Document
text/html 2a02:26f0:3500:886::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c6744560-9be5-4645-9305-83ef9e0b993d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31297270
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:54 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 21 Oct 2025 02:51:04 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729717794328_388276619_10728133_20_718_35_39_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/c6744560-9be5-4645-9305-83ef9e0b993d/ 299 KB
87 KB 114ms
112ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/c6744560-9be5-4645-9305-83ef9e0b993d/cc.js?renew=false&referer=ctf.hackthebox.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c6744560-9be5-4645-9305-83ef9e0b993d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d27e2250f6eb0dd7c0ae3de14761d23645c55a0652ab66c7547720f923efbd61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: private, max-age=1200
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 89012
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 21:09:54 GMT
vary: Accept-Encoding

GET
H3 200 htbctf-logo.svg
ctf.hackthebox.com/images/icons/logos/ 11 KB
5 KB 92ms
91ms Image
image/svg+xml 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctf.hackthebox.com/images/icons/logos/htbctf-logo.svg

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

1696e29709bb8ecb13a6d7cabfa560cd8fc7ee0fbbcade50b3c996c25aeb76be

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"671880bc-2ae5"
age: 4428
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:54 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Oct 2024 04:51:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5f64a89bd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
545 B 102ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TKKV7WGJ6V&gtm=45je4ah0v885060163z8857460747za200zb857460747&_p=1729717793591&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&cid=387847818.1729717794&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729717794&sct=1&seg=0&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dt=HTB%20-%20Capture%20The%20Flag&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=971
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/ 5 KB
2 KB 125ms
58ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/?random=1729717794364&cv=11&fst=1729717794364&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-757546894&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

20d5fa6c0b9abb911697397019eb4706c13adf4e365b4ed3bb3b4586b0f05d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2376
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 757546894
td.doubleclick.net/td/rul/ Frame 473C 0
0 144ms
59ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/757546894?random=1729717794364&cv=11&fst=1729717794364&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-757546894&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/ 5 KB
2 KB 102ms
57ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/?random=1729717794391&cv=11&fst=1729717794391&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-757546894&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

426a1263f301c6d4653de5bb6c6df4526f7012d11c4c93331f9696fb256001b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2374
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 757546894
td.doubleclick.net/td/rul/ Frame 4929 0
0 139ms
60ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/757546894?random=1729717794391&cv=11&fst=1729717794391&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-757546894&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2910598162406194 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 173ms
173ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2910598162406194?v=2.9.173&r=stable&domain=ctf.hackthebox.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ce3d856e3141f0575c6f52b7c1284ca5d0869d0607f1fd2bd64a7beeec2dd670

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=75, mss=1232, tbw=68025, tp=65, tpl=0, uplat=138, ullat=0
pragma: public
x-fb-debug: FRqik7FPnqT1p1nBWP94B9MyKq6GsKofrhnWYx90elAHLTJai6WZmbCbHvA0A19+IkW5AOCOljSg4zP3sdh+lA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 138ms
63ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ctf.hackthebox.com
Referer: https://ctf.hackthebox.com/

Response headers

x-request-id: 2ee34c07-78fc-49c9-92c6-bca263b7ac57
content-encoding: gzip
cf-cache-status: HIT
etag: W/"83516cb36bba59046b931d3496c56b0c"
x-amz-version-id: ZQMS1VbFbWDZoJKZTG5NvZHBA.3vkImQ
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3D8wYffRAr%2B9Ll5T6G%2FP%2FTX9s%2FSN0tQlV9718VDw7sG6MnbLvjc5%2FxQJjPTR%2Blo9Jxx%2BLY9VLtdsWE2sCluLjnEp4BPR7cbvHnPySs%2BOIieWZ0oYpFcgqJiID5f%2BWcrpyf2SxteCVEGnVjiv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: IFXPH012o_YXSj7NMl816eiD1YtQ4K_LdNnJ8mCzcErXsADZZWuP0w==
x-hubspot-correlation-id: 2ee34c07-78fc-49c9-92c6-bca263b7ac57
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 19:28:29 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-s7fln
x-envoy-upstream-service-time: 11
x-hs-target-asset: web-interactives-embed/static-2.1607/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Wed, 23 Oct 2024 21:09:54 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1607/bundles/project.js&cfRay=8d6c02e2b8d2b9b7-CDG
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-ray: 8d74b5f7aaed7326-LHR
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 137ms
48ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be4c2df7752dc4274589e7b65d5dd6d893e3c0619417a461dab0b61018719bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 3b6ae7d3-9aa5-4f4f-b414-40f61c96a233
content-encoding: gzip
cf-cache-status: HIT
etag: W/"ca7bd5104f866dc147cdff83335d7287"
x-amz-version-id: xOABwZAmYNqD6NP87b30Ns4FoFcT9gei
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age: 326
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: k_sbHUIrhsnA9NzeIwGGggMaH4EUlVlClRPvVtbn2WGvNubDW11maQ==
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: 3b6ae7d3-9aa5-4f4f-b414-40f61c96a233
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 15:39:05 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-2hwgm
x-envoy-upstream-service-time: 5
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18426/bundles/project.js&cfRay=8d73fdda6e4d0bb0-AMS
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-ray: 8d74b5f7cbeacd70-LHR
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18426/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 137ms
48ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: b72e7f16-1cbd-42ab-a152-1f4150ea2423
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0df6051fb4e3e5c67b55de874a5fe993"
x-amz-version-id: KtgVA4GHJgyUOPf7T5TRgmfap.5FKp0l
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 464
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: 7f6NeL_oMtYtFz4sKxTzqVcq6xOdGKMzwk2Dz41p54bdxpgC13cJMA==
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: b72e7f16-1cbd-42ab-a152-1f4150ea2423
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Oct 2024 14:24:42 UTC
vary: Accept-Encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-x4vlr
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.605/bundles/pixels-release.js&cfRay=8d6460c0fcad4ed6-AMS
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
cf-ray: 8d74b5f7cbb4bf0d-LHR
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.605/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5514032/ 72 KB
26 KB 140ms
52ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5514032/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e9bfd6a18689ddf26e16b59390271a9b81ddaecae535317df2730182dff9fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 41b91d76-110d-48f2-b66e-3b5a442309dc
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5ce6291a7987c2a9333c5d1cdeeea936"
x-amz-version-id: zWl_zEZfLjqnW_I7Shds0q4sRBc1UJ9c
age: 206
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Wed, 23 Oct 2024 21:08:54 GMT
x-evy-trace-listener: listener_https
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: 41b91d76-110d-48f2-b66e-3b5a442309dc
content-type: text/javascript; charset=UTF-8
last-modified: Fri, 20 Sep 2024 19:33:25 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Wk2C8fGB/MovwqlY0tuYZntU7gx7N3Y+wUw2VquDAJ3BNlujZYfNY6DWLcpNKkG0Y164+HH2JhQ=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-m7fc4
x-envoy-upstream-service-time: 75
access-control-allow-credentials: true
x-amz-request-id: 9RWMC69YPQJCMN7F
cf-ray: 8d74b5f7cad976e3-LHR
access-control-allow-origin: https://academy.hackthebox.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5514032.js Show response
js.hs-analytics.net/analytics/1729717500000/ 69 KB
25 KB 118ms
44ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1729717500000/5514032.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5514032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e375ff1075fca5c444ce4b50e15948c3e3cec438086de08d426536e0cfeafff4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: a6e0e039-498b-4061-99d4-48a406789a51
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8193010fbb73f7b419373a88afd8c3af"
x-amz-version-id: null
age: 206
expires: Wed, 23 Oct 2024 21:10:26 GMT
x-evy-trace-listener: listener_https
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: a6e0e039-498b-4061-99d4-48a406789a51
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:45:18 GMT
vary: origin, Accept-Encoding
x-amz-id-2: JwdggIn0453HO4u21hN12F72srMq4nXq4tPpHe3dUfzO9h1cyUt1gmwyHSMtgnDsmynSExwnxlk=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-4gzdf
x-envoy-upstream-service-time: 23
access-control-allow-credentials: false
x-amz-request-id: 0H6PXG6DG6K9MZSF
cf-ray: 8d74b5f7adb76361-LHR
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 adsct
t.co/1/i/ 43 B
474 B 306ms
226ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=def10001-ff90-4676-ad95-6b5047472928&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=752151a6-5617-4092-8977-8522ef1599df&tw_document_href=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&tw_iframe_status=0&txn_id=o4mx1&type=javascript&version=2.3.30

