Report - 14.139.92.174/course/index.php

Report Overview

Submitted URL
14.139.92.174/course/index.php
IP
14.139.92.174
ASN
#55824 NKN Core Network
Submitted
2024-04-24 10:33:33
Access
public
Website Title
NIPHM MOOCs: All courses
Final URL
14.139.92.174/course/index.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
14.139.92.174	unknown	unknown	No data	No data	14 kB	483 kB	14.139.92.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed
2024-04-24	medium	14.139.92.174	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	14.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js	97 kB	2023-03-07	2024-05-02
Pretty URL 14.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:14 Last Seen2024-05-02 21:12:06 Times Seen1691 Hash 1d244cb043be8157f0050ce9e45c9ef2 f16bd01623fd56d1372ea2eb55cd52a28cd883f8 2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772 Loading...

	14.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js	9.6 kB	2023-03-08	2024-04-24
Pretty URL 14.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-24 12:33:40 Times Seen21 Hash cc80e00ff417beacaf90b17199b05fee 8748f8011112f5460336ce55e860128c6bfa497e a7cd61d14aee201646d7d33a2a292483446fb45317870b9a98537080f89d7e42 Loading...

	14.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js	98 kB	2023-03-08	2024-04-30
Pretty URL 14.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-30 11:10:02 Times Seen64 Hash 7f565c5da02968cbc38bf39404bcd347 e6b3a57f594b60246017646435c184589046b825 4756c22b8b906947e2e2af4c107ce71e47a29bfa0755109e17d7ceeca984a912 Loading...

	14.139.92.174/course/index.php	14 kB	2024-04-24	2024-04-24
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:40 Times Seen1 Hash e5b508d8dc64075844dbd5dd844af9e6 910821ebb817476326a25ea61b5886f30efdfa97 25873102c30e140dfe0a01bba4dbb1750c87d9e132b5e38c10ce0be5d8c91c17 Loading...

	unknown	37 B	2023-04-11	2024-05-06
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-06 00:46:09 Times Seen234378 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	14.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js	160 B	2023-03-08	2024-04-24
Pretty URL 14.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-24 12:33:40 Times Seen17 Hash ac38aa5f1ee8447fd6fc121830d5746f b215eb6c45c1bec7fa5e7f82a7f2357fb73b2744 6a96cd907b9a4dadcfa05428f7c0b6e922cb65cf191e0ae83cccb6ed3ed81370 Loading...

	14.139.92.174/theme/javascript.php/academi/1712039468/footer	1.3 kB	2023-03-08	2024-04-30
Pretty URL 14.139.92.174/theme/javascript.php/academi/1712039468/footer IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-30 11:10:02 Times Seen96 Hash cded10b0940ef1d668fd1e2177862b4c c1bd51a332b0714bf3b971523210ca94105174a1 48d4bea06744e584e0f6f9f83da4d5ddc958605f764b884ae46bb57c09b7a3cf Loading...

	14.139.92.174/course/index.php	60 B	2023-03-07	2024-05-05
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07:30 Last Seen2024-05-05 09:32:05 Times Seen1154 Hash dba70bf9335863dea2696ca9da069b01 adfc079c12684d419766c7732c35da693517a7f8 05f515ab150c8852191afb40be55373b5b5337d89d513e48b802293123361798 Loading...

	14.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js	2.9 kB	2023-03-07	2024-04-30
Pretty URL 14.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:49:23 Last Seen2024-04-30 11:10:02 Times Seen92 Hash c36abe3da22bd663370e281204e37445 f5345d6ab10249b4c982cf66601c150bcecb34c5 2b2bdc51dee9a3859ea4f8dc5d6cdfaf0bb6ef3fa26c0a0d9b57ee2b89ba292c Loading...

	14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js	299 kB	2023-03-08	2024-04-24
Pretty URL 14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-24 12:33:40 Times Seen34 Hash 827f6ccc7f5f1c980a58717911372000 5d17730f646a68856e6476e996fd899e04c75470 296d330db81c409849a2268543a966e2daddd555c4d1ba852fb36ef168357bed Loading...

	14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js	15 kB	2023-03-08	2024-04-30
Pretty URL 14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-30 11:10:02 Times Seen74 Hash 1ac2c29ecc0f8716020855452601d3ac 6c9334bde26307a8bab47149861cc10ecd36115e 152e615fb1cfa6bf4b22769502cb1af2ef966a14b46774d9fda6f2ef1695f6cf Loading...

	unknown	242 B	2024-04-24	2024-04-24
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:40 Times Seen1 Hash ee577f6b6515286336d6ec23d6b23fb7 c3f4cfe9c37b187d34b275bda85cb15fcf916d04 6a9df33a62a3e9bf97051df790579b0de03c45679e5306f300706c6f7205a020 Loading...

	14.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js	2.1 kB	2023-03-10	2024-04-24
Pretty URL 14.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:52:08 Last Seen2024-04-24 12:33:41 Times Seen16 Hash 16a0db42fa9c83cd456cd36eb2efef1d 34fb3032412e0e2c66c4c9cfd53cf8d9a27f0744 bf50b02892936746d625d3ae9bca052b7adb1124c49970e69f27e7c05cbccf01 Loading...

	14.139.92.174/lib/requirejs.php/1712039468/core/first.js	214 kB	2024-04-24	2024-04-24
Pretty URL 14.139.92.174/lib/requirejs.php/1712039468/core/first.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:41 Times Seen2 Hash b599cee68f797c5f0b7177e0c97fb511 1a7665439eb2570c772956f83b5c8d3a4337d05f 03e016556496a65f460395a4ed52dbf81da845f38e9dcbc738cd3fa95f44792a Loading...

	14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js	57 B	2023-03-08	2024-04-30
Pretty URL 14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-30 11:10:02 Times Seen104 Hash 41386c0e0a69c3af2aa80a307029cee7 e84492ff15f9097d15b996cb8cbc9815f92a0eb8 be0aa8fccceaec2989338939fcec462a2714a9d7c7cdb808c6545c95c3f076fd Loading...

	14.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js	32 kB	2023-03-08	2024-04-24
Pretty URL 14.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:48 Last Seen2024-04-24 12:33:40 Times Seen33 Hash 99d0fbee5b8b56b46155f8887ef2eb59 5d72c5d1036109c9558b5bcd9814a0e2706923be d43449e21297219118ea75f7c4882c6a052bb8512672768a6e7f756f453ad169 Loading...

	14.139.92.174/course/index.php	948 B	2024-04-24	2024-04-24
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:40 Times Seen1 Hash 414ae5bcf679786bc5f4b381226fffa9 5ab1315b8ff8a71a1609141d0b08bddcc405ce85 0fa1e603e584a4df2ca2704604b87eec068846699f74cb5d318ab9d90a9946ed Loading...

	14.139.92.174/course/index.php	357 B	2024-04-24	2024-04-24
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:40 Times Seen1 Hash af9284d05661edd016a2a62503de49a9 4ee29117b555c8e7c22b8cc915b95b161781330b c1a63c6cff1abf07a3b9ccb92ccd18dd0428d612591785a66460b8adbcd35146 Loading...

	14.139.92.174/course/index.php	1.4 kB	2023-03-08	2024-04-24
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:12:40 Last Seen2024-04-24 12:33:40 Times Seen4 Hash 4d56fe138ca1516a146f21f94a930713 a85336399027cf25bb267a82d41fd932c46f2d39 2292ee80d935ee0d21a3697733141bb0959d69afa7647994dbcab4d858aa50ad Loading...

	14.139.92.174/course/index.php	938 B	2024-04-24	2024-04-24
Pretty URL 14.139.92.174/course/index.php IP 14.139.92.174 ASN #55824 NKN Core Network Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 12:33:40 Last Seen2024-04-24 12:33:40 Times Seen1 Hash 5dc0925831821d3ab18d934523dc93cd d09d366d643b1d53b97f47b0d7a4167bc4e26a0c cc038b2e42dc29434e159b58f47a6f5c5c6c0cae05752128ef765700b6da7954 Loading...

