| eduiran.ir/exam/test.php?tid=31login.php?redirect=test.php?tid=31 | 158.58.184.198 | 302 Found | 0 B |
URL User Request GET HTTP/2eduiran.ir/exam/test.php?tid=31login.php?redirect=test.php?tid=31 IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/test.php?tid=31login.php?redirect=test.php?tid=31 HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
location: login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 28 Mar 2024 13:27:54 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 | 158.58.184.198 | 200 OK | 1.1 kB |
URL User Request GET HTTP/2eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash9f8b94b38c014a562d98dc5a0af91479 9982b4fb951a351b25a4d499c10bab957a3260c0 78f57360908775c3efc242a90950e5b231f393aa70cc2a2e06fb85282e5e33cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1062
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 13:27:55 GMT
X-Firefox-Spdy: h2
|
|
| eduiran.ir/exam/themes/default/css/style.css | 158.58.184.198 | 200 OK | 2.5 kB |
URL GET HTTP/3eduiran.ir/exam/themes/default/css/style.css IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash8d0d5d3b5e7544dd8dd6e13920d473f7 062720a7200d67e1f1c7e2503bbf178dbd0ced2c 281b27689822f3d06c1b14ab405d404a6b93911d0dd7e5d35352e22fae6d0b31
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/themes/default/css/style.css HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: text/css
last-modified: Wed, 28 Oct 2015 18:05:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2475
date: Thu, 28 Mar 2024 13:27:55 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| eduiran.ir/exam/js/jquery.min.js | 158.58.184.198 | 200 OK | 32 kB |
URL GET HTTP/3eduiran.ir/exam/js/jquery.min.js IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/js/jquery.min.js HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: application/javascript
last-modified: Sat, 22 Nov 2014 05:40:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32294
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/js/assets/countdown/jquery.countdown.js | 158.58.184.198 | 200 OK | 1.1 kB |
URL GET HTTP/3eduiran.ir/exam/js/assets/countdown/jquery.countdown.js IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8d57f560d5159c2bbfa133f43e1f5519 3eb967221b3d24b67d73b0bea8c603f33e65e7b1 5fa20517ac620e5b52904ff332df9829c58a825de0c47d662ed2ca4861112d7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/js/assets/countdown/jquery.countdown.js HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: application/javascript
last-modified: Thu, 29 Dec 2011 19:48:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1112
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/js/scripts.js | 158.58.184.198 | 200 OK | 4.4 kB |
URL GET HTTP/3eduiran.ir/exam/js/scripts.js IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeJavaScript source, ASCII text, with very long lines (2609), with CRLF line terminators Hashafa4792ac387068d954b3ccc2d4da523 1c7e2952156733797fabd70d212cc6ac55c4efcf 8d6d7145213fdc375f22b2605fc1368f80b69d50e8a69c2591c9893039295a92
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/js/scripts.js HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: application/javascript
last-modified: Sat, 05 Mar 2016 11:03:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4379
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/js/bootstrap.min.js | 158.58.184.198 | 200 OK | 9.2 kB |
URL GET HTTP/3eduiran.ir/exam/js/bootstrap.min.js IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash8c237312864d2e4c4f03544cd4f9b195 253711c6d825de55a8360552573be950da180614 d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/js/bootstrap.min.js HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: application/javascript
last-modified: Mon, 16 Mar 2015 05:12:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9206
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/img/logo.png | 158.58.184.198 | 302 Found | 0 B |
URL GET HTTP/3eduiran.ir/exam/img/logo.png IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/img/logo.png HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
x-powered-by: PHP/5.6.40
location: ../?a=logo.png
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 28 Mar 2024 13:27:55 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
|
|
| eduiran.ir/exam/themes/default/css/bootstrap.min.css | 158.58.184.198 | 200 OK | 18 kB |
URL GET HTTP/3eduiran.ir/exam/themes/default/css/bootstrap.min.css IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeASCII text, with very long lines (65371) Hasheedf9ee80c2faa4e1b9ab9017cdfcb88 ed29315e0ffb3f14382431f2724235bf67f44eb3 f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/themes/default/css/bootstrap.min.css HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/themes/default/css/style.css
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: text/css
last-modified: Mon, 16 Mar 2015 05:12:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17806
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/themes/default/img/bg.jpg | 158.58.184.198 | 200 OK | 23 kB |
URL GET HTTP/3eduiran.ir/exam/themes/default/img/bg.jpg IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1700x813, components 3 Hash301c55eefa6384416ebecab5cb807dd0 9a6cff29e4be08d1e351e0e6f187f670ff9b7b63 a12bb7d96c5c410520f498a8b6e7eaba652a0a3a97d873c1c533f39f38b05bdd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/themes/default/img/bg.jpg HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/themes/default/css/style.css
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public
expires: access plus 30 minutes
content-type: image/jpeg
last-modified: Thu, 12 Jul 2012 11:46:52 GMT
accept-ranges: bytes
content-length: 23396
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/themes/default/fonts/glyphicons-halflings-regular.woff2 | 158.58.184.198 | 200 OK | 18 kB |
URL GET HTTP/3eduiran.ir/exam/themes/default/fonts/glyphicons-halflings-regular.woff2 IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18028, version 1.589 Hash448c34a56d699c29117adc64c43affeb ca35b697d99cae4d1b60f2d60fcd37771987eb07 fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/themes/default/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/themes/default/css/bootstrap.min.css
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 13:27:55 GMT
content-type: font/woff2
last-modified: Sun, 15 Mar 2015 02:09:20 GMT
accept-ranges: bytes
content-length: 18028
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/favicon.ico | 158.58.184.198 | 404 Not Found | 708 B |
IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash2382378378c002d88b9a507c712c3349 2e894db3808b554abadc8b144338ad9e2ea937ba 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|
| eduiran.ir/exam/?a=logo.png | 158.58.184.198 | 200 OK | 9.9 kB |
URL GET HTTP/3eduiran.ir/exam/?a=logo.png IP158.58.184.198:443 ASN#57497 Faraso Samaneh Pasargad Ltd.
Requested byhttps://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31 CertificateIssuerLet's Encrypt Subjectwww.lms.eduiran.ir Fingerprint84:D6:08:FD:F5:45:BC:EC:00:25:52:68:B9:97:2A:DB:96:D9:A9:8F ValiditySat, 24 Feb 2024 03:27:13 GMT - Fri, 24 May 2024 03:27:12 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash58cdb7e5c5924362a3f7defb1e97e0e9 80f0318d7458fcd4dee4d6fa2ceb8a9bc9a45bbd 717fb4996aa766e533f6de656de07ec2734623bf46adf5de502c11b33ab7606e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /exam/?a=logo.png HTTP/1.1
Host: eduiran.ir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eduiran.ir/exam/login.php?redirect=test.php%3Ftid%3D31login.php%3Fredirect%3Dtest.php%3Ftid%3D31
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=lsbinl8r2h90re36e760o5u302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: testa_user2=1; expires=Mon, 01-Apr-2024 17:27:55 GMT; Max-Age=360000; secure
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 13:27:55 GMT
|
|