| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hasheed2f04f7bc7e4985f0371aa53b79036 bc860928df3b45c83f8513db196e33cbf46dc258 5d021bf9537537e2a0442c3d6d78770600e9ffcded9c0398cdeaf640f10a1a64
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:18:22 GMT
Last-Modified: Sat, 04 May 2024 21:13:45 GMT
Server: ECAcc (amb/6B35)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z1q9d74pxV-9prIxB7BCkLGaIPthBmD6cWFDXCLTJsp8MT161ovfZQ==
Age: 3877
|
|
| | 3.65.111.254 | 200 | 175 B |
URL User Request GET HTTP/1.1IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashca1ce3399a1abab6d52988a51f3b4307 3ceee27f1294f8d1cc213aa461cad2d2ed706cea 5eb0dfd23b6a6bc58ff93d6e8c61b6418d58fec61e55fa70ee2135a23db3f628
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-control: no-cache="set-cookie"
Content-Type: text/html
Date: Sat, 04 May 2024 22:18:22 GMT
Location: https://3.65.111.254/
Set-Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4;PATH=/;MAX-AGE=900
Content-Length: 175
Connection: keep-alive
|
|
| | 3.65.111.254 | 200 | 26 kB |
URL User Request GET HTTP/1.1IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31571), with CRLF, LF line terminators Hash0b66b188656dac5b175ac8b4fdcf125d 04b6f152a5c054bcddfe2908b8b2ebffe08fffc0 2ffec9efbf954fcf192140ca96a718fdae99e7011c72170de6c39f5de6f15787
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: private, max-age=0, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Sat, 04 May 2024 22:18:24 GMT
Expires: Thu, 04 May 2023 22:18:24 GMT
Last-Modified: Tue, 04 May 2004 22:18:24 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Set-Cookie: JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; Path=/; Secure
BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 32 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash786377f67b24ac4deed06c2e2f1245a9 f59a4c2b422b0cef0d29d74088cfce21532a3ff9 0983fcfc3072ccb41f0642e4aa9844eefc429a32929b2a0f17e011ed40f57901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"224954-1714670878194"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive
|
|
| 3.65.111.254/groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 245 kB |
URL GET HTTP/1.13.65.111.254/groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Size245 kB (244631 bytes) Hash74d82b983cd0f01749f1823061c1b024 e0270b74eadcd1c41e5ea13c3cf5e3ea9cb8647c 4fa74fa209f304d682a834e56f87d71071e33ef2f5ec0de1661c78f8ce334b50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"971503-0"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive
|
|
| 3.65.111.254/webapps/vtbe-tinymce/css/prism/prism.css?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 968 B |
URL GET HTTP/1.13.65.111.254/webapps/vtbe-tinymce/css/prism/prism.css?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash78002c2fc79e9c6119de63ecb70b8e4d a2c40e2cd25207cfc30297285488c5f527676fc1 be56dec9d9cf6b598fa197b45d0d05d79559645ecd2600b4bdd1e19d99d107a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/vtbe-tinymce/css/prism/prism.css?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"2578-1714671083703"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:31:23 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 968
Connection: keep-alive
|
|
| 3.65.111.254/webapps/videointegration/css/video-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 1.3 kB |
URL GET HTTP/1.13.65.111.254/webapps/videointegration/css/video-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash830a516f26e407ac3787637d59bf1fa2 9181a61ddc34508957340d5e3be121c663ca5122 fc563ce4fca78532552a1a6e3015c4b03d5ce2005db329511d66301f18d98c65
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/videointegration/css/video-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"6598-1714671217924"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:33:37 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 1331