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: fa05b78f64101f04
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 87b6abb82334fef95b5d163b05258dce58c228fa683cac9ba0fe476853927fe5
cf-cache-status: DYNAMIC
cf-ray: 8d74b5f7cb0e768b-LHR
x-response-time: 183
content-length: 43
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
547 B 295ms
215ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=def10001-ff90-4676-ad95-6b5047472928&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=752151a6-5617-4092-8977-8522ef1599df&tw_document_href=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&tw_iframe_status=0&txn_id=o4mx1&type=javascript&version=2.3.30

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 8c615a7bb3f43b70
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d5fe3d2a88360c7430100b7b66c30e5c2d5945455c7af58e430abe9f9bdebb29
x-response-time: 187
content-length: 43
date: Wed, 23 Oct 2024 21:09:53 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

GET
H2 200 adsct
t.co/1/i/ 43 B
629 B 299ms
220ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=456986e6-fb8f-4914-91ae-cdce75738208&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=752151a6-5617-4092-8977-8522ef1599df&tw_document_href=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&tw_iframe_status=0&txn_id=o4mx1&type=javascript&version=2.3.30

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: ee9fb71935ba7e84
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a31e9d4a324c2729f8060699705bf0d225bfc9fed2bde3c7ae1a5d88e4b71fc2
cf-cache-status: DYNAMIC
cf-ray: 8d74b5f7cb0f768b-LHR
x-response-time: 177
content-length: 43
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 219ms
206ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=456986e6-fb8f-4914-91ae-cdce75738208&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=752151a6-5617-4092-8977-8522ef1599df&tw_document_href=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&tw_iframe_status=0&txn_id=o4mx1&type=javascript&version=2.3.30

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: e3b89177468b08b7
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d5fe3d2a88360c7430100b7b66c30e5c2d5945455c7af58e430abe9f9bdebb29
x-response-time: 178
content-length: 43
date: Wed, 23 Oct 2024 21:09:53 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
374 B 43ms
41ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=846807820&t=pageview&_s=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ul=en-gb&de=UTF-8&dt=HTB%20-%20Capture%20The%20Flag&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2125718566&gjid=1958724976&cid=387847818.1729717794&tid=UA-93577176-12&_gid=1475308386.1729717794&_r=1&_slc=1&gtm=45He4ah0n81N6XD42Vv857460747za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101794737~101823848&z=1826688631

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b7abf381ed6e19ee8351718219e8cc9f94158fd47ae044d3b57e4d57810375df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ctf.hackthebox.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 35ms
34ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=846807820&t=pageview&_s=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ul=en-gb&de=UTF-8&dt=HTB%20-%20Capture%20The%20Flag&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=387847818.1729717794&tid=UA-93577176-12&_gid=1475308386.1729717794&gtm=45He4ah0n81N6XD42Vv857460747za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101794737~101823848&z=310946234

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

age: 16122
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:41:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 ping Show response
okt.hackthebox.com/ 0
100 B 339ms
103ms Script
text/javascript 52.20.195.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.hackthebox.com/ping?uri=%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&aid=00133o3hflmh415&ts=1729717794441

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-195-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

date: Wed, 23 Oct 2024 21:09:54 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
814 B 336ms
198ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://ctf.hackthebox.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 0006252b4eb672c326e97117053b6ee0
x-msedge-ref: Ref A: 9EE7F8A409FF4071A74CB78205EAA694 Ref B: LON04EDGE0712 Ref C: 2024-10-23T21:09:54Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlK062csMm6XEXBTtu4A==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&e_ipv6=AQLFeRyMQOruzAAAAZK7Nvdxp...

0
481 B

264ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&e_ipv6=AQLFeRyMQOruzAAAAZK7NvdxpU1waI82H4ubjCYgbpLtbkE7lp5FSWEdnWvADMIWduEV8Ug
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref: Ref A: 5CAD4E77C7C541A9BF21111D23A8022A Ref B: LON04EDGE1010 Ref C: 2024-10-23T21:09:54Z
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYlK066qNFVtQTeqYGt5Q==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1341593&time=1729717794442&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&e_ipv6=AQLFeRyMQOruzAAAAZK7NvdxpU1waI82H4ubjCYgbpLtbkE7lp5FSWEdnWvADMIWduEV8Ug
x-msedge-ref: Ref A: 3C71B2318BD34A25B905D782215D2ED9 Ref B: LON04EDGE0610 Ref C: 2024-10-23T21:09:54Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlK062cgZU6uhib5xe5A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
442 B 343ms
210ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ctf.hackthebox.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3C26EE2317B6429298F78EDE926D69C2 Ref B: LON04EDGE0610 Ref C: 2024-10-23T21:09:54Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYlK062b8sLdqNlpOorkg==
x-li-proto: http/2
access-control-allow-origin: https://ctf.hackthebox.com
x-cache: CONFIG_NOCACHE
date: Wed, 23 Oct 2024 21:09:54 GMT
vary: Origin

GET
H3 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
fygapokei.hackthebox.com/analytics-next/bundles/ 9 KB
4 KB 100ms
100ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f504993fedbc75c4ed5f3a965f5f3aded934b36f5c603981283f8ff19061db8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
age: 8074631
cf-bgj: minify
x-amz-version-id: 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=9270
x-cache: Hit from cloudfront
x-amz-cf-id: UqmDMe9vTi8FlzyCI16oBlzpaqxJQtBpyCHSrnCyZd4SqtxyiCiEpA==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 21:39:45 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
cf-ray: 8d74b5f77bf9bd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
102 KB 58ms
57ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFR4KR7D60&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0469421e038d293bfabb79c8389dc940524f485790a1827fdc0aa02bdce15d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 21:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103959
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/757546894/ 42 B
64 B 56ms
54ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/757546894/?random=1729717794364&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfXoeQw5TwsTcIYGnyw0jWU9riUpu0Rw&random=315354804&rmt_tld=0&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/757546894/ 42 B
64 B 103ms
55ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/757546894/?random=1729717794364&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfXoeQw5TwsTcIYGnyw0jWU9riUpu0Rw&random=315354804&rmt_tld=1&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/757546894/ 42 B
64 B 58ms
57ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/757546894/?random=1729717794391&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfIUu2QOwdJ5Kkm7SU8oymk2h7AP76oA&random=552449160&rmt_tld=0&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/757546894/ 42 B
64 B 99ms
55ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/757546894/?random=1729717794391&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339z8857460747za201zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&npa=0&us_privacy=1YNY&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfIUu2QOwdJ5Kkm7SU8oymk2h7AP76oA&random=552449160&rmt_tld=1&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b747b511f5aaeeaad30ebe2d12a639db476e3c8c665c14ed7037f3312625b29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 141ms
131ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5514032&currentUrl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 68378fc9-ddc3-476a-ba98-b5793ed3a82a
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXYPSJH7HZFXMRzctNx6Gog8lGjXRqfir9emTD%2BNPwOH2BECfzjUgXiKaVvKPTtu24KUWgty%2FLNqW%2F0%2BGucful6%2F3Tv3gdYh3EgX6cACo0aP4ETLKIk7oB9JC75a5y3DR9V8fHrIkRtFXrnhc4ff8RDbJtA6tT6MOJo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: 68378fc9-ddc3-476a-ba98-b5793ed3a82a
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-df9486764-c6sfn
x-envoy-upstream-service-time: 9
access-control-allow-credentials: true
cf-ray: 8d74b5f84bad7326-LHR
access-control-allow-origin: https://ctf.hackthebox.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 964 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 297 B
1011 B 171ms
166ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5514032&conversations-embed=static-1.18426&mobile=false&messagesUtk=b5415a8f1093453bb761ffa8de690452&traceId=b5415a8f1093453bb761ffa8de690452