HTTP Transactions (30)

URL IP Response Size

14.139.92.174/course/index.php

14.139.92.174

200 OK

10 kB

URL User Request GET HTTP/1.1
14.139.92.174/course/index.php
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

File type
HTML document, Unicode text, UTF-8 text, with very long lines (13157), with CRLF, LF line terminators
Size
10 kB (10271 bytes)
Hash
2be474b9cb491b776b245cd72504d5c9
05dea45f3a7946d0e6fe7e9a93681bacc0406180
20e47e50dd4d5b49ab2bee14f2eb38965a137d870d52824afdcac023f1e443f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /course/index.php HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Language: en
Accept-Ranges: none
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb; path=/
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
X-Frame-Options: sameorigin
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 10271

14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css

14.139.92.174

200 OK

1.0 kB

URL GET HTTP/1.1
14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
ASCII text, with very long lines (1965)
Size
1.0 kB (1031 bytes)
Hash
73cbdae81548a6d6b35d801af5eadef8
fc80239620ebad54e36e1865338e8c5e1a7e9e8b
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: text/css;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 1031

14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js

14.139.92.174

200 OK

6.2 kB

URL GET HTTP/1.1
14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (11206)
Size
6.2 kB (6163 bytes)
Hash
1ac2c29ecc0f8716020855452601d3ac
6c9334bde26307a8bab47149861cc10ecd36115e
152e615fb1cfa6bf4b22769502cb1af2ef966a14b46774d9fda6f2ef1695f6cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/javascript.php/1712039468/lib/requirejs/require.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:16 GMT
Accept-Ranges: none
ETag: "6ae20a1984dec12aa0a551626d7c201b71fcb593"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 6163

14.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js

14.139.92.174

200 OK

139 B

URL GET HTTP/1.1
14.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
ac38aa5f1ee8447fd6fc121830d5746f
b215eb6c45c1bec7fa5e7f82a7f2357fb73b2744
6a96cd907b9a4dadcfa05428f7c0b6e922cb65cf191e0ae83cccb6ed3ed81370

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/javascript.php/1712039468/theme/academi/javascript/theme.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:16 GMT
Accept-Ranges: none
ETag: "81548e05ad86bc6dc6d9e059f61f507d280af0dc"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 139

14.139.92.174/theme/javascript.php/academi/1712039468/footer

14.139.92.174

200 OK

547 B

URL GET HTTP/1.1
14.139.92.174/theme/javascript.php/academi/1712039468/footer
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
ASCII text, with very long lines (1158)
Size
547 B (547 bytes)
Hash
cded10b0940ef1d668fd1e2177862b4c
c1bd51a332b0714bf3b971523210ca94105174a1
48d4bea06744e584e0f6f9f83da4d5ddc958605f764b884ae46bb57c09b7a3cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/javascript.php/academi/1712039468/footer HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:18 GMT
Accept-Ranges: none
ETag: "57ce08796bf3a79be0ba2a012d91588947785fa4"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 547

14.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js

14.139.92.174

200 OK

34 kB

URL GET HTTP/1.1
14.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (32039)
Size
34 kB (33869 bytes)
Hash
1d244cb043be8157f0050ce9e45c9ef2
f16bd01623fd56d1372ea2eb55cd52a28cd883f8
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/jquery.php/core/jquery-1.12.1.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=10368000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Thu, 22 Aug 2024 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "d8b7024503656d1b236fbdfe7f293d7b1ac182e7"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="jquery-1.12.1.min.js"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 33869

14.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js

14.139.92.174

200 OK

3.9 kB

URL GET HTTP/1.1
14.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (9535), with CRLF line terminators
Size
3.9 kB (3888 bytes)
Hash
cc80e00ff417beacaf90b17199b05fee
8748f8011112f5460336ce55e860128c6bfa497e
a7cd61d14aee201646d7d33a2a292483446fb45317870b9a98537080f89d7e42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/jquery.php/core/jquery-migrate-1.4.0.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=10368000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Thu, 22 Aug 2024 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "50a365811de8dcda352365383dadc1b259fc3655"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="jquery-migrate-1.4.0.min.js"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 3888

14.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js

14.139.92.174

200 OK

9.6 kB

URL GET HTTP/1.1
14.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (14700)
Size
9.6 kB (9557 bytes)
Hash
99d0fbee5b8b56b46155f8887ef2eb59
5d72c5d1036109c9558b5bcd9814a0e2706923be
d43449e21297219118ea75f7c4882c6a052bb8512672768a6e7f756f453ad169

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/javascript.php/1712039468/lib/javascript-static.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:13 GMT
Accept-Ranges: none
ETag: "a49efd363fd14576d2b9c172fc11ef79ad50d0d1"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 9557