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/css/multi_factor_authentication.css?v=3900.91.0-rel.20+75bf374_authLogin | 3.65.111.254 | 200 | 1.9 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/css/multi_factor_authentication.css?v=3900.91.0-rel.20+75bf374_authLogin IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashe96957c79a9f125ea7c78ede0e22af6d 376c94dbdb4d42f2f1095819cd2ccd96947978e6 3852ef20b02a33b2042d01cb38a8737e8a180d31fc6fb08418c8ad3188f6470e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/css/multi_factor_authentication.css?v=3900.91.0-rel.20+75bf374_authLogin HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"7882-1714670878194"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 1910
Connection: keep-alive
|
|
| 3.65.111.254/webapps/allyintegration/css/ally-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 690 B |
URL GET HTTP/1.13.65.111.254/webapps/allyintegration/css/ally-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash77ee8e44be74000901b68dde0ebbe5c5 1473844b68204be1d11fafb6e1c38de4604032e0 9fad912cf6e57ee64c28cb404620f34a38a261b00152b211e4f9cb7cd9fd9299
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/allyintegration/css/ally-integration.css?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"2621-1714671063339"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:31:03 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 690
Connection: keep-alive
|
|
| 3.65.111.254/webapps/login/dwr_open/interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 268 B |
URL GET HTTP/1.13.65.111.254/webapps/login/dwr_open/interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash06d90f68edce60f54dcf573ca0ed779c a0c5250aa1f8f1d6c6f83ae81472718bc89a8811 c4f59619afee34b439315b362a9758a7594411a76531288af22070268b2199c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/login/dwr_open/interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/javascript;charset=utf-8
Date: Sat, 04 May 2024 22:18:24 GMT
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Wed, 11 Oct 1972 19:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 268
Connection: keep-alive
|
|
| 3.65.111.254/webapps/login/dwr_open/interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 326 B |
URL GET HTTP/1.13.65.111.254/webapps/login/dwr_open/interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash9bc1134c93b5f998658908843f690347 0c80881811b489688de42740d8bc347f0dd06f8a 4cd15932a8e59ff70ea9e197361ec49ae85526a26dfc8cf3b8cd993213fb7be3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/login/dwr_open/interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/javascript;charset=utf-8
Date: Sat, 04 May 2024 22:18:24 GMT
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Wed, 11 Oct 1972 19:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 326
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/js/hide-focus-outline.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 472 B |
URL GET HTTP/1.13.65.111.254/ui-ultra/js/hide-focus-outline.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash343244e5258e2ef8dde956703460baa8 0899037c3e1b694169057644814cf6740a8f75cb ac41ec5d4eb98e51271ecc1068100d6b3ddf9528745cb2052096dfa697e51171
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/js/hide-focus-outline.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"1224-1714670878182"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 472
Connection: keep-alive
|
|
| 3.65.111.254/groupjs/CF5EB2DF706323D8A747A7FDDC72B8BC.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 1.3 kB |
URL GET HTTP/1.13.65.111.254/groupjs/CF5EB2DF706323D8A747A7FDDC72B8BC.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hash3044ad6ddcfeca90b7421a8034328589 edcc324f98e07442f9f610eceaaa0776b1af9589 177d5c312e61851bc963cd1a1e4987e705b48b1f81b8bb130ad700cc7cd07cba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /groupjs/CF5EB2DF706323D8A747A7FDDC72B8BC.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"4396-0"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 1349
