blog.quarkslab.com
Open in
urlscan Pro
163.172.43.202
Public Scan
Submission: On February 13 via manual from US — Scanned from FR
Summary
TLS certificate: Issued by R3 on November 29th 2023. Valid for: 3 months.
This is the only time blog.quarkslab.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 163.172.43.202 163.172.43.202 | 12876 (Online SAS) (Online SAS) | |
32 | 1 |
ASN12876 (Online SAS, FR)
PTR: 163-172-43-202.rev.poneytelecom.eu
blog.quarkslab.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
quarkslab.com
blog.quarkslab.com |
2 MB |
32 | 1 |
Domain | Requested by | |
---|---|---|
32 | blog.quarkslab.com |
blog.quarkslab.com
|
32 | 1 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
blog.quarkslab.com R3 |
2023-11-29 - 2024-02-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://blog.quarkslab.com/dji-the-art-of-obfuscation.html
Frame ID: 07EDD674F0E62DD3416B949576261ABA
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
DJI - The ART of obfuscationDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Pygments (Miscellaneous) Expand
Detected patterns
- <link[^>]+pygments\.css["']
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
Title: Quarkslab's website
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: github
Search URL Search Domain Scan URL
Title: DJI Pilot
Search URL Search Domain Scan URL
Title: analysis
Search URL Search Domain Scan URL
Title: DxFx
Search URL Search Domain Scan URL
Title: Download link
Search URL Search Domain Scan URL
Title: issue
Search URL Search Domain Scan URL
Title: multidex
Search URL Search Domain Scan URL
Title: magic number
Search URL Search Domain Scan URL
Title: RC4
Search URL Search Domain Scan URL
Title: PRGA
Search URL Search Domain Scan URL
Title: DexPool
Search URL Search Domain Scan URL
Title: debug info offset
Search URL Search Domain Scan URL
Title: MD5
Search URL Search Domain Scan URL
Title: MD5 algorithm
Search URL Search Domain Scan URL
Title: CodePool._decrypt_chunk
Search URL Search Domain Scan URL
Title: BinHelper.code_pool_key
Search URL Search Domain Scan URL
Title: Android Runtime (ART)
Search URL Search Domain Scan URL
Title: Android Runtime — How Dalvik and ART work?
Search URL Search Domain Scan URL
Title: Java Language Specification
Search URL Search Domain Scan URL
Title: A few moments later...
Search URL Search Domain Scan URL
Title: dex::CodeItem
Search URL Search Domain Scan URL
Title: art::Method
Search URL Search Domain Scan URL
Title: Dex
Search URL Search Domain Scan URL
Title: MethodCipher
Search URL Search Domain Scan URL
Title: get in touch with us
Search URL Search Domain Scan URL
Title: Pelican
Search URL Search Domain Scan URL
Title: Bootstrap from Twitter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
dji-the-art-of-obfuscation.html
blog.quarkslab.com/ |
56 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
blog.quarkslab.com/theme/css/ |
96 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-responsive.min.css
blog.quarkslab.com/theme/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
blog.quarkslab.com/theme/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pygments.css
blog.quarkslab.com/theme/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
misc.css
blog.quarkslab.com/theme/css/ |
153 B 768 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
410 KB 411 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jadx-apk-packed.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load-native-library.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
classes-dex-entropy.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
decrypt-jar-128K-overview.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dex-rc4-keygen-cfg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
237 KB 238 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stolen-bytecode.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
debug-info-off.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
124 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dgc-entropy.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dgc-rc4-decrypt.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
