hacktrickz.xyz Open in urlscan Pro
164.92.240.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hacktrickz.xyz/hackthebox-writeup-vessel/
Submission: On May 12 via api (May 12th 2023, 3:49:27 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 38 HTTP transactions. The main IP is 164.92.240.80, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is hacktrickz.xyz.
TLS certificate: Issued by R3 on April 12th 2023. Valid for: 3 months.

This is the only time hacktrickz.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	164.92.240.80 164.92.240.80	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	140.82.121.3 140.82.121.3	36459 (GITHUB) (GITHUB)
3	185.199.110.154 185.199.110.154	54113 (FASTLY) (FASTLY)
1	143.204.89.23 143.204.89.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:ee00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:4052	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a01:238:20a:... 2a01:238:20a:202:1086::	6724 (STRATO ST...) (STRATO STRATO AG)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
38	14

17 164.92.240.80 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

hacktrickz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.82.121.3 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.199.110.154 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-154.github.com

opengraph.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-23.fra50.r.cloudfront.net

www.stackhawk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ee00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:4052 (United States)

ASN13335 (CLOUDFLARENET, US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:238:20a:202:1086:: (Germany)

ASN6724 (STRATO STRATO AG, DE)

devel0pment.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	hacktrickz.xyz hacktrickz.xyz	890 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	8 KB
3	devel0pment.de devel0pment.de	41 KB
3	githubassets.com opengraph.githubassets.com — Cisco Umbrella Rank: 123243	276 KB
2	crowdstrike.com www.crowdstrike.com — Cisco Umbrella Rank: 150226	577 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	260 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	254 B
1	gstatic.com fonts.gstatic.com	18 KB
1	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3451	42 KB
1	stackhawk.com www.stackhawk.com	98 KB
1	github.com github.com — Cisco Umbrella Rank: 2781	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	869 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
38	13

	Domain	Requested by
17	hacktrickz.xyz	hacktrickz.xyz cdn.jsdelivr.net
4	cdnjs.cloudflare.com	hacktrickz.xyz cdnjs.cloudflare.com
3	devel0pment.de	hacktrickz.xyz devel0pment.de
3	opengraph.githubassets.com	hacktrickz.xyz
2	www.crowdstrike.com	hacktrickz.xyz
2	cdn.jsdelivr.net	hacktrickz.xyz
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	images.ctfassets.net	hacktrickz.xyz
1	www.stackhawk.com	hacktrickz.xyz
1	github.com	hacktrickz.xyz
1	fonts.googleapis.com	hacktrickz.xyz
1	www.googletagmanager.com	hacktrickz.xyz
38	13

This site contains links to these domains. Also see Links.

Domain
github.com
www.stackhawk.com
devel0pment.de
www.crowdstrike.com
ghost.org

Subject Issuer	Validity	Valid
hacktrickz.xyz R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
github.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.githubassets.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-10-05`	a year	crt.sh
*.stackhawk.com Amazon RSA 2048 M01	`2023-02-22` - `2023-10-20`	8 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh
crowdstrike.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-10` - `2023-06-13`	a year	crt.sh
www.devel0pment.de Encryption Everywhere DV TLS CA - G1	`2022-06-23` - `2023-07-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Frame ID: BCE21873BF4EDA9F893732DCC5F0544A
Requests: 35 HTTP requests in this frame

Frame: https://devel0pment.de/?p=2494&embed=true
Frame ID: 0A476DEE3067C394FB67CB34C13AB4A5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HackTheBox Writeup: Vessel

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

13
Subdomains

14
IPs

2
Countries

2323 kB
Transfer

3166 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/arthaud/git-dumper?ref=hacktrickz.xyz
Title: GitHub - arthaud/git-dumper: A tool to dump a git repository from a websiteA tool to dump a git repository from a website. Contribute to arthaud/git-dumper development by creating an account on GitHub.GitHubarthaud

Search URL Search Domain Scan URL

URL: https://www.stackhawk.com/blog/node-js-sql-injection-guide-examples-and-prevention/?ref=hacktrickz.xyz
Title: Node.js SQL Injection Guide: Examples and PreventionLearn about what Node.js SQL injection is, what a SQL injection attack looks like, and measures to prevent them.StackHawk