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/js/login-page.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 1.3 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/js/login-page.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hashd9cca39466f7bea7f0431e320e1d36e1 1a898cc69ac4fa64f388e72264a58db322a8eda0 86ade681c0bf2c7c36b415adb3138e77e9aa4f15f8768c71f1926b0dbb65f5ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/js/login-page.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"3647-1714670878186"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 1331
Connection: keep-alive
|
|
| 3.65.111.254/javascript/qrcodejs/qrcode.min.js | 3.65.111.254 | 200 | 7.0 kB |
URL GET HTTP/1.13.65.111.254/javascript/qrcodejs/qrcode.min.js IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (19928) Hash272a836f3b4bff95839c86eb6064cd85 425c063b9b3f7b4c187c5903f1014a45112b8e6f 2128d181bff54d66702dbb9dca6361bff68e92ce51c2cc9a526a58c3b63a97a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /javascript/qrcodejs/qrcode.min.js HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"19929-1714670898106"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:28:18 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 7010
Connection: keep-alive
|
|
| 3.65.111.254/groupjs/80851F157BFF4E62F7B184ECD00DA640.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 30 kB |
URL GET HTTP/1.13.65.111.254/groupjs/80851F157BFF4E62F7B184ECD00DA640.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash41c509236e8f0745b7ec9bd0859e2dc5 497eaa23ad84647f59cef95a1969c6a17cd4a661 7d3cf7f85e05a028c538c7de469e9b297fc16363dc0aac82ddd37037b0eedafa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /groupjs/80851F157BFF4E62F7B184ECD00DA640.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"126302-0"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 30247
Connection: keep-alive
|
|
| 3.65.111.254/webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 955 B |
URL GET HTTP/1.13.65.111.254/webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashc2dfa8a026dc7f23c851182267a410cc d22c9ce9b62473438d05954e78a7f14e52f38975 6ad8d6e55f9a039561ce1ebee3dd66a919026919bc18f60d69ed7571879c4158
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"3022-1714671078299"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:31:18 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 955
Connection: keep-alive
|
|
| 3.65.111.254/branding/_1_1/loginLogo/CustomLoginLogo.png?m=kzcs64lf | 3.65.111.254 | 200 | 22 kB |
URL GET HTTP/1.13.65.111.254/branding/_1_1/loginLogo/CustomLoginLogo.png?m=kzcs64lf IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typePNG image data, 1300 x 1300, 8-bit/color RGBA, non-interlaced Hashb005529f7c8c765969dfd841114c427c d0291e01fa7fe0b688da2a9585e9f612aaca1ce1 f42707adb05fc907ed4b67132158b3bcf47dacefdb473db0f1bf7a576c6e236f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /branding/_1_1/loginLogo/CustomLoginLogo.png?m=kzcs64lf HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/png
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"22078-1714673117127"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 18:05:17 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 22078
Connection: keep-alive
|
|
| 3.65.111.254/images/ci/icons/complete.svg | 3.65.111.254 | 200 | 197 B |
URL GET HTTP/1.13.65.111.254/images/ci/icons/complete.svg IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbace85b1fa415de4a4a74ca3d381902d 7483c9d380d9c771840f9a0f4d1a896c5fc644d0 6b1d4c32909ee44f2d4e1800bad63003aa44eee1898d89992a061985780f6687
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/ci/icons/complete.svg HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714871904,id:6F6F9CA254D454497C24F98D04824C49,signature:3e3e8ab317f6f4fe46afeaed5f9bb4643393e30c999ef977d8376502e0600766,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: private, max-age=0, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"342-1714670879670"
