| 103.95.39.106/shellharbour/index.php | 103.95.39.106 | | 169 B |
URL 103.95.39.106/shellharbour/index.php IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeHTML document, ASCII text, with CRLF line terminators Hash0f952b73d3f5586637ea9a5a789d48f4 b29aff4ffa1d4decd77db5160f920e1c6417e5e9 69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/index.php HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:31 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://103.95.39.106/shellharbour/index.php
|
|
| 103.95.39.106/shellharbour/index.php | 103.95.39.106 | | 0 B |
URL 103.95.39.106/shellharbour/index.php IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/index.php HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.28
Location: web/app.php
|
|
| 103.95.39.106/shellharbour/web/app.php | 103.95.39.106 | | 456 B |
URL 103.95.39.106/shellharbour/web/app.php IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeHTML document, ASCII text Hash83094f644fceb21aefc808e6d105333c 9daa57c1b6e9f26eed1d9fc791869c34a7dced0e 77912e1d6b1e259aae0e1597203ecacf4f9fd1a2293c3d94132ea840e678347c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/app.php HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.28
Set-Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; path=/; HttpOnly
Cache-Control: max-age=0, must-revalidate, private
Date: Sat, 04 May 2024 14:17:35 GMT
Location: https://103.95.39.106/shellharbour/web/app.php/login/
|
|
| 103.95.39.106/shellharbour/web/app.php/login/ | 103.95.39.106 | | 212 kB |
URL 103.95.39.106/shellharbour/web/app.php/login/ IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeHTML document, ASCII text, with very long lines (65305) Size212 kB (212209 bytes) Hash0c773988ccfc5d3a2712fb7cdafd54f2 096766799231044af8599fc3df565af788120ab2 4dcd874f5996567207f7ec0e1447c4c089bda0c91abd6602ae7ee1e6ac222c6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/app.php/login/ HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.28
Cache-Control: max-age=0, must-revalidate, private
Date: Sat, 04 May 2024 14:17:35 GMT
Set-Cookie: device_view=full; expires=Tue, 04-Jun-2024 14:17:35 GMT; Max-Age=2678400; path=/; httponly
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/css/d65119e.css?9673 | 103.95.39.106 | | 89 B |
URL 103.95.39.106/shellharbour/web/css/d65119e.css?9673 IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
Hash1931bca07f44f54796ef92727f44ed6b b83c934ea3b728bcea041222e89a4a3c0fa67eeb 486a2f476bdb95a00981a5d395a6382c6f4880221690a23b7a2c1e657e5ee23e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/css/d65119e.css?9673 HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/app.php/login/
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:38 GMT
Content-Type: text/css
Last-Modified: Wed, 01 May 2024 15:00:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6632590f-f4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_1.css | 103.95.39.106 | | 50 kB |
URL 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_1.css IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeASCII text, with very long lines (65536), with no line terminators Hash8301b8b12449e2201cd9ce5714b29e4f 34866ae31840b6c15262924bd959748e10ed76e3 3d27379c815d3413a5a827b017ac3feb844f55e508271a0e4e4becb3d30d044e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/bundles/edumateadmin/css/login/Login-all_1.css HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/css/d65119e.css?9673
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:39 GMT
Content-Type: text/css
Last-Modified: Wed, 11 Oct 2023 14:00:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6526aa70-543b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_4.css | 103.95.39.106 | | 18 kB |
URL 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_4.css IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeASCII text, with very long lines (65536), with no line terminators Hash31b11703258813b3551102d8e24fcd68 07e01998ccb0f814bc0093a62e63a100aefc4668 e24a6559c9065869c7a0992aa44a86e092af2eaf48a15800db0e58b0ea217cf0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/bundles/edumateadmin/css/login/Login-all_4.css HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/css/d65119e.css?9673
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:39 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jul 2020 07:17:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f11507d-21758"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_2.css | 103.95.39.106 | | 43 kB |