14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js

14.139.92.174

200 OK

89 kB

URL GET HTTP/1.1
14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (6010)
Size
89 kB (88843 bytes)
Hash
827f6ccc7f5f1c980a58717911372000
5d17730f646a68856e6476e996fd899e04c75470
296d330db81c409849a2268543a966e2daddd555c4d1ba852fb36ef168357bed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "827cac562f72a9a8422f4b3e7889ba2371834642"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 88843

14.139.92.174/theme/styles.php/academi/1712039468/all

14.139.92.174

200 OK

108 kB

URL GET HTTP/1.1
14.139.92.174/theme/styles.php/academi/1712039468/all
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
Unicode text, UTF-8 text, with very long lines (1955)
Size
108 kB (108228 bytes)
Hash
d7772dabb477103ba2ce6c576dd3a748
25779394d062c18365a62f0ef298de05c98b0167
5c12f7e4dafa5cb66df662ac82f3945b836dce645492ca0e3eec9a3e68652172

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/styles.php/academi/1712039468/all HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 23 Apr 2024 12:54:11 GMT
Accept-Ranges: none
ETag: "066c3c55cda158f62ab8d0e587e2029969599637"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="styles.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 108228

14.139.92.174/theme/image.php/academi/core/1712039468/t/block_to_dock

14.139.92.174

200 OK

612 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/t/block_to_dock
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
612 B (612 bytes)
Hash
91afb357c833745b789ada7a636763c8
526dd0430e483aa2eb8d9e4b151695f7c7d28e4a
9416ccb9a28963918f7826506c678fdbd17e01e67f51c8a445da2c5db94d3e4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/t/block_to_dock HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:22 GMT
Accept-Ranges: none
ETag: "74389ace0ee16a55e580cd38477207a2080ae8eb"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="block_to_dock.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 612

14.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js

14.139.92.174

200 OK

781 B

URL GET HTTP/1.1
14.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (1374)
Size
781 B (781 bytes)
Hash
16a0db42fa9c83cd456cd36eb2efef1d
34fb3032412e0e2c66c4c9cfd53cf8d9a27f0744
bf50b02892936746d625d3ae9bca052b7adb1124c49970e69f27e7c05cbccf01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "0fa535c33ea03cae5067c07a3cf89c12ed406b1b"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 781

14.139.92.174/theme/image.php/academi/core/1712039468/t/expanded

14.139.92.174

200 OK

439 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/t/expanded
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
439 B (439 bytes)
Hash
6078d4ae5632d5948041f93100fdd483
f176e0599b77a1269e942f8d9dba3c91cbd8181e
24c7f96fe58be5e1e42905b96c3a7f830c36cfc5936ebfcf78670adb9008d8ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/t/expanded HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:19 GMT
Accept-Ranges: none
ETag: "c112b67344d5a20ed41d44d96b74bc025fc83346"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="expanded.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 439

14.139.92.174/theme/image.php/academi/theme/1712039468/ic-search

14.139.92.174

200 OK

3.1 kB

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/theme/1712039468/ic-search
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3092 bytes)
Hash
f4e3edc792a8b2ab9b16fd23b5b5751f
51ffc810d8fbe39f025c813dc232b085509828d7
1f5a29156a05755d5d6666007cc78cb10307ea6252593edf32a32fe567bf33e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/theme/1712039468/ic-search HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/png
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 09:51:27 GMT
Accept-Ranges: none
ETag: "d008f3675d353b3a5265af40ca587e58c9953883"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="ic-search.png"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 3092

14.139.92.174/lib/requirejs.php/1712039468/core/first.js

14.139.92.174

200 OK

50 kB

URL GET HTTP/1.1
14.139.92.174/lib/requirejs.php/1712039468/core/first.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (8470)
Size
50 kB (50296 bytes)
Hash
b599cee68f797c5f0b7177e0c97fb511
1a7665439eb2570c772956f83b5c8d3a4337d05f
03e016556496a65f460395a4ed52dbf81da845f38e9dcbc738cd3fa95f44792a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/requirejs.php/1712039468/core/first.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "3d7a01b70fa75069660aa90b7ad2154d6ad6c79e"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="requirejs.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 50296