Expires: Thu, 04 May 2023 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:59 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 197
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/fonts/open-sans/open-sans-regular.woff | 3.65.111.254 | 200 | 20 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/fonts/open-sans/open-sans-regular.woff IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 20216, version 1.1 Hashcb721d9fb2f39c4c5fa9d75dd46ce78d 1ae6eab90118f90e61bd2a03fe7462b043756ccf 615494a93f61434c21c6a35e51b508950d66d7784b2f4deb10b7a904b4cca17c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/fonts/open-sans/open-sans-regular.woff HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: font/woff
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"20216-1714670878186"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 20216
Connection: keep-alive
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/ui/styles/print.css?v=3900.91.0-rel.20+75bf374 | 104.18.34.143 | 200 OK | 28 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/ui/styles/print.css?v=3900.91.0-rel.20+75bf374 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeassembler source, ASCII text Hash5a1e4691f6428cdb6b4f8ec2d1bce4e3 7911721bafe245912ae7f2b57dbf7b9fb8b29e9c 163c303141da19cb841148180700c456ca7ba0712600cd411e83841b637f47c9
GET /3900.91.0-rel.20+75bf374/ui/styles/print.css?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:24 GMT
content-type: text/css
cf-ray: 87ebddd12cccb518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218783
cache-control: public, max-age=2592000
etag: W/"5a1e4691f6428cdb6b4f8ec2d1bce4e3"
last-modified: Tue, 30 Apr 2024 19:15:50 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3.65.111.254/ui-ultra/fonts/noto-serif/noto-serif-700.woff | 3.65.111.254 | 200 | 30 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/fonts/noto-serif/noto-serif-700.woff IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 30528, version 1.1 Hashcac059679f33a22db64077fcb2d373c3 fd451671d7ab29a818a1a4cc13b8873169b5a459 7524d2331d9b06db184c22369be31cea7aa53227d96f9f13d24745c354e74541
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/fonts/noto-serif/noto-serif-700.woff HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: font/woff
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"30528-1714670878190"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 30528
Connection: keep-alive
|
|
| 3.65.111.254/ui-ultra/bower_components/bb-foundation-extensions/fonts/bb-icons.woff | 3.65.111.254 | 200 | 57 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/bower_components/bb-foundation-extensions/fonts/bb-icons.woff IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 56576, version 1.0 Hash60a094fee3c9fa7024cd48899403bfa6 44eb42c01be12b54c6423ae52e05252d0e94936f 44586a326d1be6119b94c73f00261828398e817bdf47dd2cb0e887eaa5af8f12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/bower_components/bb-foundation-extensions/fonts/bb-icons.woff HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: font/woff
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"56576-1714670878294"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 56576
Connection: keep-alive
|
|
| 3.65.111.254/webapps/privacy-disclosure/execute/consent?backURL=https%3A//3.65.111.254/&preview=false&blackboard.platform.security.NonceUtil.nonce=login | 3.65.111.254 | 200 | 19 kB |
URL GET HTTP/1.13.65.111.254/webapps/privacy-disclosure/execute/consent?backURL=https%3A//3.65.111.254/&preview=false&blackboard.platform.security.NonceUtil.nonce=login IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (31571) Hash9a2afacabee2ccf3064b4fde9dea3ca1 4e375a6bfa6579318d689db9d291003777989e7f 6073bff6a8f0cf8a24ab394790b1982ce4e2b70a91e8def796b872aafc1e8f54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/privacy-disclosure/execute/consent?backURL=https%3A//3.65.111.254/&preview=false&blackboard.platform.security.NonceUtil.nonce=login HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.7