104 KB 105 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
first-bytes-of-classes-dgc.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dgc-rc4-keygen-cfg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
256 KB 257 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mthfilekey-header.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
132 KB 133 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generate-sequence-cfg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
76 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dgc-index-layout.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dgc-code-item.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linker-cg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linker-callgraph-hook.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
147 KB 148 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patch-method-code-cfg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
106 KB 106 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hook-anatomy-cg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
170 KB 171 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
decrypt-method-code-cfg.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
115 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fixed-method.png
blog.quarkslab.com/resources/2024-02-06_dji-the-art-of-obfuscation/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.2.min.js
blog.quarkslab.com/theme/js/ |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
blog.quarkslab.com/theme/js/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmpleSoft.woff2
blog.quarkslab.com/theme/font/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
blog.quarkslab.com/theme/font/ |
23 KB 23 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
24 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; frame-src youtube.com www.youtube.com; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.quarkslab.com
163.172.43.202
0de0cf0ea9a3180e68c1fd76ff8b20f3cc930562f742363dbc6f63e1f2cdd16f
109d0d4b9daec297eff8c4004e83adcceedf501a3ba8ece257f7f4ee72414434
18a673faf9fd4c2bf42f74c6ceda110f01b35355cac65c02ce9769847e3b1da4
27a74bf4d4451c62ec861e029ed2f4bdcc055f1d121c4dec6c9587714de506af
4222ab710392927d3f94c0be426084fd634361b2cc00695d243ea1ce9ecc3723
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4edd5f0a95f4abbbd27768a4d1e429196546b09c019751a23b09baa3adbd8bdb
5e8f7b0683d28537e0115543c0a935ff8fde70a126c7d8a0557e2fdf3e6f4d75
63912d11c47230b535f7029ac88e27f21f2854afe6fa7038ebdb6b0ed806fc05
6b5ec6ab7d0f2420f0af60432c4662a3b728fb2ea67cf5fa34bf641970ddc764
6bd93fa34eb49c74fa5d7eee898d6d35ac1d1611b761ac7ebf0b6ad0fa456ac7
7784eb9db1f4d509fb4164d7521e80b38749e459f1d782ef8a2ec273e7a5cf23
82be1b68d37c671fe466f4be588535f29f495d932f15c9c34c87b94d1da6215a
8cf3c77f0b5b4c2e78937ee0b31b365e70ba37904a4e3382247857de5ff05402
a3c91be0d76456f66b6f9f76b12743719aafb14dcbf85fc1c0594df709e8717b
a60850edc6f9aad3cd2a9eef2dc896c1e364e785e3dbbe95020ef258bbc02c43
b07600209ce0240e49008c8dfffb7a9827f504f195adfe9ef6c6803652485464
b39f25e0c4dd828a8bfd96c1c7cce198555d6ec6e3a007ebb83fd568eddfc000
b46b3fb7f28f0ed5816ac5be8e62bca2447b5aff80a4f81483905b1563186756
b9daaa8284426659d51418d39fc815077b4a458865a9964849b76b22f9769b7f
cd9e21fb47ee9a9236e5e018ed827d728a2d96e3448c69d52e832d5620f3dfe8
d298572ab8e79110debd989aa505d24013ea3c3125c804d28520c66fd484cfd7
daafcf5b1d4b5b3bd4f0c6df3045dcca98a5b4776ee7567e803dbb48bb656b1f
dcf1d749d3cce3c08edc78b2c9b085c7ce1bb973f8449366ccfa5b8ebb9a96c4
dd61026570d3c7d41cc329bd720e9f08f53388c1f5c8d4271607f930fffb6648
df13a5bac0f10671b01c41890cce2d2b676312896e6a57153e8633050b86f8e5
e5f1bc63297d08bbc133078a9ce5a510bdaf2c2c34f5ef1900cea42cae6dfebc
ebeafa529f6206334e6c0faa1b63ef5df4b10038d24c3e7d68f31c696f62388a
ed13332b88b7a5ce77e3c15737eb3f648d3415e2f758946f2ebbea83b7393ccf
f3c4723cfc461d4d41b6baba6db7ed03c18a35ed9a46f600d2c955b0a813d51c
f5aeac09159f85051e247c3b4d1ebd61de2b14a066bb4c56ef39234e23d2837d
fd9de833874f5e4a32954a8150a2f701fb0081ced29f060bb775a8605bdae7ae