14.139.92.174/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css

14.139.92.174

200 OK

1.1 kB

URL GET HTTP/1.1
14.139.92.174/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
ASCII text, with very long lines (5267)
Size
1.1 kB (1106 bytes)
Hash
a4987c5ff66d2c767838520e9394b527
844906b95defe7da93c71cbf11c1684c12aa62d3
c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: text/css;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "323202bec286f8abd417e82b36bf85c33dc46920"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 1106

14.139.92.174/theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0

14.139.92.174

200 OK

57 kB

URL GET HTTP/1.1
14.139.92.174/theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/font-woff2
Last-Modified: Fri, 18 Jan 2019 10:09:29 GMT
Accept-Ranges: bytes
ETag: "8f9f45e615afd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 56780

14.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js

14.139.92.174

200 OK

1.1 kB

URL GET HTTP/1.1
14.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
ASCII text, with very long lines (1483)
Size
1.1 kB (1078 bytes)
Hash
c36abe3da22bd663370e281204e37445
f5345d6ab10249b4c982cf66601c150bcecb34c5
2b2bdc51dee9a3859ea4f8dc5d6cdfaf0bb6ef3fa26c0a0d9b57ee2b89ba292c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "9698fe28f7ddd8c0e074d5bc6b2a615d19c89588"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 1078

14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js

14.139.92.174

200 OK

77 B

URL GET HTTP/1.1
14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
41386c0e0a69c3af2aa80a307029cee7
e84492ff15f9097d15b996cb8cbc9815f92a0eb8
be0aa8fccceaec2989338939fcec462a2714a9d7c7cdb808c6545c95c3f076fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/javascript.php/1712039468/lib/requirejs/jquery-private.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "6964f97ce8241807f000ecbb77bb6720b1ae2c18"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 77

14.139.92.174/theme/image.php/academi/core/1712039468/i/course

14.139.92.174

200 OK

981 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/i/course
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
981 B (981 bytes)
Hash
e0160d26cd6c071fdf84a6ee341195c8
ffd647273a3897edd9cbe4cdb6ddffd989cb8804
f343bb584fd9849296d0d4a50a13e8c08feb8301886b8e0f108ec96e147cf99b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/i/course HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:15 GMT
Accept-Ranges: none
ETag: "b1fe544e68e951ce66d5f24116bf27d087a9e8a0"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="course.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 981

14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_minus

14.139.92.174

200 OK

556 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_minus
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
556 B (556 bytes)
Hash
f4c12a7e627a077a9d6d50042a7cc1ab
eb78d9f8bab48041c2bd1797722410d6cd89ae6f
1758d9baa2771875ca8627e2120d504d6caea4b67fefd2d59843dfd037adbaad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/t/switch_minus HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:24 GMT
Accept-Ranges: none
ETag: "a0609852888bea4621f2b4320fe3e5c05b29fd53"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="switch_minus.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 556

14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_plus

14.139.92.174

200 OK

654 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_plus
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
654 B (654 bytes)
Hash
069bc8bc9853e2492e9951a71cd6336a
c750ea3701cc6f66e10b40fc511d05ba5424056f
2d9b9b55bfa3a7c6f6fa2ab047ab17085ebe544046909beb0b1e483c09b654a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/t/switch_plus HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:24 GMT
Accept-Ranges: none
ETag: "bb0591544738d965b61f3be1cbd22b5779d648d3"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="switch_plus.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 654

14.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js

14.139.92.174

200 OK

34 kB

URL GET HTTP/1.1
14.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JavaScript source, ASCII text, with very long lines (11029)
Size
34 kB (33856 bytes)
Hash
7f565c5da02968cbc38bf39404bcd347
e6b3a57f594b60246017646435c184589046b825
4756c22b8b906947e2e2af4c107ce71e47a29bfa0755109e17d7ceeca984a912

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:22 GMT
Accept-Ranges: none
ETag: "07186ed69146e7662454ab688d7f000df7895072"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 33856

14.139.92.174/theme/image.php/academi/theme/1712039468/favicon

14.139.92.174

200 OK

5.4 kB

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/theme/1712039468/favicon
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
6313d3586939674818fb4074a5b21e40
0adae7991acadf022c482a932ee5322f8d9a2bed
1d2e32efa495f58fd7229329ebc3138a3e78a30286535e900262b68905bf8a76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/theme/1712039468/favicon HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/vnd.microsoft.icon
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:26 GMT
Accept-Ranges: none
ETag: "8ce9423f44f61be43b73d9e07121d23418c3d0ed"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="favicon.ico"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 5430