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: private, max-age=0, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Sat, 04 May 2024 22:18:25 GMT
Expires: Thu, 04 May 2023 22:18:25 GMT
Last-Modified: Tue, 04 May 2004 22:18:25 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Set-Cookie: JSESSIONID=68FDBE8444F59ACACECF5F9B3F122919; Path=/webapps/privacy-disclosure; Secure
BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 18957
Connection: keep-alive
|
|
| blackboard.ie.edu/bbcswebdav/institution/Fondo_Login.jpg | 3.65.111.254 | 302 | 0 B |
URL GET HTTP/1.1blackboard.ie.edu/bbcswebdav/institution/Fondo_Login.jpg IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bbcswebdav/institution/Fondo_Login.jpg HTTP/1.1
Host: blackboard.ie.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Access-Control-Allow-Origin: https://blackboard.ie.edu
Cache-Control: private, max-age=0, no-store, must-revalidate, no-cache="set-cookie"
Content-Security-Policy: frame-ancestors 'self'
Date: Sat, 04 May 2024 22:18:25 GMT
Expires: Thu, 04 May 2023 22:18:25 GMT
Last-Modified: Tue, 04 May 2004 22:18:25 GMT
Location: https://alt-602a4d3616431.blackboard.com/bbcswebdav/institution/Fondo_Login.jpg?source_domain=blackboard.ie.edu
P3P: CP="CAO PSA OUR"
Pragma: private
Set-Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4BF8BD47B8D608973DE63CDDB8ACCF9CE493AABCCDE1135458D508365530240B5640BF2DA11921F4810708CE1013517CFB;PATH=/;MAX-AGE=900
AWSELBCORS=077F23DD16158118DD7F63B8FFB2EBC82D97657F4BF8BD47B8D608973DE63CDDB8ACCF9CE493AABCCDE1135458D508365530240B5640BF2DA11921F4810708CE1013517CFB;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
X-Blackboard-appserver: ip-10-148-214-103.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 0
Connection: keep-alive
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NQS7233 | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-NQS7233 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7850) Size101 kB (101065 bytes) Hash004aa719159503ab8b7d2daff2ff2a1e b806ba799680fe7b4e4eda84640e7277ff94ea91 68cc3c5f739fb4e0cf9f2e464d7b1b93c88aa534a7f1206483536c212666729b
GET /gtm.js?id=GTM-NQS7233 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:18:25 GMT
expires: Sat, 04 May 2024 22:18:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 3.65.111.254/groupjs/980603558B5E1D7770D841909A6357A8.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 30 kB |
URL GET HTTP/1.13.65.111.254/groupjs/980603558B5E1D7770D841909A6357A8.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashf3e83b509b3991a020975e6028d243c3 a73787198d4ca46a0399d6c02302cc6631ac7c3f 9d92b2ffaa94f57dbfa0d6326cd6de3ba39b5ba0b948bc0920bbdd67e1891d5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /groupjs/980603558B5E1D7770D841909A6357A8.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:25 GMT
ETag: W/"126302-0"
Expires: Sun, 04 May 2025 22:18:25 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 30279
Connection: keep-alive
|
|
| 3.65.111.254/webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 955 B |
URL GET HTTP/1.13.65.111.254/webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashc2dfa8a026dc7f23c851182267a410cc d22c9ce9b62473438d05954e78a7f14e52f38975 6ad8d6e55f9a039561ce1ebee3dd66a919026919bc18f60d69ed7571879c4158
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webapps/privacy-disclosure/js/cookieConsent.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: JSESSIONID=68FDBE8444F59ACACECF5F9B3F122919; AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:25 GMT
ETag: W/"3022-1714671078299"
Expires: Sun, 04 May 2025 22:18:25 GMT
Last-Modified: Thu, 02 May 2024 17:31:18 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 955
Connection: keep-alive
|
|
| 3.65.111.254/groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 | 3.65.111.254 | 200 | 245 kB |