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

260dec4fc1ac4532e8d2e9491fa531cc14b64a5f758f5cdff4dd6015e289bb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEThcCjYlq2e90Ncw0RrRv07w3gcdI850PeNnLfAt%2BWqsHPzQu52sdF2hsZry%2F5tyclydxvMsBj076EdfyuvnpiF3xT5BMfqc4qbQ20am6mhSqpCG3se0uC7X9hBGMgi2cWkcMfVeO4d7ziSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: bd743055-c6eb-4b43-b56f-8b903e9e124c
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8d74b5f96cc57326-LHR
access-control-allow-origin: https://ctf.hackthebox.com
content-length: 239
server: cloudflare

GET
H3 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
fygapokei.hackthebox.com/analytics-next/bundles/ 1 KB
1 KB 74ms
73ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: a5be29ea61049c7b40b87ac80432636916ada79f74aebdfc27944cad9956e4b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
age: 8074628
cf-bgj: minify
x-amz-version-id: Bolgs0Mj8nV2KTYd4DF0kGqy6XFVNGKf
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=1559
x-cache: Hit from cloudfront
x-amz-cf-id: qwOcnOo3hcDXcveElb-khh2ptEwHOsYfoPisw5B3VFlLn4gghbn3CQ==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 17:55:53 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
via: 1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront)
cf-ray: 8d74b5f87d5abd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 147ms
129ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://ctf.hackthebox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://ctf.hackthebox.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d74b5f89beb7326-LHR
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 23 Oct 2024 21:09:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Etj5TyJr3gE5rap5jzqkxvwlVKjZh8mWV%2FpQIH64MVVNdxWdaffZsQVUue4d8j%2FkchR%2BgK6qW7VcLZOwsZtc59MspwJb8JEki4lE3sa5hiaGPXunGhL7Cy4rJ83wuMj7jwjelUj7oBy8iqV4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 0f29b7a5-9e77-49e9-916b-76920974bf7c

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 180 B
835 B 204ms
131ms XHR
application/json 2606:4700::6812:f26c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5514032

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f26c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca7b130fb695dacaffa85df83de09ce9a2f131eadeae20fbeed8e3b27e18703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpJhi6vZY7YLxhGv144TtsLLfQyKMJFqOBMMfdiF9hT19PQn%2FNgknmIru5iLHwQLzf7Z4l9y%2FQSXTewS5sLgJaT5wvX6C9CL1Iwb3SIpZYvaqj74uAFO1N0frgEYW0b26fCE2y9%2BiJrYk6eE"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: 5df054ed-1579-449d-91f7-abd1e03463a7
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8d74b5f8fc1b0716-LHR
access-control-allow-origin: https://ctf.hackthebox.com
server: cloudflare

GET
H3 200 346791856678772 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 168ms
168ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/346791856678772?v=2.9.173&r=stable&domain=ctf.hackthebox.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

99025e624d5c8323e144a142c37cbbfa883d3a3cb5ca0a96b481329ac63bc375

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=87, mss=1232, tbw=83849, tp=80, tpl=0, uplat=129, ullat=0
pragma: public
x-fb-debug: nLcR48tuR13D+SQpm9c66XoZ6LQFym57mvCzT6QF7Y/gUpH1XO/nF0VEYGjMEgq4EJBpivevNhuQ2fHw5jsgwQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 111ms
35ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794665&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&tm=1&rqm=GET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=2901, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 279ms
203ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794665&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&tm=1&rqm=FGET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429081358618660473"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: w/vyrejFcNCPXUovL3QpUVQQp6zATLYH/kz4qHei+1Q2qS14snh6fcyFGh5oinhihdORQLjDBBrwnzVUof1JcA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429081358618660473", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=3952, tp=-1, tpl=-1, uplat=145, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
267 B 36ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BFR4KR7D60&gtm=45je4ah0v9136092264za200&_p=1729717793591&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533421~101686685~101794737~101823848&gdid=dMWZhNz&ul=en-gb&sr=1600x1200&cid=387847818.1729717794&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dt=HTB%20-%20Capture%20The%20Flag&sid=1729717794&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1374
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 111ms
32ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BFR4KR7D60&cid=387847818.1729717794&gtm=45je4ah0v9136092264za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101533421~101686685~101794737~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFR4KR7D60&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7602 0
0 60ms
58ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-BFR4KR7D60&gacid=387847818.1729717794&gtm=45je4ah0v9136092264za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101794737~101823848&z=29592396

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFR4KR7D60&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 60ms
60ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BFR4KR7D60&cid=387847818.1729717794&gtm=45je4ah0v9136092264za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101533421~101686685~101794737~101823848&tag_exp=101533421~101686685~101794737~101823848&z=1279707043

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 google-analytics.dynamic.js.gz Show response
fygapokei.hackthebox.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 105ms
104ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d429ac2d01de0ba0c4e7ee5f118db9b8db5acc915883c65b7303a6050df5114

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6a3ed21f9b6777c0c37e6e248ea22387"
age: 8069631
cf-bgj: minify
x-amz-version-id: UrcbvrdkWvVeM88a5LbnIeGLbGs5UNca
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=15942
x-cache: Hit from cloudfront
x-amz-cf-id: 1eIvvsIY1V4fjGzW9bjgAxOMxnNlG72yS2ol_D5k32CZNJhc9ZZgyg==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:42:47 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
via: 1.1 a01fca0cccde2470ea24242deceb9118.cloudfront.net (CloudFront)
cf-ray: 8d74b5f95e5abd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 intercom.dynamic.js.gz Show response
fygapokei.hackthebox.com/next-integrations/integrations/intercom/3.1.0/ 4 KB
2 KB 58ms
58ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 89aac9a3761fce4b1856e79b51c7e2d9c70a211902aa9822ce2c9b447680b2d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d20b898e8b1fe44f03e532db7fe5cf4e"
age: 8069631
cf-bgj: minify
x-amz-version-id: UmD7F.j8vFqDUtNMk_FJm_Zc.bMsT7GP
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=4271
x-cache: Hit from cloudfront
x-amz-cf-id: OO3HncZlTFu4whY9OWzn57IWzWQyW1QDsSfEcEyKPHA-t5Eh6nNjkw==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 07:35:29 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
via: 1.1 180346a9751051e3a71bd41ea7db0e00.cloudfront.net (CloudFront)
cf-ray: 8d74b5f95e5fbd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
927 B 196ms
148ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-robots-tag: none
x-request-id: ab56cd31-c51e-4ba6-8435-4f601cba963a
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Wed, 23 Oct 2024 21:09:54 GMT
x-hubspot-correlation-id: ab56cd31-c51e-4ba6-8435-4f601cba963a
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Wed, 23 Oct 2024 21:09:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-df9486764-w8l5k
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8d74b5f9a9ddbea6-LHR
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

