| 14.139.92.174/course/index.php | 14.139.92.174 | 200 OK | 10 kB |
URL User Request GET HTTP/1.114.139.92.174/course/index.php IP14.139.92.174:80 ASN#55824 NKN Core Network
File typeHTML document, Unicode text, UTF-8 text, with very long lines (13157), with CRLF, LF line terminators Hash2be474b9cb491b776b245cd72504d5c9 05dea45f3a7946d0e6fe7e9a93681bacc0406180 20e47e50dd4d5b49ab2bee14f2eb38965a137d870d52824afdcac023f1e443f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /course/index.php HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Language: en
Accept-Ranges: none
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb; path=/
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
X-Frame-Options: sameorigin
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 10271
|
|
| 14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css | 14.139.92.174 | 200 OK | 1.0 kB |
URL GET HTTP/1.114.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeASCII text, with very long lines (1965) Hash73cbdae81548a6d6b35d801af5eadef8 fc80239620ebad54e36e1865338e8c5e1a7e9e8b fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: text/css;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 1031
|
|
| 14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js | 14.139.92.174 | 200 OK | 6.2 kB |
URL GET HTTP/1.114.139.92.174/lib/javascript.php/1712039468/lib/requirejs/require.min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (11206) Hash1ac2c29ecc0f8716020855452601d3ac 6c9334bde26307a8bab47149861cc10ecd36115e 152e615fb1cfa6bf4b22769502cb1af2ef966a14b46774d9fda6f2ef1695f6cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1712039468/lib/requirejs/require.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:16 GMT
Accept-Ranges: none
ETag: "6ae20a1984dec12aa0a551626d7c201b71fcb593"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 6163
|
|
| 14.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js | 14.139.92.174 | 200 OK | 139 B |
URL GET HTTP/1.114.139.92.174/lib/javascript.php/1712039468/theme/academi/javascript/theme.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with no line terminators Hashac38aa5f1ee8447fd6fc121830d5746f b215eb6c45c1bec7fa5e7f82a7f2357fb73b2744 6a96cd907b9a4dadcfa05428f7c0b6e922cb65cf191e0ae83cccb6ed3ed81370
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1712039468/theme/academi/javascript/theme.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:16 GMT
Accept-Ranges: none
ETag: "81548e05ad86bc6dc6d9e059f61f507d280af0dc"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 139
|
|
| 14.139.92.174/theme/javascript.php/academi/1712039468/footer | 14.139.92.174 | 200 OK | 547 B |
URL GET HTTP/1.114.139.92.174/theme/javascript.php/academi/1712039468/footer IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeASCII text, with very long lines (1158) Hashcded10b0940ef1d668fd1e2177862b4c c1bd51a332b0714bf3b971523210ca94105174a1 48d4bea06744e584e0f6f9f83da4d5ddc958605f764b884ae46bb57c09b7a3cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/javascript.php/academi/1712039468/footer HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:18 GMT
Accept-Ranges: none
ETag: "57ce08796bf3a79be0ba2a012d91588947785fa4"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 547
|
|
| 14.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js | 14.139.92.174 | 200 OK | 34 kB |
URL GET HTTP/1.114.139.92.174/theme/jquery.php/core/jquery-1.12.1.min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (32039) Hash1d244cb043be8157f0050ce9e45c9ef2 f16bd01623fd56d1372ea2eb55cd52a28cd883f8 2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/jquery.php/core/jquery-1.12.1.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=10368000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Thu, 22 Aug 2024 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "d8b7024503656d1b236fbdfe7f293d7b1ac182e7"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="jquery-1.12.1.min.js"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 33869
|
|
| 14.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js | 14.139.92.174 | 200 OK | 3.9 kB |
URL GET HTTP/1.114.139.92.174/theme/jquery.php/core/jquery-migrate-1.4.0.min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (9535), with CRLF line terminators Hashcc80e00ff417beacaf90b17199b05fee 8748f8011112f5460336ce55e860128c6bfa497e a7cd61d14aee201646d7d33a2a292483446fb45317870b9a98537080f89d7e42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/jquery.php/core/jquery-migrate-1.4.0.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=10368000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Thu, 22 Aug 2024 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "50a365811de8dcda352365383dadc1b259fc3655"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="jquery-migrate-1.4.0.min.js"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 3888
|
|
| 14.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js | 14.139.92.174 | 200 OK | 9.6 kB |
URL GET HTTP/1.114.139.92.174/lib/javascript.php/1712039468/lib/javascript-static.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (14700) Hash99d0fbee5b8b56b46155f8887ef2eb59 5d72c5d1036109c9558b5bcd9814a0e2706923be d43449e21297219118ea75f7c4882c6a052bb8512672768a6e7f756f453ad169
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1712039468/lib/javascript-static.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:13 GMT
Accept-Ranges: none