URL 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_2.css IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeASCII text, with very long lines (65536), with no line terminators Hash764f16372293a90d27c8bbc79c587c7f 5fa3a56037f5cf62e345d8e786fd7999149b9156 5e1b401eeab4fe22923bd9d02abfd8774537751fbcbb74360020d818cbea4274
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/bundles/edumateadmin/css/login/Login-all_2.css HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/css/d65119e.css?9673
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:39 GMT
Content-Type: text/css
Last-Modified: Wed, 11 Oct 2023 14:00:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6526aa70-73ce8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_3.css | 103.95.39.106 | | 44 kB |
URL 103.95.39.106/shellharbour/web/bundles/edumateadmin/css/login/Login-all_3.css IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeASCII text, with very long lines (65536), with no line terminators Hashc2baaaa840000e6a3dd71961baab6fbf e96fdfec522e76d0c5fd5bdbb740d38a78aa0514 82137e5389e6b3d2662639570d61c688d1992244e2cea360b3f0995bce929316
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/bundles/edumateadmin/css/login/Login-all_3.css HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/css/d65119e.css?9673
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:39 GMT
Content-Type: text/css
Last-Modified: Fri, 17 Jul 2020 07:17:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f11507d-753ab"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
|
|
| 103.95.39.106/shellharbour/web/js/db07e11.js?9673 | 103.95.39.106 | | 1.2 MB |
URL 103.95.39.106/shellharbour/web/js/db07e11.js?9673 IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size1.2 MB (1239104 bytes) Hashdd8c03078999d3f687e34890843e8c5a 74345a8791690ffc3017c2a207a491c2510e42b6 1e7c3b5df7cd1c300a4fc46bd212529744c14f1133a0779dfbe8130e0f6c10b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/js/db07e11.js?9673 HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/app.php/login/
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:38 GMT
Content-Type: application/javascript
Content-Length: 1239104
Last-Modified: Wed, 01 May 2024 15:00:31 GMT
Connection: keep-alive
ETag: "6632590f-12e840"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| 103.95.39.106/shellharbour/web/images/1e6b8da.ico?9673 | 103.95.39.106 | | 5.4 kB |
URL 103.95.39.106/shellharbour/web/images/1e6b8da.ico?9673 IP103.95.39.106:0 ASN#136753 Anglican Schools Corporation
File typeMS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel Hashb30aaa4c671f4f4069d3481236e86530 c24702ecf0def7d565e76742a47adffbc374c8ef bf77de7b0f24c0e2cd111ee73b7f1352a1f796a38a10691473ff4781a8955993
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/images/1e6b8da.ico?9673 HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/app.php/login/
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:44 GMT
Content-Type: image/x-icon
Content-Length: 5430
Last-Modified: Wed, 01 May 2024 15:00:31 GMT
Connection: keep-alive
ETag: "6632590f-1536"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | | 0 B |
URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://103.95.39.106
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 217293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D | 13.211.117.182 | 200 OK | 73 kB |
URL User Request GET HTTP/2idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D IP13.211.117.182:443
CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (23262), with CRLF line terminators Hash54616549dd4111a34b817590d7beb34d 8d47467c408952d017c3286fbbf731b22d5ca3ba d3c88ab87db469f6edcc3ed0a954b51dfbb19e8c0c16afae649bbd6f52088db7
GET /adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://103.95.39.106/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache,no-store
pragma: no-cache
content-length: 73096
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
include-referred-token-binding-id: true
x-frame-options: SAMEORIGIN
date: Sat, 04 May 2024 14:17:46 GMT
set-cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701;Expires=Sun, 04 May 2025 14:17:46 GMT;Path=/
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/portal/css/style.css?id=13F8247991D9AB3E9D87D8EFC2B384F1B84D09A39AE0EBD4CCF9461B3063B7ED | 13.211.117.182 | 200 OK | 23 kB |
URL GET HTTP/2idp.sasc.nsw.edu.au/adfs/portal/css/style.css?id=13F8247991D9AB3E9D87D8EFC2B384F1B84D09A39AE0EBD4CCF9461B3063B7ED IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (509), with CRLF line terminators Hashb0002e120f746a04e3e549d045d2d211 781c7edf91d1dc9f3af37fb0d750acaecb3a5fe9 13f8247991d9ab3e9d87d8efc2b384f1b84d09a39ae0ebd4ccf9461b3063b7ed
GET /adfs/portal/css/style.css?id=13F8247991D9AB3E9D87D8EFC2B384F1B84D09A39AE0EBD4CCF9461B3063B7ED HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 22604
content-type: text/css
expires: Mon, 03 Jun 2024 14:17:46 GMT
etag: 13F8247991D9AB3E9D87D8EFC2B384F1B84D09A39AE0EBD4CCF9461B3063B7ED
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
date: Sat, 04 May 2024 14:17:46 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/portal/logo/logo.png?id=4928337D17C81F4040D310815EB4FE9A911C664567784462CD72BDFA992DA9F5 | 13.211.117.182 | 200 OK | 2.9 kB |
URL GET HTTP/2idp.sasc.nsw.edu.au/adfs/portal/logo/logo.png?id=4928337D17C81F4040D310815EB4FE9A911C664567784462CD72BDFA992DA9F5 IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typePNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced Hashba8dda087ae29be4b9c2ed557439692e 5eef9fc9b5ab336d7b857014b9afbd4c376cba3b 4928337d17c81f4040d310815eb4fe9a911c664567784462cd72bdfa992da9f5
GET /adfs/portal/logo/logo.png?id=4928337D17C81F4040D310815EB4FE9A911C664567784462CD72BDFA992DA9F5 HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 2942
content-type: image/png
expires: Mon, 03 Jun 2024 14:17:46 GMT
etag: 4928337D17C81F4040D310815EB4FE9A911C664567784462CD72BDFA992DA9F5
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
date: Sat, 04 May 2024 14:17:46 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/portal/images/idp/idp.png?id=3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548 | 13.211.117.182 | 200 OK | 931 B |
URL GET HTTP/2idp.sasc.nsw.edu.au/adfs/portal/images/idp/idp.png?id=3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548 IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typePNG image data, 80 x 80, 8-bit/color RGB, non-interlaced Hash33573e8b95be3ffee238d6438229d533 1dd91ff9f45b4be114bf66098115704f44129b21 3eadd3e829a20df612c7a77960ff811e66e3ee6bae2c33c9b20e7478bac87548
GET /adfs/portal/images/idp/idp.png?id=3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548 HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 931
content-type: image/png
expires: Mon, 03 Jun 2024 14:17:47 GMT
etag: 3EADD3E829A20DF612C7A77960FF811E66E3EE6BAE2C33C9B20E7478BAC87548
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
date: Sat, 04 May 2024 14:17:46 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/portal/images/idp/localsts.png?id=A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6 | 13.211.117.182 | 200 OK | 2.0 kB |
URL GET HTTP/2idp.sasc.nsw.edu.au/adfs/portal/images/idp/localsts.png?id=A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6 IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typePNG image data, 80 x 80, 8-bit/color RGB, non-interlaced Hash3566703c2c7b0db8bf4b510967f7bbcb 9a8f4a3cd97e204f979287ae691e0d401e95b63c a3911892be04d81eba5a8e0c74f77099aa1db05e542fbfcc78c9df4b0ec0e3a6
GET /adfs/portal/images/idp/localsts.png?id=A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6 HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1977
content-type: image/png
expires: Mon, 03 Jun 2024 14:17:47 GMT
etag: A3911892BE04D81EBA5A8E0C74F77099AA1DB05E542FBFCC78C9DF4B0EC0E3A6
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
date: Sat, 04 May 2024 14:17:46 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/adfs/portal/images/background.png | 13.211.117.182 | 200 OK | 1.4 MB |
URL GET HTTP/2idp.sasc.nsw.edu.au/adfs/portal/images/background.png IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typePNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced Size1.4 MB (1400140 bytes) Hashe7edd355f6839160e1e713cf246dc60d 69f3d452a0352295253ce6b437ea171be7550210 d72cc2efb6a4be2061dc2a0ec1a644ef4c81aab9e99c84b7fb7886a91a3cdc24
GET /adfs/portal/images/background.png HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1400140
content-type: image/png
expires: Mon, 03 Jun 2024 14:17:47 GMT
etag: D72CC2EFB6A4BE2061DC2A0EC1A644EF4C81AAB9E99C84B7FB7886A91A3CDC24
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src * 'unsafe-inline'
date: Sat, 04 May 2024 14:17:47 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| idp.sasc.nsw.edu.au/favicon.ico | 13.211.117.182 | 404 Not Found | 315 B |
URL GET HTTP/2idp.sasc.nsw.edu.au/favicon.ico IP13.211.117.182:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash67932d4b695e1d6b19dfc2e3610761ff a66898b36c94c53766e66c1a7aaeb149447ec083 ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
GET /favicon.ico HTTP/1.1
Host: idp.sasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
Cookie: cookiesession1=678A3E1C1AF23E0A0E8080F4E4682701
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=us-ascii
server: Microsoft-HTTPAPI/2.0
date: Sat, 04 May 2024 14:17:47 GMT
content-length: 315
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| cdn.schoolauth.tasc.nsw.edu.au/api/getbranding?data=pageload | 54.230.111.37 | 200 OK | 1 B |
URL GET HTTP/2cdn.schoolauth.tasc.nsw.edu.au/api/getbranding?data=pageload IP54.230.111.37:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerAmazon Subjectcdn.schoolauth.tasc.nsw.edu.au FingerprintE3:8E:9A:25:E2:C5:11:23:95:83:12:FC:26:21:56:70:7B:EC:28:19 ValidityWed, 21 Feb 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /api/getbranding?data=pageload HTTP/1.1
Host: cdn.schoolauth.tasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://idp.sasc.nsw.edu.au/
Origin: https://idp.sasc.nsw.edu.au
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 1
date: Sat, 04 May 2024 14:17:48 GMT
x-amzn-requestid: 5f1744e8-1137-4695-80ff-acc02319c510
access-control-allow-origin: *
x-amz-apigw-id: XP9-AHdySwMENWg=
x-amzn-trace-id: Root=1-6636438c-61eb2f8636e831bd39dad1eb;Sampled=1;lineage=117fc92d:0
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZLGeOM4vOPoUit3aqRhaFcDj5RIIEMci4uhAaw6FLRCDcH13mzErhw==
X-Firefox-Spdy: h2
|
|
| cdn.schoolauth.tasc.nsw.edu.au/api/getbranding?data=warmup | 54.230.111.37 | 200 OK | 1 B |
URL GET HTTP/2cdn.schoolauth.tasc.nsw.edu.au/api/getbranding?data=warmup IP54.230.111.37:443
Requested byhttps://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D CertificateIssuerAmazon Subjectcdn.schoolauth.tasc.nsw.edu.au FingerprintE3:8E:9A:25:E2:C5:11:23:95:83:12:FC:26:21:56:70:7B:EC:28:19 ValidityWed, 21 Feb 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /api/getbranding?data=warmup HTTP/1.1
Host: cdn.schoolauth.tasc.nsw.edu.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://idp.sasc.nsw.edu.au/
Origin: https://idp.sasc.nsw.edu.au
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 1
date: Sat, 04 May 2024 14:17:49 GMT
x-amzn-requestid: 4e3865f5-05f0-4774-a60a-dd22060d6919
access-control-allow-origin: *
x-amz-apigw-id: XP9-BGmWSwMEHhw=
x-amzn-trace-id: Root=1-6636438c-4bef4af27e4c51d60a69261b;Sampled=1;lineage=117fc92d:0
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gYfuF1l3ok7HITbgJoObzRRK5NEN35yiwOM131gwc7JtDpuI1F20nA==
X-Firefox-Spdy: h2
|
|
| 103.95.39.106/shellharbour/web/app.php/sso-login/?return_path=dashboard%2Fmy-edumate%2F | 103.95.39.106 | 302 Found | 73 kB |
URL User Request GET HTTP/1.1103.95.39.106/shellharbour/web/app.php/sso-login/?return_path=dashboard%2Fmy-edumate%2F IP103.95.39.106:443 ASN#136753 Anglican Schools Corporation
CertificateIssuerSectigo Limited Subject*.tasc.nsw.edu.au FingerprintEA:82:DF:11:17:EF:40:09:47:46:E4:72:A3:F5:40:5A:BC:B2:7F:F3 ValidityMon, 15 Jan 2024 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shellharbour/web/app.php/sso-login/?return_path=dashboard%2Fmy-edumate%2F HTTP/1.1
Host: 103.95.39.106
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.95.39.106/shellharbour/web/app.php/login/
Cookie: PHPSESSID=gh22f0pocrsegsjs6v902f9d35; device_view=full
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 14:17:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.28
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Location: https://idp.sasc.nsw.edu.au/adfs/ls/?SAMLRequest=pVJLj9owEL7zK1a%2BEychdIMFSHTpA4kCWmgPvVRDPGksJbbrsUv339ckbXe3UvdS3zwz32M%2Be07QtVasgm%2F0PX4LSH50E8%2BPrtUk%2BuaCBaeFAVIkNHRIwlfiuPqwFXmSCuuMN5Vp2V%2Bwl1FAhM4rowfYZr1g%2B92b7f7dZvelyovJq1uUk%2BmsziAv5WxylmkBZTmp87TMZ1OoU8BygH5CR5FnwSItGw1sRAE3mjxoH%2BtpXozT6TgtTlkhsltRTD8P0HVcVmnwPbzx3pLgXEmbEFCVaLokKEMCgYOsibfEB9jh18avlZZKf3150fMwROL96XQYH%2FbH00Cy%2Bh3AndEUOnRHdN9VhR%2Fvt49eonwHHhNqsG0bcGcTHDxz9rTDL3jmYG1iG8uvT8ChIrbs5ebXu%2BiDccv%2Fp5%2Fzp3yPClbsYgKb9cG0qnro69fz1rgo9O%2BgsiTrK0qO635UBE0WK1UrlOwPzaptzeXOYfS8YN4FZDd8ORq8PP%2FCy58%3D&RelayState=%257B%2522return_path%2522%253A%2522dashboard%255C%252Fmy-edumate%255C%252F%2522%257D
|
|