14.139.92.174/theme/image.php/academi/core/1712039468/t/collapsed

14.139.92.174

200 OK

437 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/t/collapsed
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
437 B (437 bytes)
Hash
192cf54b051e0b05f5f79c121e24fb90
ac35281e71ed146dd280cd7e2bb398249f9a2fe4
9c3484712de5df941c4bb770005a53fa3bca5aa9e1dbbfb335e6e071dce88e0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/t/collapsed HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "dace74d804caf064225566118fd437212f570f18"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="collapsed.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 437

14.139.92.174/theme/image.php/academi/core/1712039468/i/loading_small

14.139.92.174

200 OK

1.7 kB

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/i/loading_small
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
GIF image data, version 89a, 16 x 16
Size
1.7 kB (1720 bytes)
Hash
694fd5d02d70bcf10eda9124ba7d6ada
b099d15edc6c2e75e5a8b449e6de15f95c9aa35a
2040e490bd9bfff1764312ffdec85eb78dda8b8d8785cf84d22e82298b81c255

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/i/loading_small HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/gif
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:40:10 GMT
Accept-Ranges: none
ETag: "cda8a4dff11b0dc817b2a147ba78a5b5e8375bbc"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="loading_small.gif"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 1720

14.139.92.174/pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png

14.139.92.174

200 OK

48 kB

URL GET HTTP/1.1
14.139.92.174/pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
PNG image data, 1000 x 120, 8-bit/color RGBA, non-interlaced
Size
48 kB (47943 bytes)
Hash
3c9b75d250ce90b5631692add6157878
8dfc08ef12440e23eca64778388ec2dd6c8c517b
fdffb785c5d20bc01606384d6af6a03d1ce580eeb958c5c620e3ad4d816ec882

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/png
Expires: Sun, 23 Jun 2024 10:48:21 GMT
Last-Modified: Mon, 21 Jan 2019 06:03:39 GMT
Accept-Ranges: bytes
ETag: "8dfc08ef12440e23eca64778388ec2dd6c8c517b"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="banner_bstrap.png"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 47943

14.139.92.174/lib/ajax/getnavbranch.php

14.139.92.174

200 OK

487 B

URL POST HTTP/1.1
14.139.92.174/lib/ajax/getnavbranch.php
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JSON text data
Size
487 B (487 bytes)
Hash
8468d9d5cf503f36cec330e3da5625e7
09b22ab7c7529df3c7550a351bd1ed795c10812d
365c698e67af86bd7896ff785cd7ba54ed53962b12792309ab24422402248c8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lib/ajax/getnavbranch.php HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 85
Origin: http://14.139.92.174
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 487

14.139.92.174/lib/ajax/service.php?sesskey=GeZH41AszQ

14.139.92.174

200 OK

226 B

URL POST HTTP/1.1
14.139.92.174/lib/ajax/service.php?sesskey=GeZH41AszQ
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
JSON text data
Size
226 B (226 bytes)
Hash
fae3d8d250885a795a7efa05ff7749c2
2f7aa70352101791e5155f4a83eeb582389d036f
dd7a9a34c0176691df8c1c49efc0da68117a21683e40074ada6ca8773f720603

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lib/ajax/service.php?sesskey=GeZH41AszQ HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: http://14.139.92.174
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 226

14.139.92.174/theme/image.php/academi/core/1712039468/i/navigationitem

14.139.92.174

200 OK

437 B

URL GET HTTP/1.1
14.139.92.174/theme/image.php/academi/core/1712039468/i/navigationitem
IP
14.139.92.174:80
ASN
#55824 NKN Core Network

Requested by
http://14.139.92.174/course/index.php

File type
SVG XML document
Size
437 B (437 bytes)
Hash
f3476ad26d5a44e2f2a6afc0ba549a2b
9e0b84b6f6541309671126d962de8f0c8865f411
858da4234c4349bf8ebfb026920f37fdb636337629cc4f492595e7e6b94cfd7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme/image.php/academi/core/1712039468/i/navigationitem HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:23 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "adab999f0e82cf62184a7fb9c91392df2857cb51"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="navigationitem.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 437

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL