| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8f33f56c329fe0b1570d2ee3e000ce4e b11fcecd7cc1210d3f3b4e1426a37d3cd138119e ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6706
Expires: Wed, 08 Mar 2023 06:02:50 GMT
Date: Wed, 08 Mar 2023 04:11:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7989fc4a69327c765a7e4e68f46c169b 1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5776
Expires: Wed, 08 Mar 2023 05:47:20 GMT
Date: Wed, 08 Mar 2023 04:11:04 GMT
Connection: keep-alive
|
|
| qr.blacksebo.de/ | 144.202.15.240 | 301 Moved Permanently | 162 B |
IP144.202.15.240:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Malware | | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 Mar 2023 04:11:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://qr.blacksebo.de/
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Mar 2023 04:08:46 GMT
content-type: application/json
age: 138
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha8901ec6f89f9452d6335be4dd3c3821 aca9da9cfc93413247952e224ac69d684f51d3ac 560f8228fedc912e05b84af1d19fcefca3fec82415180df5d18c5b2a3f533a68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560F8228FEDC912E05B84AF1D19FCEFCA3FEC82415180DF5D18C5B2A3F533A68"
Last-Modified: Tue, 07 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Wed, 08 Mar 2023 06:02:09 GMT
Date: Wed, 08 Mar 2023 04:11:04 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I3Gb7GXHqjxV8g3kVgG7ZcBQBO7Z0HGyWZUrYyvGXpcFeCOJF481r01Lpiy577+F/JSTuJkzvcg=
x-amz-request-id: MJS6AHT89FP920QE
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Mar 2023 03:35:28 GMT
age: 2136
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb95d53ffea1fa336ff4a7cf812140c0c ea1f09266cc790bd42dc2f152ca16a5da58b7968 afa3ce90a356638e6cccef9cc6cd8ed24677b8a9e71835b876d2aac25b606476
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFA3CE90A356638E6CCCEF9CC6CD8ED24677B8A9E71835B876D2AAC25B606476"
Last-Modified: Wed, 08 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 08 Mar 2023 10:10:53 GMT
Date: Wed, 08 Mar 2023 04:11:04 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Mar 2023 03:12:30 GMT
age: 3515
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.5 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (20164) Hashae393ccddfcfe335c9b29ee90aaf72cb 6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81 75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8
GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qr.blacksebo.de
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12637991
expires: Mon, 26 Feb 2024 04:11:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FZ4%2FBMY%2FZqs5DcaPC4YcJpDXUZB2kJ0qWSzES%2Brj16f1dwDt2dsuUcWOQim5tCrJV%2FOHEa8N%2BXXB5AD4KYcILPossxEku9PaZriq3SZ%2B97ZOoODZPCfGnaLLkTGaM7Sl1uukehp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a483b6d5ce1b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.3.1.slim.min.js | 69.16.175.42 | 200 OK | 24 kB |
URL HTTP/2code.jquery.com/jquery-3.3.1.slim.min.js IP69.16.175.42:0
File typeASCII text, with very long lines (65247) Hash0f2e7d37e730fdbb1d8a1e8638529ecb c21d16978a858baa75be15cb7e799ff000929429 cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qr.blacksebo.de
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Mar 2023 04:11:05 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1678248665.dop066.sk1.t,1678248665.cds068.sk1.hn,1678248665.cds230.sk1.c
X-Firefox-Spdy: h2
|
|
| qr.blacksebo.de/assets/css/main.css | 144.202.15.240 | 200 OK | 180 B |
URL HTTP/2qr.blacksebo.de/assets/css/main.css IP144.202.15.240:0
Hashf9310a9d78ccc5482d9e90b7537112dd c38e2fae18d3c35efb33900d6a85a0cc996e148f e908666d0a4a35e74d94defb18f2c66f83a62d7920c21a5b9bb2bf4303881069
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /assets/css/main.css HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: text/css
content-length: 180
x-accel-version: 0.01
last-modified: Tue, 20 Nov 2018 19:04:10 GMT
etag: "118-57b1d4c6c7e80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe40f37168f4abba1e0efa6ca4de1e709 731d36cf841f1b889d9dca71abf406a186325aed a9d8a1030ec5e70745f085f90e35a4b8832956ff20bd6719f3dbe6dd7291fc05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9D8A1030EC5E70745F085F90E35A4B8832956FF20BD6719F3DBE6DD7291FC05"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6768
Expires: Wed, 08 Mar 2023 06:03:53 GMT
Date: Wed, 08 Mar 2023 04:11:05 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.86.38.2 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.86.38.2:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GfwdiYcgMND3qOT3wNsKtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JbEujLs8Iw5jLrnr2NEmpAUkEQs=
|
|
| qr.blacksebo.de/assets/img/bg.png | 144.202.15.240 | 200 OK | 1.3 MB |
URL HTTP/2qr.blacksebo.de/assets/img/bg.png IP144.202.15.240:0
File typePNG image data, 1920 x 900, 8-bit/color RGBA, non-interlaced\012- data Size1.3 MB (1346825 bytes) Hash2f082bf1cbef0fda9bb0ce3843117840 e65d717a0dba6b80d73ad5afc0d23962f5ede1b4 86f9b0c8f6cb96805c8edfe4ef3a0d0681995f10fd88c4e01d6b9312a8a1da5e
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /assets/img/bg.png HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qr.blacksebo.de/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: image/png
content-length: 1346825
last-modified: Tue, 20 Nov 2018 19:02:06 GMT
etag: "5bf45a2e-148d09"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0ad01b9236cef16e2a27b5072869ce86 2080b5089717e80da4928358e628ec3a156889a8 8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Wed, 08 Mar 2023 05:51:32 GMT
Date: Wed, 08 Mar 2023 04:11:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0ad01b9236cef16e2a27b5072869ce86 2080b5089717e80da4928358e628ec3a156889a8 8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Wed, 08 Mar 2023 05:51:32 GMT
Date: Wed, 08 Mar 2023 04:11:06 GMT
Connection: keep-alive
|
|
| qr.blacksebo.de/assets/js/require.js | 144.202.15.240 | 200 OK | 17 kB |
URL HTTP/2qr.blacksebo.de/assets/js/require.js IP144.202.15.240:0
File typeASCII text, with very long lines (17629) Hash3b84256769bdea337026708741de74cb e4c814a28bbf2cc26749208ccc0a0b0ad0b7da1f bbc9fe197328530b56cb955660014d5d34d5395ecf26dedce9cbeb61465e269c
Analyzer | Verdict | Alert | fortinet | Malware | | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /assets/js/require.js HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: application/javascript
last-modified: Wed, 09 May 2018 11:02:04 GMT
etag: W/"5af2d52c-45a7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c7575fa-b99f-45e6-9dcd-b1abfb5f82f5.png | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c7575fa-b99f-45e6-9dcd-b1abfb5f82f5.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash230ce053ad29e104c716f0af41dacf30 284bcf13b87bfb125f05717de4750847fe83386e d7a906157555baf5933ce411e23158ff179677dae1d14caf12b61ffddd9e0507
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c7575fa-b99f-45e6-9dcd-b1abfb5f82f5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11459
x-amzn-requestid: e2723088-2fa1-4f61-be79-d4fa896b60ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BbhDGEEsIAMFc8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aee0-7f3a2d9f3c5bce3f4277f1a2;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: rtdExLKJ1RwlxlftsPyNZEddFqOSuLOEMrnQJou9kLTqYjtbr116RA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:19 GMT
age: 23387
etag: "284bcf13b87bfb125f05717de4750847fe83386e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b9125cf-f7a3-4e5a-a08b-5a4d575a74a4.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b9125cf-f7a3-4e5a-a08b-5a4d575a74a4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8a3157382cba898444000db29aa50d0d 19b5ad2e62ea7866ea182d36089f97564d2dcc80 dd9fcaca076517a17637bfbd2b33c6b148ca530d2c2100fba72f881d860c4890
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b9125cf-f7a3-4e5a-a08b-5a4d575a74a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11784
x-amzn-requestid: af462ef2-e0c3-4300-8fd5-ce98653ddb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU82MEJboAMFguA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050e8d-22585475022a1ea0311b99a3;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:50:05 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: fvaltzWesHlAZ2oXcDNFpnZD2pECiYBtaKx6k_lvV3ybJIBAfmncGA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:07:48 GMT
age: 25398
etag: "19b5ad2e62ea7866ea182d36089f97564d2dcc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd649076-65ef-4252-b786-9ca8da6a57a1.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd649076-65ef-4252-b786-9ca8da6a57a1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2d9b5552f48cd494bc8d5049b4791014 b06c25558644cabc6e36cef496e80a12db1557b8 3b11a6372e74805fff1099a6c719969f2093c0484d3746ddfbcd6fa393566c91
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd649076-65ef-4252-b786-9ca8da6a57a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11558
x-amzn-requestid: 8f14eb4d-f23a-4b96-b690-4a4132fb9ab3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_gHG5oAMFSIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec9-06c2581d177b126b1ff419e1;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ek1xPUDd567z8bnk88r7AsL654AQ3yn2FjkVR9XqdZniAUyjL3a2hQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:53:10 GMT
age: 22676
etag: "b06c25558644cabc6e36cef496e80a12db1557b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37ece9b2-aae4-4d23-bfb3-7f05cb233ec9.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37ece9b2-aae4-4d23-bfb3-7f05cb233ec9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb9be9bf929c52e34e0ce8d4445a4d180 2a1d0d6d3b97c60dd0be824b690ff1065791ade8 a0bf6f93dc3b40aa06693c40998a486af18648db8ba24486c7ad2abe41c5d0fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37ece9b2-aae4-4d23-bfb3-7f05cb233ec9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 7ace51d8-c6f7-4af6-b15b-195e9f0c02cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_TFS2IAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2e-7ff3c32c44da36b34fa05dac;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: NgMB_QT23wf_d2hCdy7wea2IigMwh8zWOMQ316nCU9yWLnTGK3v0TA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:02 GMT
etag: "2a1d0d6d3b97c60dd0be824b690ff1065791ade8"
content-type: image/jpeg
age: 23404
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash450e06cd480342c371770c69893f19a3 91c091d544cfcb72f1e081de195a2927e74027ab 7162c97a8ea4d2ba37b726ceb896b1efecef0270fa36849e0dfffa7f02896012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11781
x-amzn-requestid: c97573ab-cff0-4171-ac86-a2419621e88d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_EF3PoAMFmKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec6-46b98a74161f8b102e959658;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Wb825P6lL789CIxZc-vuHDNEmhz4P4Ek-pAU3oOu0pU-ge3jFS9ftw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:55:12 GMT
age: 22554
etag: "91c091d544cfcb72f1e081de195a2927e74027ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash308fb110544acb22af953d016e908dcb aac13edf8ff2a41fb20ee177e824a171bb5a6ca8 0165311d59648a7b0c88e8ba0633dbbae991e50103cdcd78846850c9bb6777aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 65d69b35-2088-4752-9673-18b3b1468a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_MGcJoAMFZcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2d-3ce87bad27a47f2718c8800e;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IhiC2vReq1QfGWg1mFk1FIHLU83zSyxn07tlxioX_zlizPRqxCnrDg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:02 GMT
age: 23411
etag: "aac13edf8ff2a41fb20ee177e824a171bb5a6ca8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| qr.blacksebo.de/favicon.ico | 144.202.15.240 | 404 Not Found | 0 B |
URL HTTP/2qr.blacksebo.de/favicon.ico IP144.202.15.240:0
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: text/html
last-modified: Tue, 02 Feb 2021 04:36:49 GMT
etag: W/"328-5ba5304d8dd18"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| qr.blacksebo.de/assets/js/awesome-qr.js | 144.202.15.240 | 200 OK | 0 B |
URL HTTP/2qr.blacksebo.de/assets/js/awesome-qr.js IP144.202.15.240:0
Analyzer | Verdict | Alert | fortinet | Malware | | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /assets/js/awesome-qr.js HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: application/javascript
last-modified: Wed, 09 May 2018 11:02:04 GMT
etag: W/"5af2d52c-177e7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| qr.blacksebo.de/ | 144.202.15.240 | 200 OK | 0 B |
IP144.202.15.240:0
Analyzer | Verdict | Alert | fortinet | Malware | | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: qr.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 04:11:04 GMT
content-type: text/html
last-modified: Wed, 21 Nov 2018 11:00:12 GMT
etag: W/"5bf53abc-3064"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css IP104.18.10.207:0
GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qr.blacksebo.de
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/21/2022 20:38:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 514fb0923bbae475a83054e5deb9f6de
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a483b6d590fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP104.18.10.207:0
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qr.blacksebo.de
Connection: keep-alive
Referer: https://qr.blacksebo.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Mar 2023 04:11:05 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/11/2022 02:42:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7c18950e7fdf876b380b4cbee7a1d2fc
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a483b6d6913b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|