clashofclans.bplaced.net/sqlite3.dll
162.55.0.137403 Forbidden 1.7 kB URL User Request GET HTTP/1.1 clashofclans.bplaced.net/sqlite3.dll
IP 162.55.0.137:80
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (669)
Hash c377971577c4f07c49c74f6804b17a63
a06710fb36c0efd876316bff0169ea3e4365caad
c47e247b6c246dd4ebd12327d7db924ed6fc17859c38b9d0fa368408beaf3b32
NIDS Severity Alert suricata medium ET HUNTING HTTP GET Request for sqlite3.dll - Possible Infostealer Activity
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /sqlite3.dll HTTP/1.1
Host: clashofclans.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
x-bp-nsa-reqid: (null) a.14UID=453
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:29:29 GMT
etag: "1bbf-5ea8944ceff23-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1716
content-type: text/html
date: Fri, 02 Jun 2023 02:38:12 GMT
server: Apache
X-Firefox-Spdy: h2
clashofclans.bplaced.net/sqlite3.dll
162.55.0.137403 Forbidden 1.7 kB URL User Request GET HTTP/1.1 clashofclans.bplaced.net/sqlite3.dll
IP 162.55.0.137:80
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (669)
Hash c377971577c4f07c49c74f6804b17a63
a06710fb36c0efd876316bff0169ea3e4365caad
c47e247b6c246dd4ebd12327d7db924ed6fc17859c38b9d0fa368408beaf3b32
NIDS Severity Alert suricata medium ET HUNTING HTTP GET Request for sqlite3.dll - Possible Infostealer Activity
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /sqlite3.dll HTTP/1.1
Host: clashofclans.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 02 Jun 2023 02:38:13 GMT
Server: Apache
X-BP-NSA-REQID: (null) a.14UID=272
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 08 Oct 2022 17:29:29 GMT
ETag: "1bbf-5ea8944ceff23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1716
Keep-Alive: timeout=4, max=500
Content-Type: text/html
www.bplaced.net/css/error.css
162.55.0.137200 OK 3.7 kB URL GET HTTP/2 www.bplaced.net/css/error.css
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type ASCII text, with very long lines (16767), with no line terminators
Hash 2ef56c3bd3aaa724661d80228914e17c
6ae27642cd16aa84b8f4c6c7f5eeacf0f6266278
3c716474a426f71aac76bccf441f759ecf53c8a4ca07ac902459b5f501fb6aa0
GET /css/error.css HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://clashofclans.bplaced.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=769
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 17 Apr 2023 04:14:31 GMT
etag: "417f-5f9806d7ae5b9-gzip"
accept-ranges: bytes
cache-control: max-age=7200
expires: Fri, 02 Jun 2023 04:38:13 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-ua-compatible: IE=Edge,chrome=1
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: content: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net; style-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-inline'; media-src *;
content-length: 3745
content-type: text/css
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.bplaced.net/gfx/emblem_b_xs.png
162.55.0.137200 OK 2.1 kB URL GET HTTP/2 www.bplaced.net/gfx/emblem_b_xs.png
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type PNG image data, 87 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash 8b98f503aa5060a4e75d0fd6268528c3
e219138ca8aad32ab31d84e736d941a7e02b6398
d5049a8ae695852a6244bdc0ab6b69e11c016e8fb4b116ee8aea599f2ffbf086
GET /gfx/emblem_b_xs.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://clashofclans.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=354
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Mon, 16 Jan 2023 10:20:42 GMT
etag: "810-5f25eef85024d"
accept-ranges: bytes
content-length: 2064
cache-control: max-age=7200
expires: Fri, 02 Jun 2023 04:38:13 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.bplaced.net/gfx/error.jpeg
162.55.0.137200 OK 67 kB URL GET HTTP/2 www.bplaced.net/gfx/error.jpeg
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=bplaced, copyright=bplaced], comment: "(c) bplaced", baseline, precision 8, 734x421, components 3\012- data
Hash d8e461fb203971e359e8932334d21a14
4a8bea6b37aa7c35ae42ffb9ca419c4308e6ab80
fa4b417e2133117565c216db3a4e9372e83d9116349c2f4bc1f015dd5b85701c
GET /gfx/error.jpeg HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bplaced.net/css/error.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=201
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:29:29 GMT
etag: "10753-5ea8944cf8bc4"
accept-ranges: bytes
content-length: 67411
cache-control: max-age=7200
expires: Fri, 02 Jun 2023 04:38:13 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/jpeg
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.bplaced.net/fonts/opensans-semibold.ttf
162.55.0.137200 OK 21 kB URL GET HTTP/2 www.bplaced.net/fonts/opensans-semibold.ttf
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type TrueType Font data, 19 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash 09342995dee65977ca9ca4b6c169db10
1f528b0e2fda50194f5535b4aae9135d09088c45
29c5594bd8ff46379b4e16eb47e86609acf07d86c7f705933b53239fcb448839
GET /fonts/opensans-semibold.ttf HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://clashofclans.bplaced.net
DNT: 1
Connection: keep-alive
Referer: https://www.bplaced.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=1454
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:29:29 GMT
etag: "8188-5ea8944cf1e64-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-ua-compatible: IE=Edge,chrome=1
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: content: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net; style-src 'self' data: blob: https://www.bplaced.net https://my.bplaced.net https://stream.bplaced.net https://wiki.bplaced.net 'unsafe-inline'; media-src *;
content-length: 20754
content-type: font/ttf
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.bplaced.net/apple-touch-icon.png
162.55.0.137200 OK 14 kB URL GET HTTP/2 www.bplaced.net/apple-touch-icon.png
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e5bf6eb29acf4dbaeefb394df1891dd
c0efbf92b0f137491f6b41c12a04ad6de3e4d803
212e03824eb9396762716406c4c2fb9579e3f06cdd59d3f24d186ee7ab568ecc
GET /apple-touch-icon.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://clashofclans.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=264
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:32:41 GMT
etag: "36ce-5ea89503d99c5"
accept-ranges: bytes
content-length: 14030
cache-control: max-age=7200
expires: Fri, 02 Jun 2023 04:38:13 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.bplaced.net/favicon-16x16.png
162.55.0.137200 OK 993 B URL GET HTTP/2 www.bplaced.net/favicon-16x16.png
IP 162.55.0.137:443
ASN #24940 Hetzner Online GmbH
Requested by http://clashofclans.bplaced.net/sqlite3.dll
Certificate IssuerLet's Encrypt
Subjectbplaced.net
Fingerprint20:A7:17:28:98:5A:14:DB:85:B6:42:49:8A:43:BE:08:E7:26:48:61
ValidityThu, 01 Jun 2023 22:00:21 GMT - Wed, 30 Aug 2023 22:00:20 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1b5b251b2dbd0683c3ed1bb88d49105f
e4f97745a121662bc67f4a52fd536eeb795fc180
74f4659871fad068eeeee21f03a3f3241f7016f006e16019a8df59b102e4fe05
GET /favicon-16x16.png HTTP/1.1
Host: www.bplaced.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://clashofclans.bplaced.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-bp-nsa-reqid: (null) a.14UID=197
x-content-type-options: nosniff
x-frame-options: sameorigin
last-modified: Sat, 08 Oct 2022 17:32:41 GMT
etag: "3e1-5ea89503de7e6"
accept-ranges: bytes
content-length: 993
cache-control: max-age=7200
expires: Fri, 02 Jun 2023 04:38:13 GMT
x-ua-compatible: IE=Edge,chrome=1
vary: User-Agent
content-type: image/png
date: Fri, 02 Jun 2023 02:38:13 GMT
server: Apache
X-Firefox-Spdy: h2