| 40.124.116.28/moodle/mylogin/index.php | 40.124.116.28 | | 3.1 kB |
URL User Request GET 40.124.116.28/moodle/mylogin/index.php IP40.124.116.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash04a6e32e568a0010c3a7535f00188e25 85dd4d0cd4c8bc35937118ab6ba59d50a23db5e6 148e4a5a038940d3ca1704158d25db1279d994bcb39f781a27dba41f40e5a19d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/index.php HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:26 GMT
Server: Apache/2.4.59 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3144
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js | 104.17.24.14 | 200 OK | 43 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js IP104.17.24.14:443
Requested byhttp://40.124.116.28/moodle/mylogin/index.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash2740efccb43a18e34c46da36e50013fa 1238a5aac7b63e50d79ce94f04ca3a0e329d501b 2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
GET /ajax/libs/core-js/2.4.1/core.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 11:03:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 42723
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3a1e2"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 46543
expires: Tue, 22 Apr 2025 11:03:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wukT0k70wFQY4VJUgtlML2JVYy5uDT2m%2BwbwGuS88zNLbbLj7MVU3dtjMbESmZZmJTEQ%2Fa47E2Frjd7n%2Bn%2FYc14%2FkBYL%2FlWg1b8UVJmxjSNhuOT373xE9aQ5ku7jn3ogepTKWvos"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d7865acc335688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css | 151.101.193.229 | 200 OK | 8.8 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css IP151.101.193.229:443
Requested byhttp://40.124.116.28/moodle/mylogin/index.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashea83ae92c684331d2096c4d3306a04de 1865dddcbb7b67dcef4250e590cc9a9574aba673 3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
content-encoding: br
accept-ranges: bytes
date: Thu, 02 May 2024 11:03:27 GMT
age: 6566328
x-served-by: cache-fra-etou8220126-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8770
X-Firefox-Spdy: h2
|
|
| 40.124.116.28/moodle/mylogin/css/app.css | 40.124.116.28 | 200 OK | 906 B |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/css/app.css IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
Hashd24a2ffa6ddc988793c75d7e5bd965da a4fd4d1f7562858ff30d846afd32b76ffc36ed2f 7fc8aab7dd930484cfd93a04ebcf505512b8c226ffa83346db939bd10f3d1624
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/css/app.css HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "99a-5e6b7195d8561-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 40.124.116.28/moodle/mylogin/css/bootstrap.min.css | 40.124.116.28 | 200 OK | 24 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/css/bootstrap.min.css IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeUnicode text, UTF-8 text, with very long lines (65306) Hashe451b87914db6243b6afa3c5e484ec16 396f51b333ff6f0926f6e67ad6e6c9c69bea7b31 cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/css/bootstrap.min.css HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "27ba0-5e6b7195d8561-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23894
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 40.124.116.28/moodle/mylogin/sweetalert2/sweetalert2.all.js | 40.124.116.28 | 200 OK | 18 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/sweetalert2/sweetalert2.all.js IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJavaScript source, ASCII text, with very long lines (37263), with CRLF line terminators Hash098c7edd8dda74ec13a3a944c913a73c d80addcd438d9fe00e6faafa0867f11a93656129 367ffc0628d8c1ee17454ea8d4d7cee02af580cfe86c574aea7a8c1b139df83d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/sweetalert2/sweetalert2.all.js HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "17fdd-5e6b7195df2c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18464
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 40.124.116.28/moodle/mylogin/js/bootstrap.bundle.min.js | 40.124.116.28 | 200 OK | 22 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/js/bootstrap.bundle.min.js IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJavaScript source, ASCII text, with very long lines (65299) Hash715756e65b9ff107f4cf927e3e8bbf76 f52210379974496514e24aeb07ecb6ef259063f6 2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/js/bootstrap.bundle.min.js HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "13284-5e6b7195df2c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22488