Search URL Search Domain Scan URL

URL: https://devel0pment.de/?p=2494&ref=hacktrickz.xyz
Title: From Single / Double Quote Confusion To RCE (CVE-2022-24637)

Search URL Search Domain Scan URL

URL: https://github.com/Open-Web-Analytics/Open-Web-Analytics/tree/1.7.3?ref=hacktrickz.xyz
Title: GitHub - Open-Web-Analytics/Open-Web-Analytics at 1.7.3Official repository for Open Web Analytics which is an open source alternative to commercial tools such as Google Analytics. Stay in control of the data you collect about the use of your website or...GitHubOpen-Web-Analytics

Search URL Search Domain Scan URL

URL: https://github.com/Lay0us1/CVE-2022-24637?ref=hacktrickz.xyz
Title: GitHub - Lay0us1/CVE-2022-24637: Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3 - GitHub - Lay0us1/CVE-2022-24637: Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3GitHubLay0us1

Search URL Search Domain Scan URL

URL: https://github.com/extremecoders-re/pyinstxtractor?ref=hacktrickz.xyz
Title: pyinstxtractor

Search URL Search Domain Scan URL

URL: https://github.com/rocky/python-uncompyle6/?ref=hacktrickz.xyz
Title: uncompyle6

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/cr8escape-new-vulnerability-discovered-in-cri-o-container-engine-cve-2022-0811/?ref=hacktrickz.xyz
Title: cr8escape: New Vulnerability in CRI-O Container Engine (CVE-2022-0811)Learn how CrowdStrike discovered a new vulnerability in the CRI-O Container Engine (CVE-2022-0811), and what organizations can do to remediate this vulnerability.crowdstrike.comJohn Walker - Manoj Ahuje

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Powered by Ghost

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hacktrickz.xyz/hackthebox-writeup-vessel/ 46 KB
12 KB 519ms
261ms Document
text/html 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

5fa312bccc13edc46e3c4f0ae5d72a055d802c0dafe8eae49804463074a89f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 15:49:21 GMT
etag: W/"b9ec-oo/mkaAhFSmzNSaPaawkf/AV8sE"
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express

GET
H2 200 screen.css
hacktrickz.xyz/assets/built/ 31 KB
7 KB 17ms
16ms Stylesheet
text/css 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/assets/built/screen.css?v=e1fa5a851e

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

d217a4cf99bef6ebb7ab2bf2aad457d3758265ad83b0fd74dc95359f3b19484a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 08 Sep 2022 14:08:14 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"7a08-1831d6e0bd7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 portal.min.js Show response
cdn.jsdelivr.net/ghost/portal@~2.29/umd/ 570 KB
164 KB 35ms
11ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/portal@~2.29/umd/portal.min.js

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8a6d7bf2743e253120c84f1632c958537cd44aa9671d84eae68910a8a730abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 May 2023 15:49:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 17805
x-jsd-version: 2.29.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 167724
x-served-by: cache-fra-eddf8230125-FRA
x-jsd-version-type: version
etag: W/"8e70f-uhaYkkO7aOh5rkw2v6QWMFLsULY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sodo-search.min.js Show response
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ 278 KB
96 KB 12ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 May 2023 15:49:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5142
x-jsd-version: 1.1.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 97869
x-served-by: cache-fra-eddf8230125-FRA
x-jsd-version-type: version
etag: W/"45786-t0fHZvCLfu76erNfK1qyBRpBWbw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cards.min.js Show response
hacktrickz.xyz/public/ 7 KB
2 KB 22ms
17ms Script
application/javascript 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/public/cards.min.js?v=e1fa5a851e

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: "431228c753b74a6958600d170f921e6d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 cards.min.css
hacktrickz.xyz/public/ 24 KB
5 KB 13ms
12ms Stylesheet
text/css 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/public/cards.min.css?v=e1fa5a851e

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

f12c88c3f270e3935f093c614ef24f6be1fc9f67068f2521e7a2e1361171b6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: "7c96d2f9fb728fe25004ce5098e520fd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 member-attribution.min.js Show response
hacktrickz.xyz/public/ 2 KB
1014 B 25ms
20ms Script
application/javascript 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/public/member-attribution.min.js?v=e1fa5a851e

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: "909b42c515ee6c2aece5a3f270049f98"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 57ms
26ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LXT3ZXT56K