ETag: "a49efd363fd14576d2b9c172fc11ef79ad50d0d1"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 9557
|
|
| 14.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js | 14.139.92.174 | 200 OK | 89 kB |
URL GET HTTP/1.114.139.92.174/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (6010) Hash827f6ccc7f5f1c980a58717911372000 5d17730f646a68856e6476e996fd899e04c75470 296d330db81c409849a2268543a966e2daddd555c4d1ba852fb36ef168357bed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js&rollup/1712039468/mcore-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:18 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "827cac562f72a9a8422f4b3e7889ba2371834642"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 88843
|
|
| 14.139.92.174/theme/styles.php/academi/1712039468/all | 14.139.92.174 | 200 OK | 108 kB |
URL GET HTTP/1.114.139.92.174/theme/styles.php/academi/1712039468/all IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeUnicode text, UTF-8 text, with very long lines (1955) Size108 kB (108228 bytes) Hashd7772dabb477103ba2ce6c576dd3a748 25779394d062c18365a62f0ef298de05c98b0167 5c12f7e4dafa5cb66df662ac82f3945b836dce645492ca0e3eec9a3e68652172
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/styles.php/academi/1712039468/all HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:18 GMT
Last-Modified: Tue, 23 Apr 2024 12:54:11 GMT
Accept-Ranges: none
ETag: "066c3c55cda158f62ab8d0e587e2029969599637"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="styles.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:18 GMT
Content-Length: 108228
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/t/block_to_dock | 14.139.92.174 | 200 OK | 612 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/t/block_to_dock IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hash91afb357c833745b789ada7a636763c8 526dd0430e483aa2eb8d9e4b151695f7c7d28e4a 9416ccb9a28963918f7826506c678fdbd17e01e67f51c8a445da2c5db94d3e4b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/t/block_to_dock HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:22 GMT
Accept-Ranges: none
ETag: "74389ace0ee16a55e580cd38477207a2080ae8eb"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="block_to_dock.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 612
|
|
| 14.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js | 14.139.92.174 | 200 OK | 781 B |
URL GET HTTP/1.114.139.92.174/theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (1374) Hash16a0db42fa9c83cd456cd36eb2efef1d 34fb3032412e0e2c66c4c9cfd53cf8d9a27f0744 bf50b02892936746d625d3ae9bca052b7adb1124c49970e69f27e7c05cbccf01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?m/1712039468/core/event/event-min.js&m/1712039468/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "0fa535c33ea03cae5067c07a3cf89c12ed406b1b"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 781
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/t/expanded | 14.139.92.174 | 200 OK | 439 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/t/expanded IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hash6078d4ae5632d5948041f93100fdd483 f176e0599b77a1269e942f8d9dba3c91cbd8181e 24c7f96fe58be5e1e42905b96c3a7f830c36cfc5936ebfcf78670adb9008d8ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/t/expanded HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:19 GMT
Accept-Ranges: none
ETag: "c112b67344d5a20ed41d44d96b74bc025fc83346"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="expanded.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 439
|
|
| 14.139.92.174/theme/image.php/academi/theme/1712039468/ic-search | 14.139.92.174 | 200 OK | 3.1 kB |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/theme/1712039468/ic-search IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typePNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced Hashf4e3edc792a8b2ab9b16fd23b5b5751f 51ffc810d8fbe39f025c813dc232b085509828d7 1f5a29156a05755d5d6666007cc78cb10307ea6252593edf32a32fe567bf33e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/theme/1712039468/ic-search HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/png
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 09:51:27 GMT
Accept-Ranges: none
ETag: "d008f3675d353b3a5265af40ca587e58c9953883"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="ic-search.png"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 3092
|
|
| 14.139.92.174/lib/requirejs.php/1712039468/core/first.js | 14.139.92.174 | 200 OK | 50 kB |
URL GET HTTP/1.114.139.92.174/lib/requirejs.php/1712039468/core/first.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (8470) Hashb599cee68f797c5f0b7177e0c97fb511 1a7665439eb2570c772956f83b5c8d3a4337d05f 03e016556496a65f460395a4ed52dbf81da845f38e9dcbc738cd3fa95f44792a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/requirejs.php/1712039468/core/first.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:19 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "3d7a01b70fa75069660aa90b7ad2154d6ad6c79e"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="requirejs.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 50296
|
|
| 14.139.92.174/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css | 14.139.92.174 | 200 OK | 1.1 kB |
URL GET HTTP/1.114.139.92.174/theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeASCII text, with very long lines (5267) Hasha4987c5ff66d2c767838520e9394b527 844906b95defe7da93c71cbf11c1684c12aa62d3 c4cc4d14d94d940a82ceb24dc9c9ae9d4573a436e1369db31f2d9c2b1546fe18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?3.17.2/cssbutton/cssbutton-min.css HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: text/css;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "323202bec286f8abd417e82b36bf85c33dc46920"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 1106
|
|
| 14.139.92.174/theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0 | 14.139.92.174 | 200 OK | 57 kB |
URL GET HTTP/1.114.139.92.174/theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0 IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeWeb Open Font Format (Version 2), TrueType, length 56780, version 4.197 Hash97493d3f11c0a3bd5cbd959f5d19b699 1075231650f579955905bb2f6527148a8e2b4b16 aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/academi/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/font-woff2
Last-Modified: Fri, 18 Jan 2019 10:09:29 GMT
Accept-Ranges: bytes
ETag: "8f9f45e615afd41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 56780
|
|
| 14.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js | 14.139.92.174 | 200 OK | 1.1 kB |
URL GET HTTP/1.114.139.92.174/theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeASCII text, with very long lines (1483) Hashc36abe3da22bd663370e281204e37445 f5345d6ab10249b4c982cf66601c150bcecb34c5 2b2bdc51dee9a3859ea4f8dc5d6cdfaf0bb6ef3fa26c0a0d9b57ee2b89ba292c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?3.17.2/plugin/plugin-min.js&m/1712039468/core/lockscroll/lockscroll-min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=31104000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 19 Apr 2025 10:48:19 GMT
Last-Modified: Thu, 26 May 2016 02:44:18 GMT
Accept-Ranges: none
ETag: "9698fe28f7ddd8c0e074d5bc6b2a615d19c89588"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="combo"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 1078
|
|
| 14.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js | 14.139.92.174 | 200 OK | 77 B |
URL GET HTTP/1.114.139.92.174/lib/javascript.php/1712039468/lib/requirejs/jquery-private.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeASCII text, with no line terminators Hash41386c0e0a69c3af2aa80a307029cee7 e84492ff15f9097d15b996cb8cbc9815f92a0eb8 be0aa8fccceaec2989338939fcec462a2714a9d7c7cdb808c6545c95c3f076fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1712039468/lib/requirejs/jquery-private.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "6964f97ce8241807f000ecbb77bb6720b1ae2c18"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 77
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/i/course | 14.139.92.174 | 200 OK | 981 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/i/course IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hashe0160d26cd6c071fdf84a6ee341195c8 ffd647273a3897edd9cbe4cdb6ddffd989cb8804 f343bb584fd9849296d0d4a50a13e8c08feb8301886b8e0f108ec96e147cf99b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/i/course HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:15 GMT
Accept-Ranges: none
ETag: "b1fe544e68e951ce66d5f24116bf27d087a9e8a0"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="course.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 981
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_minus | 14.139.92.174 | 200 OK | 556 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/t/switch_minus IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hashf4c12a7e627a077a9d6d50042a7cc1ab eb78d9f8bab48041c2bd1797722410d6cd89ae6f 1758d9baa2771875ca8627e2120d504d6caea4b67fefd2d59843dfd037adbaad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/t/switch_minus HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:24 GMT
Accept-Ranges: none
ETag: "a0609852888bea4621f2b4320fe3e5c05b29fd53"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="switch_minus.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 556
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/t/switch_plus | 14.139.92.174 | 200 OK | 654 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/t/switch_plus IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hash069bc8bc9853e2492e9951a71cd6336a c750ea3701cc6f66e10b40fc511d05ba5424056f 2d9b9b55bfa3a7c6f6fa2ab047ab17085ebe544046909beb0b1e483c09b654a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/t/switch_plus HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:24 GMT
Accept-Ranges: none
ETag: "bb0591544738d965b61f3be1cbd22b5779d648d3"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="switch_plus.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 654
|
|
| 14.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js | 14.139.92.174 | 200 OK | 34 kB |
URL GET HTTP/1.114.139.92.174/lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeJavaScript source, ASCII text, with very long lines (11029) Hash7f565c5da02968cbc38bf39404bcd347 e6b3a57f594b60246017646435c184589046b825 4756c22b8b906947e2e2af4c107ce71e47a29bfa0755109e17d7ceeca984a912
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1712039468/lib/jquery/jquery-1.12.1.min.js HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:22 GMT
Accept-Ranges: none
ETag: "07186ed69146e7662454ab688d7f000df7895072"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="javascript.php"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 33856
|
|
