Report - order.qdoba.com/

Report Overview

Visited public
2024-10-08 16:38:14
Tags
sinkhole suspicious cloudflare
Submit Tags
URL
order.qdoba.com/
Finishing URL
order.qdoba.com/
IP / ASN
172.64.144.75
#13335 CLOUDFLARENET
Title
Attention Required! | Cloudflare
Suspicious - Sinkholed / Blocked

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-07 19:37:44	327 B	887 B	23.36.77.32
order.qdoba.com	335655	1999-11-04	2019-07-15 20:42:13	2022-04-12 03:01:02	4.8 kB	48 kB	172.64.144.75
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2024-10-08 08:42:53	460 B	20 kB	104.16.79.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	order.qdoba.com/	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL order.qdoba.com/ IP 172.64.144.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 10:14 Times Seen5444262 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	order.qdoba.com/	ScriptElement	393 B	2023-04-05	2025-03-02
Pretty URL order.qdoba.com/ IP 172.64.144.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:39 Last Seen2025-03-02 06:13 Times Seen143291 Hash 34ad0a116707d3b794129a6720af92d7 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Loading...

	order.qdoba.com/	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL order.qdoba.com/ IP 172.64.144.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 10:14 Times Seen5444262 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-07-17
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-07-17 10:07 Times Seen91576 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	unknown	ScriptElement	236 B	2024-10-11	2024-10-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:48 Last Seen2024-10-11 08:48 Times Seen1 Hash 42ed6ba65091dfe581a77666f11aa2c2 80dcb35227af08594d71d040e9c242e2145074ac b354ea965bee0d841353efae663b46b3abf492f452a036ededd9b35db584b288 Loading...

	order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.1 kB	2024-10-11	2024-10-11
Pretty URL order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.64.144.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 08:48 Last Seen2024-10-11 08:48 Times Seen1 Hash d09f6ac327a424b772aa11512acc185e eefac4f7cdfe0443c81d8840c4c290cf285a241c 8043902ac3ba81ba3989765cce19d932f6f498825a6b84cdf240fa32363dc5a8 Loading...

	order.qdoba.com/	ScriptElement	923 B	2024-10-11	2024-10-11
Pretty URL order.qdoba.com/ IP 172.64.144.75 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-11 08:48 Last Seen2024-10-11 08:48 Times Seen1 Hash 46c04fcdca0bfe42c8e99d992fb21803 40c50920cd6073b9025f90843c33d2dc43dbf229 fec3653c8ef3404ce8f7018c86cedb0f656b741eacc5381dcf0fb34fa1e6327d Loading...

HTTP Transactions (13)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
33985775df7b619cb33f4050d88c5fb9
cf0b2ff92cd2f7e12ce788a164a73d75dea5da83
b6db380f5eeb73aa56abf90afa43b52cc9f51b01f33ad1eefeccc473a41ffb86

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6DB380F5EEB73AA56ABF90AFA43B52CC9F51B01F33AD1EEFECCC473A41FFB86"
Last-Modified: Tue, 08 Oct 2024 11:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2703
Expires: Tue, 08 Oct 2024 17:22:52 GMT
Date: Tue, 08 Oct 2024 16:37:49 GMT
Connection: keep-alive

GET order.qdoba.com/

172.64.144.75

403 Forbidden

2.4 kB

URL User Request GET HTTP/2
order.qdoba.com/
IP
172.64.144.75:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectorder.qdoba.com
FingerprintB2:C3:2F:BA:84:00:C5:7C:55:7D:84:AB:F4:CC:CD:C0:20:F4:C9:64
ValidityThu, 05 Sep 2024 02:03:47 GMT - Wed, 04 Dec 2024 02:03:46 GMT

File type
HTML document, ASCII text, with very long lines (1362)
Size
2.4 kB (2391 bytes)
Hash
7174e4a201739f0da0b7ddf3b5991041
6a2f7a7106e9322d59345826e78ca52dc5acb983
51564a7a05c3ca5228eb1d4f66cefaef5b9de8c09cd68c655743331ab7bcc3e3

HTTP Headers

GET / HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 08 Oct 2024 16:37:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Tue, 08 Oct 2024 16:38:04 GMT
Set-Cookie: __cf_bm=aCP3jo.jPV9MgFAo8jmZQ43yQW_Wt8rgYuzPcRkAK20-1728405469-1.0.1.1-bxSYxrLSOyIM_oTNpzf70brvCS5A.zo7yqDdn8yIVB5E4tA0FrXGhSH_xanYngwaSVVDvkl4WhZ9Scu7MiJRrgvWvGc59AAfXVTjT271i20; path=/; expires=Tue, 08-Oct-24 17:07:49 GMT; domain=.qdoba.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8cf78ec97a8b56a9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

GET order.qdoba.com/

172.64.144.75

403 Forbidden

6.9 kB

URL User Request GET HTTP/2
order.qdoba.com/
IP
172.64.144.75:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectorder.qdoba.com
FingerprintB2:C3:2F:BA:84:00:C5:7C:55:7D:84:AB:F4:CC:CD:C0:20:F4:C9:64
ValidityThu, 05 Sep 2024 02:03:47 GMT - Wed, 04 Dec 2024 02:03:46 GMT