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e30d96fc41ad0da5069521f7fba4ff720b3261a039972fab38a770da00eb463c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 15:49:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
869 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anonymous+Pro:400&display=swap

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a831e4b98308909c4124eaf8f6030eb6be28065c29f5bde20303f079ee4ba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 15:49:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 15:49:21 GMT

GET
H2 200 prism-tomorrow.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/ 1 KB
1 KB 36ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/themes/prism-tomorrow.min.css

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2677093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 472
last-modified: Sun, 17 Apr 2022 14:36:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "625c25f1-1d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtjDW%2FOEgsvnES56V1Oxt9K87YczIIyGgNPmFklmF%2BxHN3c06s6lgleL2712yvSdbwnjz88qM23YvcSqgp0mE3Bm4pDUJMigiF7sFj%2FNR4mkZEgXjbDhE2L2Pof8Fr%2FQLZ35mXhAXti6VSVGD7eFHSZ6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c63cfaafad968e9-FRA
expires: Wed, 01 May 2024 15:49:21 GMT

GET
H2 200 vessel.png
hacktrickz.xyz/content/images/size/w1200/2022/09/ 151 KB
152 KB 29ms
24ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/size/w1200/2022/09/vessel.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

27e308d267ecf603935ee25d830ed261aad807e7d6cc0e54e3c91af4bca49c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 14:54:58 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"25d23-18322bf2ea8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 154915

GET
H2 200 fluidicon.png
github.com/ 32 KB
33 KB 64ms
12ms Image
image/png 140.82.121.3
GITHUB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://github.com/fluidicon.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.121.3 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-121-3-fra.github.com

Software

GitHub.com /

Resource Hash

1bedd6a1948971f07970414717012503805309f25af0b2c542dbc3524b5880e9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:16 GMT
last-modified: Fri, 12 May 2023 03:37:31 GMT
server: GitHub.com
x-github-request-id: E876:B51A:1103A4AA:113F6435:645E6001
etag: "645db47b-81f6"
vary: Accept-Encoding, Accept, X-Requested-With
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
content-length: 33270

GET
H2 200 git-dumper
opengraph.githubassets.com/819a3a3f832a774fb89b2d87d9d6cd546e4552fa566f8686ba27b9e1a1715a7d/arthaud/ 109 KB
110 KB 75ms
2ms Image
image/png 185.199.110.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/819a3a3f832a774fb89b2d87d9d6cd546e4552fa566f8686ba27b9e1a1715a7d/arthaud/git-dumper

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-154.github.com

Software

Resource Hash

0b765756d73f9cc057bd7e4b687821bb67df87cec362890491b63233ef886f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-fastly-request-id: a99e06120f2e3246366799ee0a33b561647b691b
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 12 May 2023 15:49:21 GMT
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
age: 0
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 111746
x-xss-protection: 0
x-github-backend: Kubernetes
x-served-by: cache-iad-kjyo7100129-IAD, cache-fra-eddf8230061-FRA
referrer-policy: no-referrer
x-github-request-id: 2646:0D08:AEB6E:260E0C:644FA0F9
etag: W/"1b482-jRVQvP0qat8UorBpIi58ipBka/0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 59
x-download-options: noopen
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=21600, immutable
x-ratelimit-reset: 1682940641
x-ratelimit-limit: 100
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 icon-512x512.png
www.stackhawk.com/icons/ 96 KB
98 KB 85ms
11ms Image
image/png 143.204.89.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.stackhawk.com/icons/icon-512x512.png?v=70e1667376c636903177fbcd7172ca95