URL GET HTTP/1.13.65.111.254/groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Size245 kB (244631 bytes) Hash74d82b983cd0f01749f1823061c1b024 e0270b74eadcd1c41e5ea13c3cf5e3ea9cb8647c 4fa74fa209f304d682a834e56f87d71071e33ef2f5ec0de1661c78f8ce334b50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /groupjs/B32394EFEE52C0BE4A4A0459E41718A0.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:25 GMT
ETag: W/"971503-0"
Expires: Sun, 04 May 2025 22:18:25 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash19a02d46075878e0d2508174996cad62 298b5dc9f10427b9c795df1cb8a9cb449cc0ad6a d1fc0f46bac858969034badb8192c82f358271508682cf9a45607c1590586597
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:18:25 GMT
Last-Modified: Sat, 04 May 2024 21:21:55 GMT
Server: ECAcc (amb/6B43)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 78S9BXJYIIDEjdlMTtd3R0eqDnSyooGp7yAtyk8_qIfOTT9ko4g1sA==
Age: 3390
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-regular.woff | 104.18.34.143 | 200 OK | 20 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-regular.woff IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeWeb Open Font Format, TrueType, length 20216, version 1.1 Hashcb721d9fb2f39c4c5fa9d75dd46ce78d 1ae6eab90118f90e61bd2a03fe7462b043756ccf 615494a93f61434c21c6a35e51b508950d66d7784b2f4deb10b7a904b4cca17c
GET /3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-regular.woff HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: font/woff
content-length: 20216
cf-ray: 87ebddd47f81b518-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 217655
cache-control: public, max-age=2592000
etag: "cb721d9fb2f39c4c5fa9d75dd46ce78d"
last-modified: Tue, 30 Apr 2024 19:15:49 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/noto-serif/noto-serif-regular.woff | 104.18.34.143 | 200 OK | 27 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/noto-serif/noto-serif-regular.woff IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeWeb Open Font Format, TrueType, length 26800, version 1.1 Hashb6ba7dac6b1c9fae143afd1ce4525e20 2955ba4f22888a7eed61748798833c22483180f9 ea01504bd051c7abe5f01fca1f3d916766a2b48954eb5e3ec70b9a3c1b5d00b2
GET /3900.91.0-rel.20+75bf374/themes/as_2015/fonts/noto-serif/noto-serif-regular.woff HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: font/woff
content-length: 26800
cf-ray: 87ebddd47f85b518-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 196955
cache-control: public, max-age=2592000
etag: "b6ba7dac6b1c9fae143afd1ce4525e20"
last-modified: Tue, 30 Apr 2024 19:15:49 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-700.woff | 104.18.34.143 | 200 OK | 21 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-700.woff IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeWeb Open Font Format, TrueType, length 20964, version 1.1 Hash107bc2e1387828d8595ef4452c3fc666 4e630a4f834886ab65248b9dfb679659d079a764 2944acfdff85dc6308cf8a2766b6efce9ec63fc8356fd5118a98001b936e50dc
GET /3900.91.0-rel.20+75bf374/themes/as_2015/fonts/open-sans/open-sans-700.woff HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: font/woff
content-length: 20964
cf-ray: 87ebddd47f8cb518-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 217655
cache-control: public, max-age=2592000
etag: "107bc2e1387828d8595ef4452c3fc666"
last-modified: Tue, 30 Apr 2024 19:15:49 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/images/reorder_bg.png | 104.18.34.143 | 200 OK | 330 B |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/images/reorder_bg.png IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typePNG image data, 17 x 33, 8-bit/color RGBA, non-interlaced Hashadc43cb2b68639182095e0d5386ccfda afb5eb3618229618e1b05a90ce155fa56a626842 2406525bd2af383be7b20e401d1d79e01b86e4576e46c205b27cd2202db1cc2d
GET /3900.91.0-rel.20+75bf374/themes/as_2015/images/reorder_bg.png HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/theme.css?v=3900.91.0-rel.20+75bf374
