infosec.pub Open in urlscan Pro
46.4.254.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://infosec.pub/post/10543480
Submission: On April 25 via api (April 25th 2024, 11:18:57 pm UTC) from LU — Scanned from DE

Summary HTTP 20 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 46.4.254.144, located in Bad Muenstereifel, Germany and belongs to HETZNER-AS, DE. The main domain is infosec.pub.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.

This is the only time infosec.pub was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	46.4.254.144 46.4.254.144	24940 (HETZNER-AS) (HETZNER-AS)
2	2400:52e0:1e0... 2400:52e0:1e00::1048:1	200325 (BUNNYCDN) (BUNNYCDN)
20	2

18 46.4.254.144 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.254.4.46.clients.your-server.de

infosec.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1048:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.masto.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	infosec.pub infosec.pub	1 MB
2	masto.host cdn.masto.host — Cisco Umbrella Rank: 284318	77 KB
20	2

	Domain	Requested by
18	infosec.pub	infosec.pub
2	cdn.masto.host	infosec.pub
20	2

This site contains links to these domains. Also see Links.

Domain
join-lemmy.org
tukaani.org
shellsharks.social
shellsharks.com
github.com

Subject Issuer	Validity	Valid
infosec.pub R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
cdn.masto.host R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://infosec.pub/post/10543480
Frame ID: B16667493E0F071291B597DCF8FB0283
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XZ Utils backdoor - Infosec.Pub

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1440 kB
Transfer

4731 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://join-lemmy.org/donate
Title: heartSupport Lemmy

Search URL Search Domain Scan URL

URL: https://tukaani.org/xz-backdoor/
Title: XZ Utils backdoor

Search URL Search Domain Scan URL

URL: https://shellsharks.social/users/shellsharks/statuses/112197353082435135
Title: fedilink

Search URL Search Domain Scan URL

URL: https://shellsharks.com/xz-compromise-link-roundup
Title: https://shellsharks.com/xz-compromise-link-roundup

Search URL Search Domain Scan URL

URL: https://join-lemmy.org/docs/en/index.html
Title: Docs

Search URL Search Domain Scan URL

URL: https://github.com/LemmyNet
Title: Code

Search URL Search Domain Scan URL

URL: https://join-lemmy.org/
Title: join-lemmy.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 10543480 Show response
infosec.pub/post/ 52 KB
16 KB 111ms
76ms Document
text/html 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

203252bb3f744ecda48e0cbe8728d18939d6dc2cd8ebf7df8ac22196829cf3e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-3d08060ca3ea7bacbd3b59dade6e01e4'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-3d08060ca3ea7bacbd3b59dade6e01e4'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 23:18:53 GMT
etag: W/"ce51-Jzbrh8IulMYiG+J7ZshzIX+6f0c"
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
infosec.pub/static/1787a778/styles/ 93 KB
19 KB 14ms
14ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/static/1787a778/styles/styles.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

55117f56845ffdb5326e48ed29911a62e4ed8025c185ed12d46f8849d025bf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:23 GMT
server: nginx
x-powered-by: Express
etag: W/"175e3-18d3177fa78"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400, immutable
x-xss-protection: 1; mode=block

GET
H2 200 litely.css
infosec.pub/css/themes/ 265 KB
46 KB 13ms
13ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/themes/litely.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

3a7bbeed721548af05ef239980497d5fb21280144acca48d96ce6d95feda70a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-8dffcb71c66305dcaa3fcdc4b4c6597a'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-8dffcb71c66305dcaa3fcdc4b4c6597a'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"4230b-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 atom-one-light.css
infosec.pub/css/code-themes/ 856 B
900 B 14ms
13ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/code-themes/atom-one-light.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

593ee2475d42ac9ae701a177a353825bd661b6249fa1ad4bad232540825e9e83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-cef766b0dc53cb663085304a9dc70e60'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-cef766b0dc53cb663085304a9dc70e60'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"358-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 client.js Show response
infosec.pub/static/1787a778/js/ 3 MB
1 MB 21ms
21ms Script
application/javascript 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/static/1787a778/js/client.js