POST
H3 200 p Show response
fygapokei.hackthebox.com/v1/ 21 B
376 B 358ms
356ms Fetch
application/json 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fygapokei.hackthebox.com/v1/p

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 8d74b5f96f753858-LHR
access-control-allow-origin: https://ctf.hackthebox.com
alt-svc: h3=":443"; ma=86400
content-length: 21
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 commons.c42222c4cb2f8913500f.js.gz Show response
fygapokei.hackthebox.com/next-integrations/integrations/vendor/ 73 KB
22 KB 54ms
52ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 563c01d56eddb4986776675ee8bbfd0e704cb09cfbd0dd2e7264782ac7b847de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"befb217271e2e926c7d898f1c85f6cb7"
age: 8071610
cf-bgj: minify
x-amz-version-id: uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=74937
x-cache: Hit from cloudfront
x-amz-cf-id: UDFROPwPlW4nj_GhN26KKex_tNDQ3AaXCSz-nYQeaUrcCs8Da7lvlA==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Wed, 18 Oct 2023 10:36:32 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
via: 1.1 46e66d8a43c4da941c24d6cc77f3c0da.cloudfront.net (CloudFront)
cf-ray: 8d74b5f9ceeebd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: MAN51-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
87 KB 49ms
48ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-757546894

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

35cd9ce578d5e41abb4b1f63f5e8c3551e7f04ac59c41efb17458d3a9573898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 21:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89510
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 98ms
98ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-757546894&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6XD42V

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

24d4b2ae903f7fc9378ff6c6370f9fce44c24b76dce93dcde26af275496bc732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 21:09:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89574
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794843&sw=1600&sh=1200&v=2.9...
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1729717794416&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1729717794663.54600582242716252&o=12318&ec=1&a=tmSimo-GTM-WebTemplate&r...

0
19 B

55ms
55ms

Image
text/plain

157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1729717794416&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1729717794663.54600582242716252&o=12318&ec=1&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.173&sh=1200&sw=1600&ts=1729717794843&if=false&rl=&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ev=PageView&id=2910598162406194

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4445, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
location: /tr/?redirect=0&rqm=GET&coo=false&it=1729717794416&cdl=API_unavailable&ler=empty&cs_est=true&fbp=fb.1.1729717794663.54600582242716252&o=12318&ec=1&a=tmSimo-GTM-WebTemplate&r=stable&v=2.9.173&sh=1200&sw=1600&ts=1729717794843&if=false&rl=&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ev=PageView&id=2910598162406194
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=3341, tp=-1, tpl=-1, uplat=1, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
846 B 85ms
83ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794843&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&rqm=FGET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429081356983373620"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: bdEZTWNsns7jGe5YB7CDF0gYFCiE3eHXfSUvk/hpJ5P5fpTVNt/nr/+YjYBLuruoD/UWSoSGAGdjkNc4ap83QA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429081356983373620", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=6738, tp=-1, tpl=-1, uplat=38, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 37ms
35ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=346791856678772&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794845&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1729717794663.54600582242716252&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&rqm=GET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=3765, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 85ms
84ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=346791856678772&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794845&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1729717794663.54600582242716252&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&rqm=FGET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429081358322573823"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: EEqLGCjn88ShYsnLMlM+OC30Mts7LMFQB/nRMxtU6+KUDvIiMQMl0BY6de934LMqdXtrBjez3Bd8gPT45v6jPA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429081358322573823", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=7606, tp=-1, tpl=-1, uplat=42, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 36ms
35ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794849&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&tm=1&rqm=GET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=3765, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 91ms
90ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2910598162406194&ev=PageView&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&rl=&if=false&ts=1729717794849&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=12318&fbp=fb.1.1729717794663.54600582242716252&cs_est=true&ler=empty&cdl=API_unavailable&it=1729717794416&coo=false&tm=1&rqm=FGET

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429081356681255218"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: WYDZ1zJ0xFZZmmYPUNBwrQXOMDiTbVjWhNXxpNyy3khUEMb91A16X+XVqE/loSM1yVA44ItrNBpfUtuLzR0i8g==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429081356681255218", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=8475, tp=-1, tpl=-1, uplat=43, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
fygapokei.hackthebox.com/next-integrations/integrations/vendor/ 70 KB
22 KB 73ms
72ms Script
application/javascript 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fygapokei.hackthebox.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/htb-anal.js/v1/o7CCLQ34gdSSo2CYWKkONsZxv5cabLHz/htb-anal.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d5ab911a51fae1ce8ebb2efa03c41154e3630edc656e31ee631ae8704de342

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c467a63b2e7c3a99be423ace649014d8"
age: 8074625
cf-bgj: minify
x-amz-version-id: 1Y99HfuTczPsGIDdcPhw1L1EusEviR19
access-control-allow-methods: GET, HEAD
expires: Thu, 23 Oct 2025 21:09:54 GMT
cf-polished: origSize=71723
x-cache: Hit from cloudfront
x-amz-cf-id: ayHNQ6Eek8NBk86lNFKJ66IjPZZkgnYr7zQ2tG4HWcK02838C6ZDWw==
date: Wed, 23 Oct 2024 21:09:54 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:42:46 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
via: 1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront)
cf-ray: 8d74b5fa0f4cbd80-LHR
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 awwxrc0h Show response
widget.intercom.io/widget/ 7 KB
3 KB 122ms
37ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/awwxrc0h
Requested by: Host: fygapokei.hackthebox.com
URL: https://fygapokei.hackthebox.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea97309455bf091a3fd2a02b82a18fcaf680cb8dbed42401c1f46c2ddd8d7da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: gzip
x-amz-version-id: vq5AMxQ.XgIA.oL3EqmnKTG6rpPYjPXc
etag: "0626ee1fd48d0fcb5abaec82ae4e4647"
age: 158
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: Eo-2meSa82IOA8Xar1p8dZq8GCzpbSQz1gWaYPpHlRE48GPHhh-X7A==
date: Wed, 23 Oct 2024 21:07:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Wed, 23 Oct 2024 10:24:39 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2667
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
38 B 41ms
40ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=846807820&t=pageview&_s=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dp=%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ul=en-gb&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABAAAAACgCIAB~&jid=1425291795&gjid=260862143&cid=387847818.1729717794&tid=UA-93577176-4&_gid=1475308386.1729717794&_slc=1&z=472237274

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f82e9f4417a7297b0b7a7053b9c5aab3f128a24c8b7711934a1e886de63b2a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ctf.hackthebox.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 33ms
31ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93577176-4&cid=387847818.1729717794&jid=1425291795&gjid=260862143&_gid=1475308386.1729717794&_u=aCDAgEABAAAAAGgCIAD~&z=2085153613

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ctf.hackthebox.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 35ms
34ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=846807820&t=event&ni=1&_s=2&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dp=%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&ul=en-gb&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Login%20Page&ev=0&_u=aCDAgEABAAAAAGgCIAD~&jid=&gjid=&cid=387847818.1729717794&tid=UA-93577176-4&_gid=1475308386.1729717794&z=1972001886

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

age: 24114
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 14:28:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/ 6 KB
2 KB 57ms
56ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757546894/?random=1729717795050&cv=11&fst=1729717795050&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339za200zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&did=dMWZhNz%2CdZTQ1Zm&gdid=dMWZhNz.dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-757546894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

de5b52acd864989e82c33cb3804b891d41c3ec0db767737d0263ea85ee038ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2432
date: Wed, 23 Oct 2024 21:09:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 757546894
td.doubleclick.net/td/rul/ Frame BDF8 0
0 60ms
59ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/757546894?random=1729717795050&cv=11&fst=1729717795050&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339za200zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&did=dMWZhNz%2CdZTQ1Zm&gdid=dMWZhNz.dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-757546894

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 56ms
56ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DNFM29HYQ4&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

12b79786b9d314d3b8e4d3cf976a94e7fce347df5a379030df2a8321aa89d156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 21:09:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100674
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/757546894/ 42 B
64 B 55ms
55ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/757546894/?random=1729717795050&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339za200zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&did=dMWZhNz%2CdZTQ1Zm&gdid=dMWZhNz.dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfo7aN8hQzt_VTXtB2iZwZUdttvsUGnxHVXXfdgQNx8S3uHcXk&random=124496060&rmt_tld=0&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/757546894/ 42 B
64 B 56ms
55ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/757546894/?random=1729717795050&cv=11&fst=1729717200000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v896450339za200zb857460747&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&hn=www.googleadservices.com&frm=0&tiba=HTB%20-%20Capture%20The%20Flag&did=dMWZhNz%2CdZTQ1Zm&gdid=dMWZhNz.dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=776716099.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfo7aN8hQzt_VTXtB2iZwZUdttvsUGnxHVXXfdgQNx8S3uHcXk&random=124496060&rmt_tld=1&ipr=y

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 frame-modern.68cbc9f2.js Show response
js.intercomcdn.com/ Frame 225D 470 KB
142 KB 117ms
35ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/awwxrc0h

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bd359c92fba0599b8fd731730dcacaa49413a056d2a6941a5f96ba10d29a70e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: J_KrlPYDUktpeOmryDSMQEPdqdqKBtRq
etag: "117945553ea1d385942c1e3893495dc4"
age: 2714
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: R4xqy9uJrbm-_8vgf2Ekk0BC_qHRztqN6peijHpzv_93wKrpz-Ecug==
date: Wed, 23 Oct 2024 20:24:42 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 10:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 144554
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.8b97a971.js Show response
js.intercomcdn.com/ Frame 225D 455 KB
145 KB 193ms
111ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.8b97a971.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/awwxrc0h

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: vBx0xWgOa93EdPNTUd4xrs7ZcBFA8sYe
etag: "2406ae0ce4db8aa51ed52dde4792a464"
age: 6603
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4TKyDsIsD_5JcIpx-LVnEfc8bcZ8LKZhQc9NGDTJ2umn1M66hocnQQ==
date: Wed, 23 Oct 2024 19:19:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 12:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147289
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
48 B 30ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DNFM29HYQ4&gtm=45je4ah0h1v9126121099za200&_p=1729717793591&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&gdid=dMWZhNz.dZTQ1Zm&ul=en-gb&sr=1600x1200&cid=387847818.1729717794&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dp=%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dt=Login&sid=1729717795&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1860
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
20 B 28ms
28ms Ping
text/plain 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DNFM29HYQ4&cid=387847818.1729717794&gtm=45je4ah0h1v9126121099za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101686685~101794737~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNFM29HYQ4&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.206.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wk-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 rul
td.doubleclick.net/td/ga/ Frame F303 0
0 48ms
47ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-DNFM29HYQ4&gacid=387847818.1729717794&gtm=45je4ah0h1v9126121099za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101794737~101823848&z=758417942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNFM29HYQ4&cx=c&_slc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctf.hackthebox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 21:09:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 58ms
57ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DNFM29HYQ4&cid=387847818.1729717794&gtm=45je4ah0h1v9126121099za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101686685~101794737~101823848&tag_exp=101686685~101794737~101823848&z=1596912348

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 21:09:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
737 B 124ms
39ms Image
image/gif 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=c6744560-9be5-4645-9305-83ef9e0b993d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Wed, 23 Oct 2024 21:09:55 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AHmUCY0xKHVz-sMMD3OBZR8zH9IZsXv9aMPzsUuV69P_ZBMgA7mQ8OTIZXuCWzbDkE6PidkmFyI
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 230ms
156ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-gb&bfp=4232044323&v=1.1&a=5514032&pu=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&t=HTB+-+Capture+The+Flag&cts=1729717795318&vi=b4dd4b26acd55dde7ef7b3d053a14359&nc=true&u=186608822.b4dd4b26acd55dde7ef7b3d053a14359.1729717795313.1729717795313.1729717795313.1&b=186608822.1.1729717795313&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-robots-tag: none
x-request-id: c3c76f46-804c-4165-b66d-2653499bcab0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81TeBYSJ0xEV1ZuhVziQ8z8lxtgZ5K3CxuIK2hSfjG1CPlpa7R%2BEl0hsR5ozazruestwY8wW3cQVWcLr%2B4S94AxGhj%2BSFitGTSQ66V%2B6GfTLnblKtzbpBH2PJhbxHDcEWE8cQ7CjFWK2x0EynNs%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Wed, 23 Oct 2024 21:09:55 GMT
x-hubspot-correlation-id: c3c76f46-804c-4165-b66d-2653499bcab0
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-6c8f7f4884-6gg9b
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8d74b5fd4ce67777-LHR
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

POST
H3 204 rum Show response
ctf.hackthebox.com/cdn-cgi/ 0
143 B 44ms
43ms XHR
text/plain 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/cdn-cgi/rum?

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sentry-trace: 1b38ff042be2487ebc0dacb15850ee9c-93e7049479673cf9-1
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
baggage: sentry-environment=production,sentry-public_key=29d47bf1f8124b1ba69bafbb646d7769,sentry-trace_id=1b38ff042be2487ebc0dacb15850ee9c,sentry-sample_rate=0.25,sentry-transaction=Login,sentry-sampled=true

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d74b5fcdb0abd80-LHR
access-control-allow-origin: https://ctf.hackthebox.com
date: Wed, 23 Oct 2024 21:09:55 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
ctf.hackthebox.com/images/icons/HTB-favicon/ 15 KB
3 KB 116ms
115ms Other
image/x-icon 109.176.239.69
HTB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ctf.hackthebox.com/images/icons/HTB-favicon/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

109.176.239.69 Nottingham, United Kingdom, ASN214618 (HTB-AS, GB),

Reverse DNS

Software

cloudflare /

Resource Hash

6c687ec0fecaeb75838ca862136bf779e6f90abbf1336acafbb3b95557ada615

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/login?redirect=/team/overview/192638

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"671880bc-3aee"
age: 5942
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff, nosniff
expires: Thu, 24 Oct 2024 05:09:55 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: image/x-icon
last-modified: Wed, 23 Oct 2024 04:51:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-frame-options: SAMEORIGIN, SAMEORIGIN
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8d74b5fcdb1ebd80-LHR
access-control-allow-origin: https://ctf.hackthebox.eu
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

POST
H2 200 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame 225D 346 B
974 B 410ms
190ms XHR
application/json 54.80.32.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.80.32.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-80-32-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d388d9069140a33dc254e3b2ab786cb4e196ebb935510b19b322a82d292516d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0007r01sqhvlge0evukg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"8d388d9069140a33dc254e3b2ab786cb"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Wed, 23 Oct 2024 21:09:55 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.046951
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block
x-intercom-version: 5107b658fa9f3ca700498958a65b62d3155380e2
x-ami-version: ami-00f591eb36a6c23f3
server: nginx

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 225D 10 KB
4 KB 632ms
414ms XHR
application/json 54.80.32.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.80.32.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-80-32-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