File type
HTML document, ASCII text, with very long lines (24050)
Size
6.9 kB (6907 bytes)
Hash
27ad2f2426b91bbe87a8a875abe9448d
b9b6bf027476fbd631edafa8dfe14b2a37287fde
5782e625baae54deb74e7acd77b9ec357c552390cb5c14eab5f1b5c473ca60a0

HTTP Headers

GET / HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 08 Oct 2024 16:37:49 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 08 Oct 2024 16:38:04 GMT
set-cookie: __cf_bm=eNTgZiXQQnJSDEdbV_Y0c9sV.jmie2eS_eUjWmYvQpQ-1728405469-1.0.1.1-BITwng7Pttqwj57xpDdpcH1oy3mn94jiApKgJ05KcgJJBuY6hFypPFGqfeRNaVfrt6JoxXMuL2PbvsUsrUJ5MIe0MY.LNgNLejTPmSemcUM; path=/; expires=Tue, 08-Oct-24 17:07:49 GMT; domain=.qdoba.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf78ec8bb945693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET order.qdoba.com/cdn-cgi/images/browser-bar.png?1376755637

172.64.144.75

200 OK

715 B

URL GET HTTP/1.1
order.qdoba.com/cdn-cgi/images/browser-bar.png?1376755637
IP
172.64.144.75:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type
PNG image data, 960 x 53, 8-bit colormap, non-interlaced
Size
715 B (715 bytes)
Hash
226dcb8f6144bdaafdfbd8f2f354be64
3785cc5b3bf52f8e398177b0ff1020b24aa86b8c
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://order.qdoba.com/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 08 Oct 2024 16:37:50 GMT
Content-Type: image/png
Content-Length: 715
Connection: keep-alive
Last-Modified: Fri, 04 Oct 2024 15:34:46 GMT
ETag: "67000b16-2cb"
Server: cloudflare
CF-RAY: 8cf78ecb9e4356a9-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 08 Oct 2024 18:37:50 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

GET order.qdoba.com/cdn-cgi/images/cf-no-screenshot-error.png

104.18.43.181

200 OK

3.2 kB

URL GET HTTP/1.1
order.qdoba.com/cdn-cgi/images/cf-no-screenshot-error.png
IP
104.18.43.181:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type
PNG image data, 178 x 175, 8-bit colormap, non-interlaced
Size
3.2 kB (3213 bytes)
Hash
0d768cbc261841d3affc933b9ac3130e
aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://order.qdoba.com/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 08 Oct 2024 16:37:50 GMT
Content-Type: image/png
Content-Length: 3213
Connection: keep-alive
Last-Modified: Fri, 04 Oct 2024 15:34:46 GMT
ETag: "67000b16-c8d"
Server: cloudflare
CF-RAY: 8cf78ecb9e7f56b7-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 08 Oct 2024 18:37:50 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes

GET order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.64.144.75

302 Moved Temporarily

143 B

URL GET HTTP/1.1
order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.64.144.75:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Date: Tue, 08 Oct 2024 16:37:50 GMT
Content-Type: text/html
Content-Length: 143
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Set-Cookie: __cf_bm=6dBsqnDkDhkpTt5BGhFw3eWinSbn07dWQNy7vo6QApQ-1728405470-1.0.1.1-CKASfR1kJKGKFBrfEthAm08g.fx1bit7OgIIhcXeNTHNP6qku6w6aCexRIR_TtDwnLnadmxiOdwv7gvqrjH3LEaz9o5uQBUFuqyuNSmqqWE; path=/; expires=Tue, 08-Oct-24 17:07:50 GMT; domain=.qdoba.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8cf78ecc2f4856a9-OSL
alt-svc: h2=":443"; ma=60

GET order.qdoba.com/favicon.ico

104.18.43.181

403 Forbidden

1.7 kB

URL GET HTTP/1.1
order.qdoba.com/favicon.ico
IP
104.18.43.181:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type
HTML document, ASCII text, with very long lines (394)
Size
1.7 kB (1734 bytes)
Hash
ca9a7fdbf9c186cdf70bed04c1fb79c4
0c2c37532b694cbb0ce122c8daad8d6c64581bba
502872b9e6e02b0c1ae9d3558ef160ae3a4e81c7bdc48332150a14a7ff5968fb

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://order.qdoba.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 08 Oct 2024 16:37:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Tue, 08 Oct 2024 16:38:05 GMT
Set-Cookie: __cf_bm=V60G2.dY.6rlrGUl7XCjMM9wzjbHUts7ico6PSr3ShY-1728405470-1.0.1.1-3NTvnF6vPoTa61Piw79p978S3XqtDXjMfaCTOOCvrhFW9Vt3vrCkiwQu153TbcBNgcdyJr8FnkbgofPL75taMex_yOW_zXfdGj88PfxkDDs; path=/; expires=Tue, 08-Oct-24 17:07:50 GMT; domain=.qdoba.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8cf78ecc1f9e56b7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

POST order.qdoba.com/cdn-cgi/rum?