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 40.124.116.28/moodle/mylogin/img/Principal/Logo-Universidad-metropolitana.png | 40.124.116.28 | 200 OK | 13 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/Principal/Logo-Universidad-metropolitana.png IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typePNG image data, 480 x 81, 8-bit/color RGBA, interlaced Hashd9162687ecace775ae67b017c49ff0a0 b0296e11dcb0dc5bc5a206f49fe0675af7a4705c 6e409c69ecc75e766cd40e6fa4dba2bd23d63d6f4dc50c38a5785828a462f650
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/Principal/Logo-Universidad-metropolitana.png HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "3126-5e6b7195dd382"
Accept-Ranges: bytes
Content-Length: 12582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d | 151.101.193.229 | 200 OK | 90 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d IP151.101.193.229:443
Requested byhttp://40.124.116.28/moodle/mylogin/index.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 90528, version 1.0 Hashe07b538aa51b6fa77f32828af21cb591 4649877868a0068ce50b105d0d2a235e8010c98f 76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
GET /npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://40.124.116.28
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 90528
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
accept-ranges: bytes
date: Thu, 02 May 2024 11:03:27 GMT
age: 4276863
x-served-by: cache-fra-eddf8230031-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttp://40.124.116.28/moodle/mylogin/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://40.124.116.28
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:10 GMT
expires: Fri, 02 May 2025 02:01:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 32537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 40.124.116.28/moodle/mylogin/img/Principal/SegundoParcial2024-1.jpg | 40.124.116.28 | 200 OK | 799 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/Principal/SegundoParcial2024-1.jpg IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1899x765, components 3 Size799 kB (798561 bytes) Hash65fa027e577e51b3d4128adef7de5fa2 ae210e7b84c560a7f4886441c321749add5f52db 2ca463da8f0c59d878c4c75b693112a8f41bb0bb54671ec11b9de62810043a2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/Principal/SegundoParcial2024-1.jpg HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Mon, 05 Feb 2024 22:14:28 GMT
ETag: "c2f61-610a9c904e520"
Accept-Ranges: bytes
Content-Length: 798561
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;900&display=swap | 142.250.74.106 | 200 OK | 6.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;900&display=swap IP142.250.74.106:443
Requested byhttp://40.124.116.28/moodle/mylogin/index.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hash45072fc3fcdab20aac39c51cc2176446 27eb379ad5e1bfb16d80bb942fefb105e51c8443 e0a8a695a2e3da6707afde860a8ba3d0289a1b882377361ca719f988e67defcb
GET /css2?family=Roboto:wght@400;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 11:03:27 GMT
date: Thu, 02 May 2024 11:03:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 40.124.116.28/moodle/mylogin/img/saberpro2024-1.jpg | 40.124.116.28 | 200 OK | 1.9 MB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/saberpro2024-1.jpg IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJPEG image data, progressive, precision 8, 1920x793, components 3 Size1.9 MB (1871953 bytes) Hash74e957bed4acb1c9cc601fd168278249 1b1cc9cf886fbaec17109f31c234b6e2e3c97053 cf6e2cce0fd9cfb975a56fef72efb3a20e05f349cd6ff4f01f345280112653ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/saberpro2024-1.jpg HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Fri, 01 Mar 2024 15:45:00 GMT
ETag: "1c9051-6129b42355d2b"
Accept-Ranges: bytes
Content-Length: 1871953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 40.124.116.28/moodle/mylogin/img/Principal/Pasos-de-ingreso-al-campus.png | 40.124.116.28 | 200 OK | 535 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/Principal/Pasos-de-ingreso-al-campus.png IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typePNG image data, 1920 x 793, 8-bit/color RGB, non-interlaced Size535 kB (535219 bytes) Hash33522997a76a5129d9a63a3fe0efdc6c 64a49b0b792377e60d6b1b0ec4e4aa9181a4298d 37e9a38a1dd94e317bad78035ced44d20685347cad610802b4be33afb2de6362
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/Principal/Pasos-de-ingreso-al-campus.png HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "82ab3-5e6b7195dd382"
Accept-Ranges: bytes
Content-Length: 535219
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 40.124.116.28/moodle/mylogin/img/Principal/banner-principal.png | 40.124.116.28 | 200 OK | 1.3 MB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/Principal/banner-principal.png IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typePNG image data, 1920 x 793, 8-bit/color RGB, non-interlaced Size1.3 MB (1326034 bytes) Hash5796c4d7ad7ecab13bb5ff83cb1747f6 321b3b3e2c7d29d9d7e8e0a6b4eea7faba024002 72da2d96c839e3a759dd083c1d89b7eb5d8c9636999e1319f761dfa710d78637
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/Principal/banner-principal.png HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "143bd2-5e6b7195dc3e2"
Accept-Ranges: bytes
Content-Length: 1326034
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 40.124.116.28/moodle/mylogin/img/modulos/calendario.jpg | 40.124.116.28 | 200 OK | 462 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/modulos/calendario.jpg IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 6000x4000, components 3 Size462 kB (462062 bytes) Hash4ec617777833694b4b8f06136efb974e 8192dbb8d00ebb352c4ad8204f0c71851f61521c 4472fa647989e73ceab962739e68f616b921265d88c8a13db53ff665a2ef72ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/modulos/calendario.jpg HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:28 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "70cee-5e6b7195d9501"
Accept-Ranges: bytes
Content-Length: 462062
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 40.124.116.28/moodle/mylogin/img/modulos/video-tutoriales.jpg | 40.124.116.28 | 200 OK | 703 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/modulos/video-tutoriales.jpg IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 4164x2780, components 3 Size703 kB (703310 bytes) Hash38d4b2c35017a345fff62a5153d6ae66 ad5cc0c23e309c91e2341493cc17e333e84cc225 79fbcc06d8db3fd727bf3b049aee8d245a058fb4ad294994ffec8ccad1d2ea89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/modulos/video-tutoriales.jpg HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "abb4e-5e6b7195d9501"
Accept-Ranges: bytes
Content-Length: 703310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 40.124.116.28/moodle/mylogin/img/modulos/electivas.jpg | 40.124.116.28 | 200 OK | 1.4 MB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/img/modulos/electivas.jpg IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 6000x4000, components 3 Size1.4 MB (1433541 bytes) Hashb7c3a5296a53cc637e18cbd6fef26917 a8d662469a655258c0ba2bdbaf8e882423102c39 578a471b303e9732a9668261582bda9aaf60d552aaa63454fb60fa6cff524a49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/img/modulos/electivas.jpg HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:27 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "15dfc5-5e6b7195d9501"
Accept-Ranges: bytes
Content-Length: 1433541
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 40.124.116.28/moodle/mylogin/favicon.ico | 40.124.116.28 | 200 OK | 1.2 kB |
URL GET HTTP/1.140.124.116.28/moodle/mylogin/favicon.ico IP40.124.116.28:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://40.124.116.28/moodle/mylogin/index.php
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash135aed33c0a7b8f44f0227a71b9ce345 120e10c8a17aebb31c74b6988f8bce9b05dd6606 7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /moodle/mylogin/favicon.ico HTTP/1.1
Host: 40.124.116.28
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://40.124.116.28/moodle/mylogin/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 11:03:29 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sun, 21 Aug 2022 02:29:22 GMT
ETag: "47e-5e6b7195d8561"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=ENWDNxbiOSRbbpXKvA5HbZyaqLAYndRs35694CfnkxvYz02IcoKwbbpcG-2u8RS9hpI3Sk51fqsiQOqkzrHn3a2n2f7TunpT1H0jfFSanu8eZ6Y7NlvIdxP6NdnSscIF
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
content-length: 444
date: Thu, 02 May 2024 11:01:34 GMT
age: 131
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|