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: image/png
content-length: 330
cf-ray: 87ebddd47f80b518-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 217655
cache-control: public, max-age=2592000
etag: "adc43cb2b68639182095e0d5386ccfda"
last-modified: Tue, 30 Apr 2024 19:15:50 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| prod-eu-central-1.ally.ac/integration/learn/ally.js?_=1714861104783 | 3.127.8.17 | 200 OK | 480 B |
URL GET HTTP/2prod-eu-central-1.ally.ac/integration/learn/ally.js?_=1714861104783 IP3.127.8.17:443
CertificateIssuerAmazon Subject*.ally.ac Fingerprint6A:A4:E8:83:CA:9E:0B:57:75:33:C8:A0:DE:17:C7:57:08:DC:AA:9D ValidityTue, 06 Feb 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash29b22c32738633880206e29afc05a4a1 e7e52752b49be9920b81be2298ded90d04ff4158 b90c4273bc16e8969f8a153f76525ed2e91a4d85a043b6a613ed6fa43274879f
GET /integration/learn/ally.js?_=1714861104783 HTTP/1.1
Host: prod-eu-central-1.ally.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
content-length: 480
server: Apache
strict-transport-security: max-age=31536000
last-modified: Mon, 29 Apr 2024 12:17:28 GMT
etag: "353-6173b3ca1a600-gzip"
accept-ranges: bytes
cache-control: max-age=0
expires: Sat, 04 May 2024 22:18:25 GMT
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-encoding, accept-language, authorization, host, referer, user-agent
access-control-max-age: 86400, 86400
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js | 104.18.34.143 | 200 OK | 1.3 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
Hasha183fc09aa8be412e99d9f469396fd48 3e4d6d08adf86ca9f173654883a720b85568c288 2f6a37a29c735dc433c33e9581d0fd237918b350ab5636bd867920cdca147940
GET /3900.91.0-rel.20+75bf374/javascript/cookie.js HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
cf-ray: 87ebddd30e7bb518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218785
cache-control: public, max-age=2592000
etag: W/"a183fc09aa8be412e99d9f469396fd48"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/FontAwesome/fontawesome-webfont.woff?v=3.2.1 | 104.18.34.143 | 200 OK | 44 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/FontAwesome/fontawesome-webfont.woff?v=3.2.1 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeWeb Open Font Format, TrueType, length 43572, version 1.0 Hashb683029bafe0305ac2234038a03e1541 12f8c193902e99348493ace32e498031bf79b654 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
GET /3900.91.0-rel.20+75bf374/fonts/FontAwesome/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: font/woff
content-length: 43572
cf-ray: 87ebddd53804b518-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 217640
cache-control: public, max-age=2592000
etag: "b683029bafe0305ac2234038a03e1541"
last-modified: Tue, 30 Apr 2024 19:15:26 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/destination?id=DC-6975435&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 78 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=DC-6975435&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashca2c3f655a58c63586a0ea24171b2e1d 0b0fb0fdc4f8c4881f7b820865d0dfa1f12b13b8 8c894503d999fe4d0b56f95568de238d528e2efcf5a463100a5b484496e711b1
GET /gtag/destination?id=DC-6975435&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:18:25 GMT
expires: Sat, 04 May 2024 22:18:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/theme.css?v=3900.91.0-rel.20+75bf374 | 104.18.34.143 | 200 OK | 145 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/themes/as_2015/theme.css?v=3900.91.0-rel.20+75bf374 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeUnicode text, UTF-8 text, with very long lines (2593) Size145 kB (145119 bytes) Hash44c5a030223639a85c3663a30c7ff68e 0dea94b2b2f8a5113f19e47fe73ec6fd4d74758a 6dd1bfccb4ff391567b9815701fef952e072f641d5526dedced218b8564c6c97
GET /3900.91.0-rel.20+75bf374/themes/as_2015/theme.css?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: text/css