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

b4c6870f0744dc7891b08febe91b915ce725f355543717412b5162c51f1bb048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:23 GMT
server: nginx
x-powered-by: Express
etag: W/"326d11-18d3177fa78"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400, immutable
x-xss-protection: 1; mode=block

GET
H2 200 darkly.css
infosec.pub/css/themes/ 264 KB
45 KB 20ms
20ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/themes/darkly.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

1475323b1d9cbaf4006e23b29bff7b1954945b6b107890cfe8815129f0257aec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-37a3b7a727b52cdd1a631d728c401217'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-37a3b7a727b52cdd1a631d728c401217'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"41e99-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 atom-one-dark.css
infosec.pub/css/code-themes/ 856 B
900 B 34ms
33ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/code-themes/atom-one-dark.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

4237ffca7ce6aadb438c457e0a675b125c534bbdda5b87f41f3a1495603bcc9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-56f05f81ac655213f52c4dba6d7a7d2e'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-56f05f81ac655213f52c4dba6d7a7d2e'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"358-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 symbols.svg
infosec.pub/static/1787a778/assets/ 67 KB
23 KB 36ms
36ms Other
image/svg+xml 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/static/1787a778/assets/symbols.svg

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

1241b0371c05179fcf1391d1613d070574c06c718719ee8fbef94ffdcb29983a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
x-powered-by: Express
etag: W/"10b52-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400, immutable
x-xss-protection: 1; mode=block

GET
H2 200 icon-96x96.png
infosec.pub/static/1787a778/assets/icons/ 3 KB
4 KB 25ms
25ms Image
image/png 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/static/1787a778/assets/icons/icon-96x96.png

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

5636c599359893f45df9f9049258dfb8e6534ab0b4b5ce862d1fc96ad65adec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
x-powered-by: Express
etag: W/"dd7-18d3177cf80"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400, immutable
accept-ranges: bytes
content-length: 3543
x-xss-protection: 1; mode=block

GET
H2 200 2ecd28fc2741ff0e.png
cdn.masto.host/shellsharkssocial/accounts/avatars/112/139/341/516/955/504/original/ 76 KB
77 KB 72ms
13ms Image
image/png 2400:52e0:1e00::1048:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.masto.host/shellsharkssocial/accounts/avatars/112/139/341/516/955/504/original/2ecd28fc2741ff0e.png
Requested by: Host: infosec.pub
URL: https://infosec.pub/post/10543480
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1048:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1048 /
Resource Hash: 819ea2e7c465c2291030aa7dcbe834631b3d95cbbc405df1d7189a950c02353e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
x-openstack-request-id: txb5a360af3eef4a7eb1559-0065fd7b5e
cdn-edgestorageid: 863
x-iplb-instance: 54407
cdn-cachedat: 03/22/2024 12:38:06
cdn-pullzone: 215912
content-length: 77685
x-trans-id: txb5a360af3eef4a7eb1559-0065fd7b5e
last-modified: Fri, 22 Mar 2024 12:36:46 GMT
server: BunnyCDN-DE1-1048
cdn-proxyver: 1.04
x-iplb-request-id: 8FF43832:C071_5762BBC9:01BB_65FD7B5E_B707716F:16D0
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 2ef99c7b-7cbb-4dc4-9962-8071741ed3fe
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=315576000, immutable
x-timestamp: 1711111005.09732
cdn-requestid: c461b48b61ded7399e90054805c31b18
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 eaca6541-504e-4226-b52c-4de9b3ef16ea.png
infosec.pub/pictrs/image/ 2 KB
2 KB 28ms
28ms Image
image/webp 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/pictrs/image/eaca6541-504e-4226-b52c-4de9b3ef16ea.png?format=webp&thumbnail=96

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx /

Resource Hash

bd0872ea49ba17b4c4cd8f724b6fc7e720327f49ccc3dfc3a526ca7fcb0d4ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Sat, 29 Jul 2023 01:43:07 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/webp
access-control-expose-headers: content-type, transfer-encoding, last-modified, cache-control, date, accept-ranges
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 9e5ac75a-f2f2-463d-872c-0d37604e21b3.png
infosec.pub/pictrs/image/ 2 KB
2 KB 27ms
27ms Image
image/webp 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/pictrs/image/9e5ac75a-f2f2-463d-872c-0d37604e21b3.png?format=webp&thumbnail=96

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx /

Resource Hash

1258df56c4fb2623195deb82a13af5b2fe25ba95a484aa1658b119eef10d1041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 05:09:16 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/webp
access-control-expose-headers: accept-ranges, content-type, last-modified, cache-control, date, transfer-encoding
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 261.client.js Show response
infosec.pub/static/1787a778/js/ 587 KB
130 KB 13ms
13ms Script
application/javascript 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/static/1787a778/js/261.client.js

Requested by

Host: infosec.pub
URL: https://infosec.pub/static/1787a778/js/client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

89921552dfdf1d2223e61005bd5bcce71e3c1e1cbd42a318900fb40895b5686b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:23 GMT
server: nginx
x-powered-by: Express
etag: W/"92ccf-18d3177fa78"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400, immutable
x-xss-protection: 1; mode=block

GET
H2 200 atom-one-light.css
infosec.pub/css/code-themes/ 856 B
0 0ms
0ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/code-themes/atom-one-light.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/static/1787a778/js/client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

593ee2475d42ac9ae701a177a353825bd661b6249fa1ad4bad232540825e9e83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-cef766b0dc53cb663085304a9dc70e60'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-cef766b0dc53cb663085304a9dc70e60'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"358-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 atom-one-dark.css
infosec.pub/css/code-themes/ 856 B
0 0ms
0ms Stylesheet
text/css 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/css/code-themes/atom-one-dark.css

Requested by

Host: infosec.pub
URL: https://infosec.pub/static/1787a778/js/client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

4237ffca7ce6aadb438c457e0a675b125c534bbdda5b87f41f3a1495603bcc9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-56f05f81ac655213f52c4dba6d7a7d2e'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-security-policy: default-src 'self'; manifest-src *; connect-src *; img-src * data: blob:; script-src 'self' 'nonce-56f05f81ac655213f52c4dba6d7a7d2e'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src *; media-src * data:
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
content-encoding: gzip
x-powered-by: Express
etag: W/"358-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 icon-96x96.png
infosec.pub/static/1787a778/assets/icons/ 3 KB
0 0ms
0ms Image
image/png 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/static/1787a778/assets/icons/icon-96x96.png

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

5636c599359893f45df9f9049258dfb8e6534ab0b4b5ce862d1fc96ad65adec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
x-powered-by: Express
etag: W/"dd7-18d3177cf80"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400, immutable
accept-ranges: bytes
content-length: 3543
x-xss-protection: 1; mode=block

GET
H2 200 2ecd28fc2741ff0e.png
cdn.masto.host/shellsharkssocial/accounts/avatars/112/139/341/516/955/504/original/ 76 KB
0 1ms
1ms Image
image/png 2400:52e0:1e00::1048:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.masto.host/shellsharkssocial/accounts/avatars/112/139/341/516/955/504/original/2ecd28fc2741ff0e.png
Requested by: Host: infosec.pub
URL: https://infosec.pub/post/10543480
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1048:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1048 /
Resource Hash: 819ea2e7c465c2291030aa7dcbe834631b3d95cbbc405df1d7189a950c02353e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
x-openstack-request-id: txb5a360af3eef4a7eb1559-0065fd7b5e
cdn-edgestorageid: 863
x-iplb-instance: 54407
cdn-cachedat: 03/22/2024 12:38:06
cdn-pullzone: 215912
content-length: 77685
x-trans-id: txb5a360af3eef4a7eb1559-0065fd7b5e
last-modified: Fri, 22 Mar 2024 12:36:46 GMT
server: BunnyCDN-DE1-1048
cdn-proxyver: 1.04
x-iplb-request-id: 8FF43832:C071_5762BBC9:01BB_65FD7B5E_B707716F:16D0
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 2ef99c7b-7cbb-4dc4-9962-8071741ed3fe
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=315576000, immutable
x-timestamp: 1711111005.09732
cdn-requestid: c461b48b61ded7399e90054805c31b18
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 eaca6541-504e-4226-b52c-4de9b3ef16ea.png
infosec.pub/pictrs/image/ 2 KB
0 2ms
2ms Image
image/webp 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/pictrs/image/eaca6541-504e-4226-b52c-4de9b3ef16ea.png?format=webp&thumbnail=96

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx /

Resource Hash

bd0872ea49ba17b4c4cd8f724b6fc7e720327f49ccc3dfc3a526ca7fcb0d4ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Sat, 29 Jul 2023 01:43:07 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/webp
access-control-expose-headers: content-type, transfer-encoding, last-modified, cache-control, date, accept-ranges
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 9e5ac75a-f2f2-463d-872c-0d37604e21b3.png
infosec.pub/pictrs/image/ 2 KB
0 2ms
2ms Image
image/webp 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.pub/pictrs/image/9e5ac75a-f2f2-463d-872c-0d37604e21b3.png?format=webp&thumbnail=96

Requested by

Host: infosec.pub
URL: https://infosec.pub/post/10543480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx /

Resource Hash

1258df56c4fb2623195deb82a13af5b2fe25ba95a484aa1658b119eef10d1041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Wed, 14 Feb 2024 05:09:16 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/webp
access-control-expose-headers: accept-ranges, content-type, last-modified, cache-control, date, transfer-encoding
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 favicon.svg
infosec.pub/static/1787a778/assets/icons/ 6 KB
3 KB 15ms
14ms Other
image/svg+xml 46.4.254.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.pub/static/1787a778/assets/icons/favicon.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.254.144 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.144.254.4.46.clients.your-server.de

Software

nginx / Express

Resource Hash

db639767f6efde71722b358d3de0df4d25e954fc9b38858c7d0aab66d167fb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://infosec.pub/post/10543480
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Apr 2024 23:18:53 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2024 13:59:12 GMT
server: nginx
x-powered-by: Express
etag: W/"194f-18d3177cf80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=86400, immutable
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| isoData object| webpackChunklemmy_ui object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; manifest-src ; connect-src ; img-src * data: blob:; script-src 'self' 'nonce-3d08060ca3ea7bacbd3b59dade6e01e4'; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; frame-src ; media-src data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.masto.host
infosec.pub
2400:52e0:1e00::1048:1
46.4.254.144
1241b0371c05179fcf1391d1613d070574c06c718719ee8fbef94ffdcb29983a
1258df56c4fb2623195deb82a13af5b2fe25ba95a484aa1658b119eef10d1041
1475323b1d9cbaf4006e23b29bff7b1954945b6b107890cfe8815129f0257aec
203252bb3f744ecda48e0cbe8728d18939d6dc2cd8ebf7df8ac22196829cf3e9
3a7bbeed721548af05ef239980497d5fb21280144acca48d96ce6d95feda70a1
4237ffca7ce6aadb438c457e0a675b125c534bbdda5b87f41f3a1495603bcc9b
55117f56845ffdb5326e48ed29911a62e4ed8025c185ed12d46f8849d025bf10
5636c599359893f45df9f9049258dfb8e6534ab0b4b5ce862d1fc96ad65adec1
593ee2475d42ac9ae701a177a353825bd661b6249fa1ad4bad232540825e9e83
819ea2e7c465c2291030aa7dcbe834631b3d95cbbc405df1d7189a950c02353e
89921552dfdf1d2223e61005bd5bcce71e3c1e1cbd42a318900fb40895b5686b
b4c6870f0744dc7891b08febe91b915ce725f355543717412b5162c51f1bb048
bd0872ea49ba17b4c4cd8f724b6fc7e720327f49ccc3dfc3a526ca7fcb0d4ed7
db639767f6efde71722b358d3de0df4d25e954fc9b38858c7d0aab66d167fb74

infosec.pub Open in urlscan Pro 46.4.254.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1440 kBTransfer

4731 kBSize

0 Cookies

7 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

infosec.pub Open in urlscan Pro
46.4.254.144 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1440 kB
Transfer

4731 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions