Saw this circulating on Twitter today:
No outside comms, i know, but thought i'd open it up for discussion.
whois says it was registered yesterday (the 17th (Q day)).
.
whois data:
. .
Domain Name: QOFFICIAL.NET
Registry Domain ID: 2830664517_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2023-11-17T23:22:13Z
Creation Date: 2023-11-17T23:22:13Z
Registry Expiry Date: 2024-11-17T23:22:13Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS53.DOMAINCONTROL.COM
Name Server: NS54.DOMAINCONTROL.COM
DNSSEC: unsigned
. . . .
Server's response headers:
.
wget -O /dev/null -S https://qofficial.net/
Resolving qofficial.net (qofficial.net)... 34.117.223.165
HTTP/1.1 302 Found
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
link: https://imgproxy.fourthwall.com; rel=preconnect; crossorigin, Link:
https://themes.fourthwall.com; rel="preconnect"; crossorigin
location: https://qofficial.net/password
content-type: text/html; charset=utf-8
content-security-policy-report-only: report-uri https://o276638.ingest.sentry.io/api/3755835/security/? sentry_key=3ca837c4b889463d8ab50e4ebb014331
x-request-id: 16ad520e-380c-49f9-9fae-531dd097aee9
x-runtime: 0.127367
x-envoy-upstream-service-time: 129
date: Sun, 19 Nov 2023 00:29:01 GMT
server: istio-envoy
vary: Accept-Encoding
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
Location: https://qofficial.net/password [following]
--2023-11-18 19:29:02-- https://qofficial.net/password
Reusing existing connection to qofficial.net:443.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
link: https://imgproxy.fourthwall.com; rel=preconnect; crossorigin, Link: https://themes.fourthwall.com; rel="preconnect"; crossorigin
x-robots-tag: noindex
content-type: text/html; charset=utf-8
content-security-policy-report-only: report-uri https://o276638.ingest.sentry.io/api/3755835/security/? sentry_key=3ca837c4b889463d8ab50e4ebb014331
x-request-id: 20c81050-1edb-45c0-a3e7-3d335c8693c4
x-runtime: 0.175434
x-envoy-upstream-service-time: 178
date: Sun, 19 Nov 2023 00:29:02 GMT
server: istio-envoy
vary: Accept-Encoding
Via: 1.1 google
Cache-Control: max-age=0,public,s-maxage=10
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
. . .
I've never heard of a "istio-envoy" server. Interesting.
November (11) 28th 1:00 = 11+2+8+1 = 22. There are exactly 22 days between Nov 28th, and Dec. 20 the date space force was officially created.
I know this means nothing, and that if you look hard enough you can make something from nothing, but at least it doing so occupies the mind.
In this war you just never know. Carry on.