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-23.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8f0ab927082f1f6796388780cbde0eb2464af980eae5855c6107965a85a9dadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: xNuMxTNwlzSTfOfAfgSKH.cpuKqvEBd5
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
date: Fri, 12 May 2023 15:20:27 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1735
content-security-policy-report-only: report-uri https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31; report-to csp-endpoint; default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com https://*.litix.io https://*.wistia.com https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://www.google-analytics.com https://www.googleadservices.com https://api-iam.intercom.io https://*.ingest.sentry.io wss://nexus-websocket-a.intercom.io https://*.6sc.co; font-src https://js.intercomcdn.com https://*.wistia.com www.loom.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://*.wistia.com https://*.wistia.net www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://www.google-analytics.com https://www.google.com https://downloads.intercomcdn.com https://js.intercomcdn.com https://static.intercomassets.com https://www.googletagmanager.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://*.6sc.co; manifest-src 'self' https://accounts.google.com; media-src https://js.intercomcdn.com https://*.wistia.com https://*.wistia.net https://embedwistia-a.akamaihd.net https://www.stackhawk.com; prefetch-src 'self' https://js.hs-banner.com https://js.hs-analytics.net https://lltrck.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.wistia.net https://*.litix.io https://*.6sc.co https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://www.googleoptimize.com https://js.intercomcdn.com https://www.googleadservices.com; style-src 'self' 'unsafe-inline'; object-src 'none';
x-cache: Hit from cloudfront
content-length: 98325
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 24 May 2022 20:47:52 GMT
server: AmazonS3
etag: "33817702a7caed4ee91bd37cd296834a"
x-frame-options: DENY
report-to: {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://hawkablock.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/png
vary: Accept-Encoding
x-amz-cf-id: erzX7Dl00Vfy686kepuQLBBDrYMaOBQsj8gr-463gWYiGi6aUgq3gg==

GET
H2 200 nodejs-sql-injection-guide-examples-and-prevention-social.png
images.ctfassets.net/nx13ojx82pll/4U5qhwL0HfQB8aUezkczrh/d3860c349bfdf05b264ac78fa2c19a43/ 42 KB
42 KB 72ms
10ms Image
image/png 2600:9000:211e:ee00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/nx13ojx82pll/4U5qhwL0HfQB8aUezkczrh/d3860c349bfdf05b264ac78fa2c19a43/nodejs-sql-injection-guide-examples-and-prevention-social.png?w=1200&h=627&q=90&fm=png
Requested by: Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ee00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4b57b8ec63ad078a71600ba0800cf81c1d030e62c794b8dc11be4ad75a7a76f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified: Mon, 01 May 2023 14:20:52 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "5fc18ad314a39edc275b86091cea711f"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 42604
x-amz-cf-id: o1Ee9RfOg_m1a_BFVX05KeDVKIVHld1PiDGemsKO1Vsx_x57gPDzzw==

GET
H2 200 Open-Web-Analytics
opengraph.githubassets.com/9985b76d657de22957b33126cf044902eb265a527213a0306f7773f105fece3a/Open-Web-Analytics/ 77 KB
77 KB 78ms
5ms Image
image/png 185.199.110.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/9985b76d657de22957b33126cf044902eb265a527213a0306f7773f105fece3a/Open-Web-Analytics/Open-Web-Analytics

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-154.github.com

Software

Resource Hash

fc28f2ff0ce3ea70b23c232cee5c3a0399723c1762ea15d129015c9f20bfd505

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-fastly-request-id: 32c10f7cd7c78884dd5df8f9df046dae4697dcc1
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 12 May 2023 15:49:21 GMT
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
age: 0
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 78716
x-xss-protection: 0
x-github-backend: Kubernetes
x-served-by: cache-iad-kcgs7200107-IAD, cache-fra-eddf8230061-FRA
referrer-policy: no-referrer
x-github-request-id: FEDE:47F0:634D90:1013B2C:645A697C
etag: W/"1337c-6VfeRq89JYusnZO08SfxHGAub7I"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 36
x-download-options: noopen
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=21600, immutable
x-ratelimit-reset: 1683646959
x-ratelimit-limit: 100
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 CVE-2022-24637
opengraph.githubassets.com/94b2ff4818518049b66180d35662e02759d7de0acab4f59c01f2126f661066e3/Lay0us1/ 89 KB
89 KB 96ms
24ms Image
image/png 185.199.110.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/94b2ff4818518049b66180d35662e02759d7de0acab4f59c01f2126f661066e3/Lay0us1/CVE-2022-24637