| 14.139.92.174/theme/image.php/academi/theme/1712039468/favicon | 14.139.92.174 | 200 OK | 5.4 kB |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/theme/1712039468/favicon IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash6313d3586939674818fb4074a5b21e40 0adae7991acadf022c482a932ee5322f8d9a2bed 1d2e32efa495f58fd7229329ebc3138a3e78a30286535e900262b68905bf8a76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/theme/1712039468/favicon HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/vnd.microsoft.icon
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:26 GMT
Accept-Ranges: none
ETag: "8ce9423f44f61be43b73d9e07121d23418c3d0ed"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="favicon.ico"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:19 GMT
Content-Length: 5430
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/t/collapsed | 14.139.92.174 | 200 OK | 437 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/t/collapsed IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hash192cf54b051e0b05f5f79c121e24fb90 ac35281e71ed146dd280cd7e2bb398249f9a2fe4 9c3484712de5df941c4bb770005a53fa3bca5aa9e1dbbfb335e6e071dce88e0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/t/collapsed HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "dace74d804caf064225566118fd437212f570f18"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="collapsed.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 437
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/i/loading_small | 14.139.92.174 | 200 OK | 1.7 kB |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/i/loading_small IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typeGIF image data, version 89a, 16 x 16 Hash694fd5d02d70bcf10eda9124ba7d6ada b099d15edc6c2e75e5a8b449e6de15f95c9aa35a 2040e490bd9bfff1764312ffdec85eb78dda8b8d8785cf84d22e82298b81c255
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/i/loading_small HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/theme/styles.php/academi/1712039468/all
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/gif
Expires: Sun, 23 Jun 2024 10:48:20 GMT
Last-Modified: Tue, 02 Apr 2024 06:40:10 GMT
Accept-Ranges: none
ETag: "cda8a4dff11b0dc817b2a147ba78a5b5e8375bbc"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="loading_small.gif"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 1720
|
|
| 14.139.92.174/pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png | 14.139.92.174 | 200 OK | 48 kB |
URL GET HTTP/1.114.139.92.174/pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
File typePNG image data, 1000 x 120, 8-bit/color RGBA, non-interlaced Hash3c9b75d250ce90b5631692add6157878 8dfc08ef12440e23eca64778388ec2dd6c8c517b fdffb785c5d20bc01606384d6af6a03d1ce580eeb958c5c620e3ad4d816ec882
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pluginfile.php/1/theme_academi/logo/1712039468/banner_bstrap.png HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/png
Expires: Sun, 23 Jun 2024 10:48:21 GMT
Last-Modified: Mon, 21 Jan 2019 06:03:39 GMT
Accept-Ranges: bytes
ETag: "8dfc08ef12440e23eca64778388ec2dd6c8c517b"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="banner_bstrap.png"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:20 GMT
Content-Length: 47943
|
|
| 14.139.92.174/lib/ajax/getnavbranch.php | 14.139.92.174 | 200 OK | 487 B |
URL POST HTTP/1.114.139.92.174/lib/ajax/getnavbranch.php IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hash8468d9d5cf503f36cec330e3da5625e7 09b22ab7c7529df3c7550a351bd1ed795c10812d 365c698e67af86bd7896ff785cd7ba54ed53962b12792309ab24422402248c8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /lib/ajax/getnavbranch.php HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 85
Origin: http://14.139.92.174
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 487
|
|
| 14.139.92.174/lib/ajax/service.php?sesskey=GeZH41AszQ | 14.139.92.174 | 200 OK | 226 B |
URL POST HTTP/1.114.139.92.174/lib/ajax/service.php?sesskey=GeZH41AszQ IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hashfae3d8d250885a795a7efa05ff7749c2 2f7aa70352101791e5155f4a83eeb582389d036f dd7a9a34c0176691df8c1c49efc0da68117a21683e40074ada6ca8773f720603
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /lib/ajax/service.php?sesskey=GeZH41AszQ HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: http://14.139.92.174
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 226
|
|
| 14.139.92.174/theme/image.php/academi/core/1712039468/i/navigationitem | 14.139.92.174 | 200 OK | 437 B |
URL GET HTTP/1.114.139.92.174/theme/image.php/academi/core/1712039468/i/navigationitem IP14.139.92.174:80 ASN#55824 NKN Core Network
Requested byhttp://14.139.92.174/course/index.php
Hashf3476ad26d5a44e2f2a6afc0ba549a2b 9e0b84b6f6541309671126d962de8f0c8865f411 858da4234c4349bf8ebfb026920f37fdb636337629cc4f492595e7e6b94cfd7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/academi/core/1712039468/i/navigationitem HTTP/1.1
Host: 14.139.92.174
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://14.139.92.174/course/index.php
Cookie: MoodleSession=6c542d06a6819e585431af9d5f22c6fb
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public, max-age=5184000, no-transform
Content-Type: image/svg+xml
Expires: Sun, 23 Jun 2024 10:48:23 GMT
Last-Modified: Tue, 02 Apr 2024 06:31:20 GMT
Accept-Ranges: none
ETag: "adab999f0e82cf62184a7fb9c91392df2857cb51"
Server: Microsoft-IIS/10.0
Content-Disposition: inline; filename="navigationitem.svg"
X-Powered-By: PHP/7.0.32, ASP.NET
Date: Wed, 24 Apr 2024 10:48:22 GMT
Content-Length: 437
|
|