boehs.org
Open in
urlscan Pro
172.67.204.89
Public Scan
Submission: On May 07 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 12th 2024. Valid for: 10 months.
This is the only time boehs.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 172.67.204.89 172.67.204.89 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a04:4e42::347 2a04:4e42::347 | 54113 (FASTLY) (FASTLY) | |
20 | 3.121.122.184 3.121.122.184 | 16509 (AMAZON-02) (AMAZON-02) | |
36 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-122-184.eu-central-1.compute.amazonaws.com
v1.indieweb-avatar.11ty.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
11ty.dev
v1.indieweb-avatar.11ty.dev |
34 KB |
14 |
boehs.org
boehs.org beanbag.boehs.org |
73 KB |
2 |
mastodon.social
files.mastodon.social — Cisco Umbrella Rank: 172766 |
56 KB |
36 | 3 |
Domain | Requested by | |
---|---|---|
20 | v1.indieweb-avatar.11ty.dev |
boehs.org
|
10 | boehs.org |
boehs.org
|
4 | beanbag.boehs.org |
boehs.org
|
2 | files.mastodon.social |
boehs.org
|
36 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
boehs.org Cloudflare Inc ECC CA-3 |
2024-03-12 - 2024-12-31 |
10 months | crt.sh |
mastodon.social R3 |
2024-03-29 - 2024-06-27 |
3 months | crt.sh |
*.11ty.dev R3 |
2024-05-06 - 2024-08-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
Frame ID: 6096BDA02DF73BB813C2198EDEE1B8ED
Requests: 34 HTTP requests in this frame
55 Outgoing links
These are links going to different origins than the main page.
Title: Added error text to warning when untaring with bsdtar
Search URL Search Domain Scan URL
Title: lives on to this day
Search URL Search Domain Scan URL
Title: patched
Search URL Search Domain Scan URL
Title: pressuring
Search URL Search Domain Scan URL
Title: begins
Search URL Search Domain Scan URL
Title: Tests: Created tests for hardware functions.
Search URL Search Domain Scan URL
Title: never seen again
Search URL Search Domain Scan URL
Title: Dennis Ens
Search URL Search Domain Scan URL
Title: Glyph
Search URL Search Domain Scan URL
Title: @eb
Search URL Search Domain Scan URL
Title: https://www.mail-archive.com/xz-devel@tukaani.org/msg00567.html
Search URL Search Domain Scan URL
Title: on Jan 7, 2023
Search URL Search Domain Scan URL
Title: updated
Search URL Search Domain Scan URL
Title: liblzma: Add ifunc implementation to crc64_fast.c
Search URL Search Domain Scan URL
Title: Replaced crc64_fast constructor with ifunc by hansjans162
Search URL Search Domain Scan URL
Title: a PR
Search URL Search Domain Scan URL
Title: issue
Search URL Search Domain Scan URL
Title: oss-fuzz is opened
Search URL Search Domain Scan URL
Title: tukaani.org/xz/
Search URL Search Domain Scan URL
Title: xz.tukaani.org/xz-utils/
Search URL Search Domain Scan URL
Title: tukaani.org
Search URL Search Domain Scan URL
Title: this
Search URL Search Domain Scan URL
Title: Tests: Add a few test files
Search URL Search Domain Scan URL
Title: Tests: Update two test files
Search URL Search Domain Scan URL
Title: backdoor in upstream xz/liblzma leading to ssh server compromise
Search URL Search Domain Scan URL
Title: AndresFreundTec
Search URL Search Domain Scan URL
Title: gist
Search URL Search Domain Scan URL
Title: xz/liblzma: Bash-stage Obfuscation Explained
Search URL Search Domain Scan URL
Title: “It’s RCE, not auth bypass”
Search URL Search Domain Scan URL
Title: [WIP] XZ Backdoor Analysis and symbol mapping
Search URL Search Domain Scan URL
Title: Infographic
Search URL Search Domain Scan URL
Title: xzbot: notes, honeypot, and exploit demo for the xz backdoor
Search URL Search Domain Scan URL
Title: research!rsc: The xz attack shell script
Search URL Search Domain Scan URL
Title: #1067708 - xz-utils: New upstream version available
Search URL Search Domain Scan URL
Title: same week
Search URL Search Domain Scan URL
Title: pull request
Search URL Search Domain Scan URL
Title: comment
Search URL Search Domain Scan URL
Title: states
Search URL Search Domain Scan URL
Title: attempted
Search URL Search Domain Scan URL
Title: suspended
Search URL Search Domain Scan URL
Title: including
Search URL Search Domain Scan URL
Title: added
Search URL Search Domain Scan URL
Title: XZ Utils backdoor
Search URL Search Domain Scan URL
Title: were made
Search URL Search Domain Scan URL
Title: Minhu Wang
Search URL Search Domain Scan URL
Title: independent analysis
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: Ry Jones
Search URL Search Domain Scan URL
Title: jiat75-logs
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: Donate
Search URL Search Domain Scan URL
Title: Ko-fi
Search URL Search Domain Scan URL
Title: ⤺
Search URL Search Domain Scan URL
Title: ⤻
Search URL Search Domain Scan URL
Title: Analytics
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
everything-i-know-about-the-xz-backdoor
boehs.org/node/ |
26 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spectralregular.woff2
boehs.org/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spectralbold.woff2
boehs.org/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
boehs.org/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
code.css
boehs.org/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
infoot.js
boehs.org/ |
1001 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
boehs.org/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
colophon.js
boehs.org/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad501ceca43dd473.png
files.mastodon.social/accounts/avatars/000/023/457/original/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6a9a410580be97af.jpg
files.mastodon.social/accounts/avatars/109/362/110/832/715/599/original/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fgithub.com
v1.indieweb-avatar.11ty.dev/ |
623 B 799 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fwww.mail-archive.com
v1.indieweb-avatar.11ty.dev/ |
120 B 267 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fgit.tukaani.org
v1.indieweb-avatar.11ty.dev/ |
136 B 197 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http%3A%2F%2Ftukaani.org
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http%3A%2F%2Fxz.tukaani.org
v1.indieweb-avatar.11ty.dev/ |
120 B 202 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fwww.zoner.fi
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fwww.openwall.com
v1.indieweb-avatar.11ty.dev/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fgist.github.com
v1.indieweb-avatar.11ty.dev/ |
623 B 680 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fgynvael.coldwind.pl
v1.indieweb-avatar.11ty.dev/ |
658 B 719 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fbsky.app
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Finfosec.exchange
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fresearch.swtch.com
v1.indieweb-avatar.11ty.dev/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fbugs.debian.org
v1.indieweb-avatar.11ty.dev/ |
434 B 489 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fsalsa.debian.org
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnews.ycombinator.com
v1.indieweb-avatar.11ty.dev/ |
719 B 774 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fbugs.launchpad.net
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Ftukaani.org
v1.indieweb-avatar.11ty.dev/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fplay.clickhouse.com
v1.indieweb-avatar.11ty.dev/ |
120 B 586 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Frheaeve.substack.com
v1.indieweb-avatar.11ty.dev/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Flunduke.locals.com
v1.indieweb-avatar.11ty.dev/ |
120 B 191 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spectralitalic.woff2
boehs.org/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
stats
beanbag.boehs.org/api/websites/6583e097-68de-4820-820a-d62703811252/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stats
beanbag.boehs.org/api/websites/6583e097-68de-4820-820a-d62703811252/ |
181 B 735 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
telegraph
beanbag.boehs.org/api/ |
583 B 1 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
telegraph
beanbag.boehs.org/api/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
boehs.org/ |
754 B 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| umami0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beanbag.boehs.org
boehs.org
files.mastodon.social
v1.indieweb-avatar.11ty.dev
172.67.204.89
2a04:4e42::347
3.121.122.184
051d86cdf0d982d71cf80f535420d5517bdf8cdca9690a1541a6d39cefab7692
075c592823393e600c27aa32311065cecc299f3e0d7e5649b5771015b45860a6
26955e8ba1c40f8e8198c1914c48e349cabbee22487a29e6215638c8ec79ac82
2b2503da94ee5dce8326788ea3bc0a83580495c03711dfd074411feb09f4cb2e
2bfe2cba2c69b95d79059ab891c7db02cb29ef30a5da3ecf29a890d36f0e8031
3294bbff20d321a49ca8a51bcbe684068a064b9375c2e6bb0ee70a5d3325784a
3940df351c3d96d6c7e8284cd97610b390a06f7a326255eec1bd0eb4ead58283
41d8d7675a659b5b155c7297956d055ced45e39473a728c37e95a4eeb6f1e5ac
483ea8350e2a7f13e4b64f30d308a98cb55241499529d6d3721691e4768bb01b
4944147e5b8ead9bc2fdab03110da54868ac7972493d30b26c003b13301b3aae
4c765550bf5bc319f1336ddfa201bc3e89c4af82b25287808e62c640735e6c33
5da931071e25bd512f4c66c3a10ee2b6670301482093cd052c33bd0658ae10fb
5e9f100d8b36624aafcbd3e8e6832d7400b87fad5aa5d97dfe4b3c7482ce383f
6018c5b471abefe3be1549fd8843fbdc7f8ed5d0bfa4247d315df57c4c312e36
75802e98376afac7b25aa5607ea95967818ad03616a8b9cc23b2eddd477e8a5b
75ebbe825b08cda48859c9e602b377c11b7fc5ad38d6e244cbc89416318f8cae
84d599992ab4b479292747bcc572566b80a9f7197ae2e09a2180498337eb1e35
8af9300112c4c3a76acf4489c327f2b5caac183955915eff9dbac7db82e630de
8c157c002e229268477a65123098eb5b75c41d9e16829210cfd18d6bee98faff
a9148f8d904ec5f9ce9b2e7c89114804dc65bb2c35423892e5483a122fac0983
aaf0a42f577c10f74c5aa9bf7c564b518e3df1c5aba5ae4297db04a928dd29f4
ab65564199b2932a521702af4b28bdc1240c80a2985558eeee1f62c34f7fc102
b1df25e8a9b6ea27d6b39b44ae7722be29dc749f03761c0185f5ee39fa8aaf42
c327b9a5d8acef59969ebb728442622a81fc92f7c25a84d6fd469b13eb81f10c
d470675d424d6df6f00c2cd0fab8c858d5370f6ffc4cf44291cfc2820d6ded4d
e595ce3af52acddbb457ef844d29bc76482511f9da54d40222f9806542979107
f18b82e106077de046a5475e3e53360c43b4be2209a3cb3c24f82ddbfa123a30
f76cb1333730630ba09df2185e5fe03b93c872afd5a48309e394e42fa7b5d599
fdef1480fb7bc46557c3ec13b5a725e855b13284a33c8b24d76048fa6421bee5