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-154.github.com

Software

Resource Hash

26e901f3debecc42964e70e0a328a872c7aada4b78577303003f44e83d4d3cf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-fastly-request-id: 15400a1a409b035939c90d3aa90cb93038435ff3
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 12 May 2023 15:49:21 GMT
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
age: 0
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 90827
x-xss-protection: 0
x-github-backend: Kubernetes
x-served-by: cache-iad-kjyo7100150-IAD, cache-fra-eddf8230061-FRA
referrer-policy: no-referrer
x-github-request-id: 69E6:2778:363B0:37F640:64439712
etag: W/"162cb-H+F+RimXMTtXQdsqkj+5vdvmkjI"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 64
x-download-options: noopen
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=21600, immutable
x-ratelimit-reset: 1682151609
x-ratelimit-limit: 100
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 favicon-96x96.png
www.crowdstrike.com/wp-content/uploads/2018/09/ 3 KB
3 KB 130ms
56ms Image
image/png 2606:4700::6812:4052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2018/09/favicon-96x96.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3863b23eb007d405fd80924f499fa54a178bc0a8009496c104271f3cf6732642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-version-id: gYuU6cmGtiFfEdetta0w2aXqaVtPLeSt
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 2800
last-modified: Fri, 12 May 2023 15:48:43 GMT
server: cloudflare
etag: "4a45a80764ed940d22195c87571e4162-1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c63cfabd8682bca-FRA
x-amz-cf-id: a1sgJm4t4bfsYsLXNXINtYIR4GsdZGsUgmYRMgVFfyD3wBze5z1FgQ==
expires: Fri, 12 May 2023 19:49:21 GMT

GET
H2 200 Blog_1060x698-4.jpeg
www.crowdstrike.com/wp-content/uploads/2022/03/ 573 KB
574 KB 118ms
45ms Image
image/jpeg 2606:4700::6812:4052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2022/03/Blog_1060x698-4.jpeg

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb0ec905339128bc54bc821d9b8c2931b1199c815b7df45360baa43078c4e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: eau9Bi.oE1MDW9xX4lEWk2reE5oJiLPG
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 586575
last-modified: Wed, 08 Jun 2022 18:22:15 GMT
server: cloudflare
etag: "c7b1bf6df6f12dc2fb51cb4248591a99-1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c63cfabd8692bca-FRA
x-amz-cf-id: Ov6CcYcRsMRskRWgn1Ae8arZJnsdjZbxHnA7o1ALMM9g2ZAbtcn3pA==
expires: Fri, 12 May 2023 19:49:21 GMT

GET
H2 200 main.min.js Show response
hacktrickz.xyz/assets/built/ 49 KB
18 KB 23ms
18ms Script
application/javascript 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/assets/built/main.min.js?v=e1fa5a851e

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

d94d6fcc74b3c231f80dc83c1fc46eba7c5f84d039359a6c77fabe0930a7012e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 08 Sep 2022 14:08:14 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"c532-1831d6e0bd7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 prism-core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/ 7 KB
3 KB 20ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-core.min.js

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2624d4f66cc5f171cd460896b106630f7666a1e638b42dd9ddefd0ca7758683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10868203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2815
last-modified: Sun, 17 Apr 2022 14:36:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "625c25f1-aff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nvWtb7zYPQmLBQdE85MjUSxmoNCXkc47HbiqK5mdf8FQbsDuX%2FXzg3SJCtET%2F0giVPfz7IOf5Zn6khLhf5OjT3FEypo8aBW4b1GksF%2Bt5rH%2FcHUnXrARLHNu0%2FdrnqygjFMjnM5TfM7dYAJOp8VuOT2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c63cfab6b8068e9-FRA
expires: Wed, 01 May 2024 15:49:21 GMT

GET
H2 200 prism-autoloader.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/ 6 KB
2 KB 21ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74beaf9148829f7d253d337d715ae6407a39510984c0332bc76a69024e088559

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1355519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2164
last-modified: Sun, 17 Apr 2022 14:36:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "625c25f1-874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Bq2GQz8m8DMnSoV730vIywc5WwHUrN%2FEg2akDiU%2FKHIpshf%2FEs7yuF35f9xGZy%2FlX%2FdnD3ZnWgrDDN4%2FJ1RdisdfbuEdBZaoeBsWupIOetna01p6KhCKbO7HyvRGXbZrVFyYZZYmc7z30TRTZ1xv0OO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c63cfab6b8168e9-FRA
expires: Wed, 01 May 2024 15:49:21 GMT

GET
H2 200 / Show response
devel0pment.de/ Frame 0A47 19 KB
20 KB 870ms
225ms Document
text/html 2a01:238:20a:202:1086::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://devel0pment.de/?p=2494&embed=true
Requested by: Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1086:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.57 (Unix) / PHP/8.0.28
Resource Hash: 7e461d4b84fdd9465347bc63c2488b68b536d21a96f41dbb059274b2c4818350

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 15:49:22 GMT
link: <https://devel0pment.de/index.php?rest_route=/>; rel="https://api.w.org/" <https://devel0pment.de/index.php?rest_route=/wp/v2/posts/2494>; rel="alternate"; type="application/json" <https://devel0pment.de/?p=2494>; rel=shortlink
server: Apache/2.4.57 (Unix)
vary: User-Agent
x-pingback: https://devel0pment.de/xmlrpc.php
x-powered-by: PHP/8.0.28
x-wp-embed: true

GET
H2 200 rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2
fonts.gstatic.com/s/anonymouspro/v21/ 17 KB
18 KB 58ms
3ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anonymouspro/v21/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Anonymous+Pro:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hacktrickz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 19:04:11 GMT
x-content-type-options: nosniff
age: 593110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:59:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 19:04:11 GMT

GET
H2 200 image-26.png
hacktrickz.xyz/content/images/size/w1000/2022/09/ 45 KB
45 KB 26ms
21ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/size/w1000/2022/09/image-26.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

e99ff5e9c991d75b0e8ce387e1ffdfc2cfee995a1b49b27685bc7ba6b602072e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 14:54:58 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"b34f-18322bf2ecc"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45903

GET
H2 200 image-28.png
hacktrickz.xyz/content/images/size/w1000/2022/09/ 420 KB
421 KB 30ms
25ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/size/w1000/2022/09/image-28.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

8e0296a2933193d1123ca3d5d48f56a7e9d006edcf919d73088a9db8f3ee6f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 14:54:58 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"68fc1-18322bf2f30"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 430017

GET
H2 200 image-27.png
hacktrickz.xyz/content/images/2022/09/ 47 KB
48 KB 19ms
15ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/2022/09/image-27.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

ea55a7ef2e2696de3482690b1e5a54b5cc9e3480e43b54823f20e1e2a53b105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 22:22:12 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"bd41-1831f324857"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48449

GET
H2 200 image-29.png
hacktrickz.xyz/content/images/2022/09/ 40 KB
41 KB 23ms
19ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/2022/09/image-29.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

de7c99c3a687a759231b4df133305d978d8855cee6008cbee6d4a0f8ca476628

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 22:48:45 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"a169-1831f4a97e2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 41321

GET
H2 200 image-30.png
hacktrickz.xyz/content/images/2022/09/ 85 KB
85 KB 24ms
20ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/2022/09/image-30.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

980c9818f5f16c095d0475c3899513f7788dae212826414cb49d3dd08220ef5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 23:16:59 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"15460-1831f646efa"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 87136

GET
H2 200 image-31.png
hacktrickz.xyz/content/images/size/w1000/2022/09/ 50 KB
50 KB 35ms
31ms Image
image/png 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hacktrickz.xyz/content/images/size/w1000/2022/09/image-31.png

Requested by

Host: hacktrickz.xyz
URL: https://hacktrickz.xyz/hackthebox-writeup-vessel/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

cdae41465e6c4df98f021ea3be312c1509b79c316d7e272c8212786c574390c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 14:55:02 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"c7d3-18322bf4150"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51155

GET
H2 204 /
hacktrickz.xyz/members/api/member/ 0
0 18ms
18ms Fetch 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/members/api/member/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.29/umd/portal.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

GET
H3 200 prism-python.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/ 2 KB
2 KB 28ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/components/prism-python.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prism/1.28.0/plugins/autoloader/prism-autoloader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4385685bcf2d4935c8dbbab4bde16603da1329e092d2bf36c3dadd67e9a85c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5508056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 988
last-modified: Sun, 17 Apr 2022 14:36:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "625c25f1-3dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhadOGfHAJPxM%2BUWQs3IA8%2FISi%2FBmcIJqRANF1a2kja7WGnnweZekm4J%2FuvKioEHIhGKlAHOgtYW%2F5QOgRfALPyBeJr40Ipf%2F9NSkeNjd3xZuoWpzR9xIZ94Wxk33OjrHj%2BEoJNSXyZXOVMqvV1J4nwV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c63cfad284a9296-FRA
expires: Wed, 01 May 2024 15:49:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 353ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LXT3ZXT56K&gtm=45je35a0&_p=1548566165&cid=1984415258.1683906562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683906562&sct=1&seg=0&dl=https%3A%2F%2Fhacktrickz.xyz%2Fhackthebox-writeup-vessel%2F&dt=HackTheBox%20Writeup%3A%20Vessel&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LXT3ZXT56K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 15:49:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hacktrickz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
hacktrickz.xyz/ghost/api/content/settings/ 3 KB
2 KB 118ms
117ms Fetch
application/json 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/ghost/api/content/settings/?key=2953bc589a82d825f714498425&limit=all

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.29/umd/portal.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

f6252b7d730347123b9159fef2a2ee356d74bfb88865a637ef4a0d7ed61af350

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"c17-W484T9vGbj7/Bcxb2b7Q1+R0gqc"
vary: Accept-Version, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-version: v5.43

GET
H2 200 / Show response
hacktrickz.xyz/ghost/api/content/tiers/ 702 B
1 KB 119ms
118ms Fetch
application/json 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/ghost/api/content/tiers/?key=2953bc589a82d825f714498425&limit=all&include=monthly_price,yearly_price,benefits

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.29/umd/portal.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

45d26cdc51501d0bc7d97473096feab3a26395deaf0802687ad39639f180dba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2be-qUeXHPChESu93mB8V0NtZ3U07oM"
vary: Accept-Version, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-version: v5.43
content-length: 702

GET
H2 200 / Show response
hacktrickz.xyz/ghost/api/content/newsletters/ 467 B
804 B 118ms
117ms Fetch
application/json 164.92.240.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hacktrickz.xyz/ghost/api/content/newsletters/?key=2953bc589a82d825f714498425&limit=all

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.29/umd/portal.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

164.92.240.80 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

a1b9e926d41a00df1d1a34e9f4be5c5802c734f3d20499a0ab96146e011da8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hacktrickz.xyz/hackthebox-writeup-vessel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"1d3-528jBA2rexFxGlefa/o2ADa5jlc"
vary: Accept-Version, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-version: v5.43
content-length: 467

GET
H2 200 wp-emoji-release.min.js Show response
devel0pment.de/wp-includes/js/ Frame 0A47 18 KB
18 KB 34ms
33ms Script
application/javascript 2a01:238:20a:202:1086::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://devel0pment.de/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: devel0pment.de
URL: https://devel0pment.de/?p=2494&embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1086:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.57 (Unix) /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
last-modified: Thu, 06 Apr 2023 14:34:18 GMT
server: Apache/2.4.57 (Unix)
accept-ranges: bytes
etag: "4904-5f8abcdc2925b"
content-length: 18692
content-type: application/javascript

GET
H2 200 w-logo-blue.png
devel0pment.de/wp-includes/images/ Frame 0A47 3 KB
3 KB 44ms
43ms Image
image/png 2a01:238:20a:202:1086::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devel0pment.de/wp-includes/images/w-logo-blue.png
Requested by: Host: devel0pment.de
URL: https://devel0pment.de/?p=2494&embed=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:238:20a:202:1086:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.57 (Unix) /
Resource Hash: a8c9355719e180f67753c823b87c29f40e21df91c20b44eb92d4cb36ef575d09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:49:22 GMT
last-modified: Thu, 18 Jan 2018 19:39:21 GMT
server: Apache/2.4.57 (Unix)
accept-ranges: bytes
etag: "c29-563121ecf0c40"
content-length: 3113
content-type: image/png

GET
DATA 200
OK truncated
/ Frame 0A47 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame 0A47 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame 0A47 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hacktrickz.xyz/	1970-01-20 21:21:06	Name: _ga_LXT3ZXT56K Value: GS1.1.1683906562.1.0.1683906562.0.0.0
			.hacktrickz.xyz/	1970-01-20 21:21:06	Name: _ga Value: GA1.1.1984415258.1683906562

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
devel0pment.de
fonts.googleapis.com
fonts.gstatic.com
github.com
hacktrickz.xyz
images.ctfassets.net
opengraph.githubassets.com
region1.google-analytics.com
www.crowdstrike.com
www.googletagmanager.com
www.stackhawk.com
140.82.121.3
143.204.89.23
164.92.240.80
185.199.110.154
2001:4860:4802:32::36
2600:9000:211e:ee00:12:94b3:c380:93a1
2606:4700::6811:180e
2606:4700::6812:4052
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::200a
2a01:238:20a:202:1086::
2a04:4e42::485
0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605
0b765756d73f9cc057bd7e4b687821bb67df87cec362890491b63233ef886f11
148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0
1a831e4b98308909c4124eaf8f6030eb6be28065c29f5bde20303f079ee4ba47
1b15fe2971998a048aebb60f26f6eed76122071db9ef3b995abd003224f52a98
1bedd6a1948971f07970414717012503805309f25af0b2c542dbc3524b5880e9
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
26e901f3debecc42964e70e0a328a872c7aada4b78577303003f44e83d4d3cf8
27e308d267ecf603935ee25d830ed261aad807e7d6cc0e54e3c91af4bca49c89
2cb0ec905339128bc54bc821d9b8c2931b1199c815b7df45360baa43078c4e8d
3863b23eb007d405fd80924f499fa54a178bc0a8009496c104271f3cf6732642
45d26cdc51501d0bc7d97473096feab3a26395deaf0802687ad39639f180dba8
4b57b8ec63ad078a71600ba0800cf81c1d030e62c794b8dc11be4ad75a7a76f2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5fa312bccc13edc46e3c4f0ae5d72a055d802c0dafe8eae49804463074a89f55
74beaf9148829f7d253d337d715ae6407a39510984c0332bc76a69024e088559
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
7e461d4b84fdd9465347bc63c2488b68b536d21a96f41dbb059274b2c4818350
8e0296a2933193d1123ca3d5d48f56a7e9d006edcf919d73088a9db8f3ee6f98
8f0ab927082f1f6796388780cbde0eb2464af980eae5855c6107965a85a9dadb
980c9818f5f16c095d0475c3899513f7788dae212826414cb49d3dd08220ef5b
a1b9e926d41a00df1d1a34e9f4be5c5802c734f3d20499a0ab96146e011da8b9
a8c9355719e180f67753c823b87c29f40e21df91c20b44eb92d4cb36ef575d09
b8a6d7bf2743e253120c84f1632c958537cd44aa9671d84eae68910a8a730abd
cdae41465e6c4df98f021ea3be312c1509b79c316d7e272c8212786c574390c4
d217a4cf99bef6ebb7ab2bf2aad457d3758265ad83b0fd74dc95359f3b19484a
d94d6fcc74b3c231f80dc83c1fc46eba7c5f84d039359a6c77fabe0930a7012e
de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738
de7c99c3a687a759231b4df133305d978d8855cee6008cbee6d4a0f8ca476628
e2624d4f66cc5f171cd460896b106630f7666a1e638b42dd9ddefd0ca7758683
e30d96fc41ad0da5069521f7fba4ff720b3261a039972fab38a770da00eb463c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99ff5e9c991d75b0e8ce387e1ffdfc2cfee995a1b49b27685bc7ba6b602072e
ea55a7ef2e2696de3482690b1e5a54b5cc9e3480e43b54823f20e1e2a53b105b
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58
ed4385685bcf2d4935c8dbbab4bde16603da1329e092d2bf36c3dadd67e9a85c
f12c88c3f270e3935f093c614ef24f6be1fc9f67068f2521e7a2e1361171b6bc
f6252b7d730347123b9159fef2a2ee356d74bfb88865a637ef4a0d7ed61af350
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
fc28f2ff0ce3ea70b23c232cee5c3a0399723c1762ea15d129015c9f20bfd505

hacktrickz.xyz Open in urlscan Pro 164.92.240.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

69 %IPv6

13 Domains

13 Subdomains

14 IPs

2 Countries

2323 kBTransfer

3166 kBSize

2 Cookies

9 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hacktrickz.xyz Open in urlscan Pro
164.92.240.80 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

13
Subdomains

14
IPs

2
Countries

2323 kB
Transfer

3166 kB
Size

2
Cookies

38 HTTP transactions
3 data transactions