813ac659102bc99dc1842612ecc767575d1424727ed5c83167e585e274bd920b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0012dqs4eqkrmtc6hlrg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"813ac659102bc99dc1842612ecc76757"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Wed, 23 Oct 2024 21:09:56 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.308912
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block
x-intercom-version: 5107b658fa9f3ca700498958a65b62d3155380e2
x-ami-version: ami-00f591eb36a6c23f3
server: nginx

GET
H2 200 efef1192e4fa386f159825fbf792ed52.png
downloads.intercomcdn.com/i/o/369813/f85fa7d6cd3869c76c599b04/ 5 KB
6 KB 349ms
166ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/369813/f85fa7d6cd3869c76c599b04/efef1192e4fa386f159825fbf792ed52.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

67cd408f3192e7906ac65da062c2023a334d13d72520b4362f5f5e6a690bff2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

x-request-id: 0013hj1hdrpast4icpag
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
date: Wed, 23 Oct 2024 21:09:56 GMT
content-type: image/png
last-modified: Fri, 25 Nov 2022 14:51:34 GMT
x-runtime: 0.065876
content-disposition: inline; filename="efef1192e4fa386f159825fbf792ed52.png"; filename*=UTF-8''efef1192e4fa386f159825fbf792ed52.png
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
cache-control: max-age=86400, private
cross-origin-resource-policy: cross-origin
content-transfer-encoding: binary
x-xss-protection: 1; mode=block
x-intercom-version: 5107b658fa9f3ca700498958a65b62d3155380e2
x-ami-version: ami-00f591eb36a6c23f3
server: nginx

GET
H2 200 vendors~app~tooltips-modern.e8568426.js Show response
js.intercomcdn.com/ Frame 225D 714 KB
171 KB 34ms
32ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app~tooltips-modern.e8568426.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

41f7f1272e94a800abac29db2adcc718d67d38eba3cb4246af551f0e72fe2634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: lxtJ.ACmyb0lqudBlDZRnUQU_E4NrQL2
etag: "ce8134dc18fdef6a42cc8ab727d953cc"
age: 6567
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: q8gzR3t-PUA4zb333HsT6oX1lOIUfZrU35piaABxFEZDW4proDxuIw==
date: Wed, 23 Oct 2024 19:20:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 12:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 174471
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~tooltips-modern.79fea859.js Show response
js.intercomcdn.com/ Frame 225D 35 KB
12 KB 46ms
45ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~tooltips-modern.79fea859.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8fc2f39abbfcb637bdaebd104167ef3be94461e0985e3dd0afde1fa110556667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: jdJ8.2STCuJLtANCwuU0kL.fQWsQ8VUy
etag: "549d63dc73c5770ca6c7acd1abdeaaa1"
age: 3256
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MVDKIFplcXBM_osdtcnXshzECjJ9nnvcDcmbi4W7VOfkmPBDg5BZJw==
date: Wed, 23 Oct 2024 20:15:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 12:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 11457
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 app~tooltips-modern.135bf57e.js Show response
js.intercomcdn.com/ Frame 225D 205 KB
55 KB 48ms
47ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app~tooltips-modern.135bf57e.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c540101eff7642fb517c2799b357b75b47f9a67cff33878100941cb084d4067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: c7pzDs0xtm.7kf9I3.cAZ1piZdIatvv9
etag: "e9f59ac96cb8025a06cc2621d65e08b4"
age: 2714
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: A0IuoIC531b8wMNJfInJQ4rt1scm69prBeGgA5X5_560AeFVg7g5ng==
date: Wed, 23 Oct 2024 20:24:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 10:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 55957
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 tooltips-modern.89e011cd.js Show response
js.intercomcdn.com/ Frame 225D 13 KB
6 KB 52ms
51ms Script
application/javascript 18.245.46.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/tooltips-modern.89e011cd.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-55.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4d9ebeccf77247812c2121595aad6ae50a896f929153d775ee2925b4f2f0689a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: xJ9My87TQ8W0mWyEKIA.70SwV2nWZH5c
etag: "1f052eabab60da695f4409927dca16af"
age: 7045
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: hp9kgwSdB70VeUWsdZpLuYbHLyvHRzXygrP07F8yM7pbouxq4I1nVA==
date: Wed, 23 Oct 2024 19:12:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 15:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5050
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 225D 8 KB
3 KB 400ms
399ms XHR
application/json 54.80.32.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.68cbc9f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.80.32.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-80-32-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5e738e81876daa4449925cf8ce54c8ff78173d735b9f0284882877f6db37e0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0006tr1thmb37nhb7r9g
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"5e738e81876daa4449925cf8ce54c8ff"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Wed, 23 Oct 2024 21:09:56 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.272726
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ctf.hackthebox.com
x-xss-protection: 1; mode=block
x-intercom-version: 5107b658fa9f3ca700498958a65b62d3155380e2
x-ami-version: ami-00f591eb36a6c23f3
server: nginx

POST
H2 200 / Show response
ingest.sentry.hackthebox.eu/api/12/envelope/ 41 B
356 B 183ms
73ms Fetch
application/json 2606:4700::6812:984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.sentry.hackthebox.eu/api/12/envelope/?sentry_key=29d47bf1f8124b1ba69bafbb646d7769&sentry_version=7&sentry_client=sentry.javascript.vue%2F8.33.1

Requested by

Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c173c0e8052ae347a4ddbe70204ac490bb50d240d5e9a6bfcbbe459fd6fbed7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ctf.hackthebox.com/

Response headers

strict-transport-security: max-age=0; includeSubDomains
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 8d74b6038bb66361-LHR
access-control-allow-origin: *
content-length: 41
date: Wed, 23 Oct 2024 21:09:56 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: cloudflare