104.18.43.181

204 No Content

0 B

URL POST HTTP/1.1
order.qdoba.com/cdn-cgi/rum?
IP
104.18.43.181:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://order.qdoba.com/
content-type: application/json
Content-Length: 1028
Origin: http://order.qdoba.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Tue, 08 Oct 2024 16:37:50 GMT
Connection: keep-alive
access-control-allow-origin: http://order.qdoba.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
Server: cloudflare
CF-RAY: 8cf78ecc3fa2b518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

GET order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.64.144.75

302 Moved Temporarily

0 B

URL GET HTTP/1.1
order.qdoba.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.64.144.75:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=eNTgZiXQQnJSDEdbV_Y0c9sV.jmie2eS_eUjWmYvQpQ-1728405469-1.0.1.1-BITwng7Pttqwj57xpDdpcH1oy3mn94jiApKgJ05KcgJJBuY6hFypPFGqfeRNaVfrt6JoxXMuL2PbvsUsrUJ5MIe0MY.LNgNLejTPmSemcUM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 08 Oct 2024 16:37:50 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf78ecca818568f-OSL
X-Firefox-Spdy: h2

GET order.qdoba.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

172.64.144.75

200 OK

3.8 kB

URL GET HTTP/2
order.qdoba.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
IP
172.64.144.75:443
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/
Certificate
IssuerGoogle Trust Services
Subjectorder.qdoba.com
FingerprintB2:C3:2F:BA:84:00:C5:7C:55:7D:84:AB:F4:CC:CD:C0:20:F4:C9:64
ValidityThu, 05 Sep 2024 02:03:47 GMT - Wed, 04 Dec 2024 02:03:46 GMT

File type
gzip compressed data, from Unix
Size
3.8 kB (3842 bytes)
Hash
4fe40cb98d11ee7562afe6d7edbc53d6
d87d404058ebcc646df58b4a38aea33ee5accaf2
265c91b85660bc39825b0fa1835fd2c4680801e98b86773e931fd0952bffa529

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=eNTgZiXQQnJSDEdbV_Y0c9sV.jmie2eS_eUjWmYvQpQ-1728405469-1.0.1.1-BITwng7Pttqwj57xpDdpcH1oy3mn94jiApKgJ05KcgJJBuY6hFypPFGqfeRNaVfrt6JoxXMuL2PbvsUsrUJ5MIe0MY.LNgNLejTPmSemcUM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 16:37:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf78eccd862568f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

POST order.qdoba.com/cdn-cgi/challenge-platform/h/b/jsd/r/8cf78ec97a8b56a9

172.64.144.75

302 Moved Temporarily

0 B

URL POST HTTP/1.1
order.qdoba.com/cdn-cgi/challenge-platform/h/b/jsd/r/8cf78ec97a8b56a9
IP
172.64.144.75:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /cdn-cgi/challenge-platform/h/b/jsd/r/8cf78ec97a8b56a9 HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: http://order.qdoba.com/
Origin: http://order.qdoba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 405 Method Not Allowed
date: Tue, 08 Oct 2024 16:37:50 GMT
content-length: 0
allow: POST
set-cookie: __cf_bm=9ptklwnFHeNNo0NOA3ZcPtc2gqZNTCrw5_fJfOp9ipI-1728405470-1.0.1.1-imIM0SLWg9TO4uESVrpoA6QLqH.3kU_kERhLL4Haqoz0a3QcSr3li75IIC4xpHzAAYbXFrMouLBFonyvhUKcJcspUDbE0P21TFd.0Lcym9I; path=/; expires=Tue, 08-Oct-24 17:07:50 GMT; domain=.qdoba.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8cf78ece5b27568f-OSL
X-Firefox-Spdy: h2

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintFB:0A:B6:18:33:15:47:A9:D8:B5:ED:D3:1B:EE:13:FF:3F:80:C4:E6
ValidityTue, 03 Sep 2024 08:38:23 GMT - Mon, 02 Dec 2024 08:38:22 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://order.qdoba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 16:37:50 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf78ecb7e1056a9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET order.qdoba.com/cdn-cgi/styles/cf.errors.css

172.64.144.75

200 OK

24 kB

URL GET HTTP/1.1
order.qdoba.com/cdn-cgi/styles/cf.errors.css
IP
172.64.144.75:80
ASN
#13335 CLOUDFLARENET

Requested by
http://order.qdoba.com/

File type
ASCII text, with very long lines (24050)
Size
24 kB (24051 bytes)
Hash
5e8c69a459a691b5d1b9be442332c87d
f24dd1ad7c9080575d92a9a9a2c42620725ef836
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: order.qdoba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://order.qdoba.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 08 Oct 2024 16:37:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 04 Oct 2024 15:34:46 GMT
ETag: W/"67000b16-5df3"
Server: cloudflare
CF-RAY: 8cf78ecb2d9f56a9-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 08 Oct 2024 18:37:49 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type