POST
H3 204 collect Show response
region1.google-analytics.com/g/ 0
20 B 30ms
29ms Fetch
text/plain 216.239.32.36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TKKV7WGJ6V&gtm=45je4ah0v885060163z8857460747za200zb857460747&_p=1729717793591&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823848&cid=387847818.1729717794&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1729717794&sct=1&seg=1&dl=https%3A%2F%2Fctf.hackthebox.com%2Flogin%3Fredirect%3D%2Fteam%2Foverview%2F192638&dt=HTB%20-%20Capture%20The%20Flag&en=page_view&_et=29&tfd=6002
Requested by: Host: ctf.hackthebox.com
URL: https://ctf.hackthebox.com/build/assets/app-3dc411e1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ctf.hackthebox.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ctf.hackthebox.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 21:09:59 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ctf.hackthebox.com/	1970-01-21 00:28:44	Name: hack_the_box_ctf_session Value: eyJpdiI6Ijh6N29ockUyd1k3a3dGVUV6RG5HNXc9PSIsInZhbHVlIjoiK0czRmFCbE5LRjErNkI1OVUxK0VCZlhGdkxSSHg2ODQzSDkxemRxR09LR2t5Nm9hcU5JcE9sN1hrbkgybFMvbmtuZ1d0Q0xtZloyYXdEeCtOR3FyL0w5OGFaSUZhTDJkc3JSaDdEWDdsMFVwdGRDZm1mWGRuWml3YTVJNWdVb0siLCJtYWMiOiJjNjc0MTY0ZWM5MGMzZWE4ZTc0M2JkOWE0MGYzZTYwNTY0ZjVjMDE3ZmRhMTQxNGIwYmY1NmZkYzhlYWQ2NWIwIiwidGFnIjoiIn0%3D
.hackthebox.com/	1970-01-21 00:28:39	Name: __cf_bm Value: TFJs.xkuH.thrgO1XZ.jg0GpqXRuIKWsdSB5Dkcxd4k-1729717793-1.0.1.1-rK0m2QV4ubAOeC0sGdp4DMX0cHpGyeSkfQ_Nkz2vBdT9MHEyqDBg4VciPX0V3lKiijy_m8ub9cWaN5A87BzkFQ
.hackthebox.com/	1970-01-21 02:38:13	Name: _gcl_au Value: 1.1.776716099.1729717794
.hackthebox.com/	1970-01-21 10:04:37	Name: _ga_TKKV7WGJ6V Value: GS1.1.1729717794.1.1.1729717794.0.0.0
.hackthebox.com/	1970-01-21 10:04:37	Name: _ga Value: GA1.2.387847818.1729717794
.hackthebox.com/	1970-01-21 00:30:04	Name: _gid Value: GA1.2.1475308386.1729717794
.hackthebox.com/	1970-01-21 00:28:37	Name: _gat_UA-93577176-12 Value: 1
.hackthebox.com/	1970-01-21 02:38:13	Name: _fbp Value: fb.1.1729717794663.54600582242716252
.twitter.com/	1970-01-21 10:04:37	Name: guest_id_marketing Value: v1%3A172971779458066053
.twitter.com/	1970-01-21 10:04:37	Name: guest_id_ads Value: v1%3A172971779458066053
.twitter.com/	1970-01-21 10:04:37	Name: personalization_id Value: "v1_jQv/1G/KnEvxKyKb4V8hGg=="
.twitter.com/	1970-01-21 10:04:37	Name: guest_id Value: v1%3A172971779458066053
.t.co/	1970-01-21 10:04:37	Name: muc_ads Value: c749df34-1994-4122-8f3f-f07fbcf3b4c5
.t.co/	1970-01-21 00:28:39	Name: __cf_bm Value: EFQXgYUQ9ik1D5XVtzIKUF_RsNvoBjErlMh97Tp6IyE-1729717794-1.0.1.1-v5joPCKMd2N6Xj.TsIS4KpgPAQprRSkIhH_lAUAeFhRTIuxb7WjCYelUIES5S6PWL7.kB5Ry4n3N9DRhX5Xgjw
.hackthebox.com/	1970-01-21 10:04:37	Name: _ga_BFR4KR7D60 Value: GS1.2.1729717794.1.1.1729717794.60.0.0
.linkedin.com/	1970-01-21 00:30:04	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3381:u=1:x=1:i=1729717794:t=1729804194:v=2:sig=AQHoMh0IMouYxc3SgMgkuas2nbdqEVIO"
.hackthebox.com/	1970-01-21 09:14:13	Name: ajs_anonymous_id Value: be8c4ccd-0c55-487e-b79e-820d8baef668
.linkedin.com/	1970-01-21 09:14:13	Name: bcookie Value: "v=2&0d9340eb-2f8b-449a-85b3-a9bae5fc68f0"
.linkedin.com/	1970-01-21 04:47:49	Name: li_gc Value: MTswOzE3Mjk3MTc3OTQ7MjswMjGJmR9537BMF+Wu4ARcJptBYGZCPfP3kv61BL3fRVjzqw==
.doubleclick.net/	1970-01-21 09:50:13	Name: IDE Value: AHWqTUm7iuWa4ae196OHinS6CSTvi7zDPF7cm1nE0sAz7Qhpl2E9qpWKdPISNcMn
.hsforms.com/	1970-01-21 00:28:39	Name: __cf_bm Value: 2YnCG01bbNMUCZDKXZ0p0LjsT4K0a3q2_IgUAXZnd_U-1729717794-1.0.1.1-z08fhclT8odBRQw_y9G1FdHAd39hxFi2Ng8cqKFoi5avQiQvfVBnavWxnyy3qcmLr4.FXVqhxEp0X5QvRJZNlA
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .iUJnvdsmK8Yv5ENBH.ufzyjsZ3JUzWxOQS2ouvcJXc-1729717794942-0.0.1.1-604800000
.hackthebox.com/	1970-01-21 00:28:37	Name: _gat Value: 1
.hackthebox.com/	1970-01-21 10:04:37	Name: _ga_DNFM29HYQ4 Value: GS1.2.1729717795.1.0.1729717795.60.0.0
.hackthebox.com/	1970-01-21 04:47:49	Name: __hstc Value: 186608822.b4dd4b26acd55dde7ef7b3d053a14359.1729717795313.1729717795313.1729717795313.1
.hackthebox.com/	1970-01-21 04:47:49	Name: hubspotutk Value: b4dd4b26acd55dde7ef7b3d053a14359
.hackthebox.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hackthebox.com/	1970-01-21 00:28:39	Name: __hssc Value: 186608822.1.1729717795313
.hubspot.com/	1970-01-21 00:28:39	Name: __cf_bm Value: Mv8.5JAwUbCf7V9i7wnqRaBIDesww31S0bO6aNfvJFY-1729717795-1.0.1.1-solmPh.z42g5reeTAD3bb6.3nf0vknVbTcUjpqEeo38Xa_gWE9_Odtx8gRs0j0a5jUmY02k4Bfv.GRj_TEFSDg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6YOeMs0EypV1CJmBRmfwC3qxj1HqO6aCwoZfIQKu5jY-1729717795536-0.0.1.1-604800000
.hackthebox.com/	1970-01-21 06:57:27	Name: intercom-id-awwxrc0h Value: dcea5c6f-de34-4d6a-9a29-4575c211cbe8
.hackthebox.com/	1970-01-21 00:38:42	Name: intercom-session-awwxrc0h Value:
.hackthebox.com/	1970-01-21 06:57:27	Name: intercom-device-id-awwxrc0h Value: b8f0a2b7-9683-4770-a3b1-7a6532740891

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ctf.hackthebox.com/login?redirect=/team/overview/192638 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api-iam.intercom.io
api.hubapi.com
api.hubspot.com
api.recurly.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
cta-service-cms2.hubspot.com
ctf.hackthebox.com
downloads.intercomcdn.com
fygapokei.hackthebox.com
googleads.g.doubleclick.net
imgsct.cookiebot.com
ingest.sentry.hackthebox.eu
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.intercomcdn.com
js.recurly.com
js.usemessages.com
okt.hackthebox.com
p.typekit.net
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
static.oktopost.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
track.hubspot.com
use.typekit.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
104.19.175.188
104.244.42.131
109.176.239.69
13.107.42.14
13.224.189.49
142.250.185.168
142.250.186.130
142.250.186.34
142.250.186.35
142.250.186.78
146.75.120.157
15.197.143.135
157.240.0.35
157.240.0.6
162.159.140.229
172.217.16.196
172.217.18.3
18.244.18.80
18.245.46.55
2001:4860:4802:34::36
216.239.32.36
2606:4700:4400::ac40:9310
2606:4700::6810:4e8e
2606:4700::6810:4f49
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:984
2606:4700::6812:f26c
2620:1ec:21::14
2a00:1450:4001:808::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c0d::9c
2a02:26f0:3500:10::210:a9a
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:18::1724:a29a
2a02:26f0:3500:886::f09
2a02:26f0:3500:887::f09
2a03:2880:f177:185:face:b00c:0:25de
34.98.107.242
52.20.195.32
54.80.32.50
74.125.206.154
03e9bfd6a18689ddf26e16b59390271a9b81ddaecae535317df2730182dff9fc
03ea7138f3ba379ef7505049fe2a9773c171e5cddf4bc3ad2dfeeeb4914b38c2
0469421e038d293bfabb79c8389dc940524f485790a1827fdc0aa02bdce15d12
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0c540101eff7642fb517c2799b357b75b47f9a67cff33878100941cb084d4067
0ea97309455bf091a3fd2a02b82a18fcaf680cb8dbed42401c1f46c2ddd8d7da
12b79786b9d314d3b8e4d3cf976a94e7fce347df5a379030df2a8321aa89d156
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1696e29709bb8ecb13a6d7cabfa560cd8fc7ee0fbbcade50b3c996c25aeb76be
1b18141d6987164f2b5f8de9d9448758f142feda9faffb56ae31b8108c29f610
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c92f342c57c2372e6241dabeba6a8297c7caeb22e31f99b68d34608e263e29d
1ca7b130fb695dacaffa85df83de09ce9a2f131eadeae20fbeed8e3b27e18703
20d5fa6c0b9abb911697397019eb4706c13adf4e365b4ed3bb3b4586b0f05d16
24d4b2ae903f7fc9378ff6c6370f9fce44c24b76dce93dcde26af275496bc732
260dec4fc1ac4532e8d2e9491fa531cc14b64a5f758f5cdff4dd6015e289bb83
296d6893e3576a164a33ade7637c3f49d2bd4fb0341f517cda8ca7476d7e8582
2c5d77f441dc108978e566d1c8b2468ffeac36d028349ad387ef1242156cc7e4
35cd9ce578d5e41abb4b1f63f5e8c3551e7f04ac59c41efb17458d3a9573898d
3d429ac2d01de0ba0c4e7ee5f118db9b8db5acc915883c65b7303a6050df5114
41f7f1272e94a800abac29db2adcc718d67d38eba3cb4246af551f0e72fe2634
426a1263f301c6d4653de5bb6c6df4526f7012d11c4c93331f9696fb256001b9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457bc376503701df8b0c3e1f0abccfe97a4a1ab37c217e512827695da98e99eb
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d9ebeccf77247812c2121595aad6ae50a896f929153d775ee2925b4f2f0689a
4e28794513335baa98a8cf9adf7895191975f1e2b49a55cf118b480d83c621b3
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
53ededee0a1d91ad8a2f86a7726d7e11e92eaca1a12c84863718f6335b477062
563c01d56eddb4986776675ee8bbfd0e704cb09cfbd0dd2e7264782ac7b847de
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5e738e81876daa4449925cf8ce54c8ff78173d735b9f0284882877f6db37e0dc
5efe790f6749376bd250b36fe68321ccdcb439a80ba18fe387ca2b8877e5e231
61e54e1cca8c4cc3a0d50af26d84ea9015e205bed44c89a3d8af5673c93ee69c
64d5ab911a51fae1ce8ebb2efa03c41154e3630edc656e31ee631ae8704de342
6604083ae71cc792724fc7044fad943a093c8f92616af02eb1b336a1c2995f72
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
67cd408f3192e7906ac65da062c2023a334d13d72520b4362f5f5e6a690bff2a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c687ec0fecaeb75838ca862136bf779e6f90abbf1336acafbb3b95557ada615
6f504993fedbc75c4ed5f3a965f5f3aded934b36f5c603981283f8ff19061db8
77bb4ed7e5857c9c4f17a488a51b229064b948b5bb068abc53aa2857077dad0a
7be4c2df7752dc4274589e7b65d5dd6d893e3c0619417a461dab0b61018719bb
813ac659102bc99dc1842612ecc767575d1424727ed5c83167e585e274bd920b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89aac9a3761fce4b1856e79b51c7e2d9c70a211902aa9822ce2c9b447680b2d0
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d388d9069140a33dc254e3b2ab786cb4e196ebb935510b19b322a82d292516d
8f77de9e9c6d25d39914e9852e81a6b5762fc53eaed2f25819dea96f553b8f53
8fc2f39abbfcb637bdaebd104167ef3be94461e0985e3dd0afde1fa110556667
99025e624d5c8323e144a142c37cbbfa883d3a3cb5ca0a96b481329ac63bc375
9b747b511f5aaeeaad30ebe2d12a639db476e3c8c665c14ed7037f3312625b29
9c6a485235f956e6c092a90af9325792dedbb3d17104b6a26c501ed52586be81
a408d8fdc865b06db7ea084be9b199dce1579544eef05b4a8a60cd7cedf0a6f0
a5be29ea61049c7b40b87ac80432636916ada79f74aebdfc27944cad9956e4b2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b5e5eda757620af1c1e30b3c91cf2ca577c5b2c875b34c72b7f79dba61f8e871
b74588c20d419f3789dd9ac59288d53a510f52c6df8a67a292dc6bd8ead60395
b7abf381ed6e19ee8351718219e8cc9f94158fd47ae044d3b57e4d57810375df
bd359c92fba0599b8fd731730dcacaa49413a056d2a6941a5f96ba10d29a70e7
bd51f8ff9d264a4b26ff416a06c0c0969df51b9c8d8dff131f495d340578eef5
bddf66b5f26a66effd28744bc765ca694571690d8234908b4ac85814a6dfeb88
c173c0e8052ae347a4ddbe70204ac490bb50d240d5e9a6bfcbbe459fd6fbed7d
c63e0950b6f0d631f9c46e7473ec197c5c985b59174807a012fe5d4bace63844
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
ce2c4e3790d580c8b19ce4f9634be0fc5000f33a0a3c6d2b93fff82cea3db86f
ce3d856e3141f0575c6f52b7c1284ca5d0869d0607f1fd2bd64a7beeec2dd670
d27e2250f6eb0dd7c0ae3de14761d23645c55a0652ab66c7547720f923efbd61
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1
d825c0d315df557770c7bab47d4e1a00eacb92b69db886aefa09e8188bfa5729
d9cecb8407f1c1bcb730b2cb5960933d42f24205db904ffc3b1102abba02cb80
db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc1504c05d8c284b67765fead1043d40c118e8cb1ec352cf24ffd18bd44f0fa5
ddc0d620961d23877b7f4f19893f34cf07bf92a070d1ea8933e3fb2bb1bc3139
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5b52acd864989e82c33cb3804b891d41c3ec0db767737d0263ea85ee038ebd
e375ff1075fca5c444ce4b50e15948c3e3cec438086de08d426536e0cfeafff4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47be120b0bbd8ff8464ab1062fe9322d4d71c08e9dfa3c2546d959b501e7436
e64f39e509fcb7ecfef9df42c42514e0f8b05e706108c0b97829449f970e3515
e7df89359526cb5147f130526a4e2363c75dd9c443faa6ee745e1826936a9384
e9b6ced815028609e30a4be158b731d5727e6f8661e6cf2a6306015b06badf24
e9ea64c3c3ff820dbb890a70e4cf4f02a8111572a2d08adcac3ed2708b391017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a3f7202cba14fc1238b079f8ff4f90cd7869b8ab0cdcdae2063373d10b483
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
f5cfa4dea571178ea50a2704a4a7b65a6f62e813df946b655ebafff6248d1c64
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
f82e9f4417a7297b0b7a7053b9c5aab3f128a24c8b7711934a1e886de63b2a0e
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ffa2f2a884f83eec3a5b88e2afa5b4df2828ffbe12d3ac94dc74d757387e092d

ctf.hackthebox.com Open in urlscan Pro 109.176.239.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

98 %HTTPS

47 %IPv6

30 Domains

46 Subdomains

46 IPs

5 Countries

3323 kBTransfer

10730 kBSize

33 Cookies

8 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ctf.hackthebox.com Open in urlscan Pro
109.176.239.69 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

98 %
HTTPS

47 %
IPv6

30
Domains

46
Subdomains

46
IPs

5
Countries

3323 kB
Transfer

10730 kB
Size

33
Cookies

132 HTTP transactions
4 data transactions