cf-ray: 87ebddd2fe76b518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218785
cache-control: public, max-age=2592000
etag: W/"44c5a030223639a85c3663a30c7ff68e"
last-modified: Tue, 30 Apr 2024 19:15:50 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/destination?id=AW-1038677761&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-1038677761&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashae3d984bb72a235900040b9b478f8b62 8de243e89a63bfe3d8ef72335118a1e013f238ab 7502ca05ff9e178bbc208323bc80e0ee70691fe534376197bed78fbab9f0372c
GET /gtag/destination?id=AW-1038677761&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:18:25 GMT
expires: Sat, 04 May 2024 22:18:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NQS7233 | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-NQS7233 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7850) Size101 kB (101065 bytes) Hash87fff7fe120f4070a47fa366a3270ef1 fd755ad4e1e415f37ff037788f20e83b52d96539 82748dd1309432f6b39d82ccaa73c6cb0c4ba919700392dca84c3be55802976d
GET /gtm.js?id=GTM-NQS7233 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:18:25 GMT
expires: Sat, 04 May 2024 22:18:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| alt-602a4d3616431.blackboard.com/bbcswebdav/institution/Fondo_Login.jpg?source_domain=blackboard.ie.edu | 3.65.111.254 | 302 | 0 B |
URL GET HTTP/1.1alt-602a4d3616431.blackboard.com/bbcswebdav/institution/Fondo_Login.jpg?source_domain=blackboard.ie.edu IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bbcswebdav/institution/Fondo_Login.jpg?source_domain=blackboard.ie.edu HTTP/1.1
Host: alt-602a4d3616431.blackboard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.65.111.254/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302
Cache-Control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
Content-Security-Policy: frame-ancestors 'self'
Date: Sat, 04 May 2024 22:18:25 GMT
Expires: 0
Last-Modified: Tue, 04 May 2004 22:18:25 GMT
Location: https://learn-eu-central-1-prod-fleet01-xythos.content.blackboardcdn.com/602a4d3616431/8887?X-Blackboard-S3-Bucket=learn-eu-central-1-prod-fleet01-xythos&X-Blackboard-Expiration=1714878000000&X-Blackboard-Signature=SQ0pGltXhH7PgX1RgnNpUhPZuiWGfFoCuvQTuMw4MOI%3D&X-Blackboard-Client-Id=100649&X-Blackboard-S3-Region=eu-central-1&response-cache-control=private%2C%20max-age%3D21600&response-content-disposition=inline%3B%20filename%2A%3DUTF-8%27%27Fondo_Login.jpg&response-content-type=image%2Fjpeg&X-Amz-Security-Token=IQoJb3JpZ2luX2VjED4aDGV1LWNlbnRyYWwtMSJIMEYCIQCQXzWlfuHGnQFQGY6UCG79HXA7e7dqfq%2FSy7tVfSjVIAIhAJHA57q3Y7HQkZUmBE7k2AOAgHHUQYQy%2F%2Bx4ZUtXs8YbKscFCJf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQAxoMNjM1NTY3OTI0MTgzIgzHBRtrBr8p1nL11psqmwV26bPnLEn3A0fE5FlIDuV93SxuatzA%2FazSrEcEh4OBIP9GPhnFocRFmUw8jadzXtMG73%2BrckYgv9v%2Bm09QYB3YyuU8hwcgS%2Fto7S35N8hgp4quLN5KK6vNmIQTzpiW1G0TLb3iCRS7u0qgzdOBnzMnOZ5pruH33m35J66tFHapAR4bxY02usCthSN2%2BkMWgBYufX2fXuphLlmgDI9TM%2BfamHOa%2FWUK7m7NYiVrFUDzGmvmFE2Zu3AsSOMa1XK9usGBkl704tnPW4ktaAghSSPwRy7n1UW5yhVJFG8DIq9r1wCAHp%2Baol1XEVIc8z0WbB0R71sZCxO114BlOVp8cxBvOWftkG%2F52FR%2ByyZ2P12ZQuzXrczA0%2BJB%2FMttcPtblAVy17cjidi9JkuGxtSILHaOsSRb2k19G%2FzI1rNK9DMjw6YTq%2BtcU%2F9NRlRYxtG7aR5uQusckMyYBmUuEI4yL4ZsFcD9CpaPTEHoNUiBXcOM411PGdCZXrOZJ9EAvZBLCB7uGQkhDtI8c%2FMmOkBajRDRhDlrE9%2Bsk9Xne5JjxIkTxJrIcT3BYhp1GLXBAb%2Fh4GhEizdafzur1R%2FDNoiq7CBLR43RA%2Fka%2FGi%2BVi3J%2FnuAMe%2BDUzdJir5Urhz%2BHFoJ2G4NlyeazUWllNyXyxPIPTSg8KEsacpE6Gd74OSHU9wmGzTYbbjErScC6VRlxCBx2qJ3Phsm8DFS1mJ67IVOpMBWz9gDhWvA2D4Whomts1p8nL1QUbGSyqsC%2Brr4L1XuhQXgHla5GYaMMQiS9fwCTVsnZpjEwifcxJeG87COCCWvkPIYymQ4dLnrpB8pbkK7Nznqs7iQ08a2z6tjY6mze30qnJljdr81WfEP8saLh0ewnHq0snO0pNdNIgX0MJvc2rEGOrAB3ApN6BIzMbZHp6vBVbbrzSOZNA4jKRmE7qz%2BxF1PIfDpu8lorkEhRJk2CHom5S6rI%2FFOzglFkOvOt76mbIr6VOrROkzzDDFHi17TtCVlLi2Eg57KBVcQqeOpU4R0H2ZnwMvFejfus0zIF9kyQmYhGuZQ6mdmYH5E2MxJ4i5mGZTHV7dQ0uYm2KwFedj%2F0UXoPrhouPLUVV3LiT3cseXFzjQErNtXlGRvtIN5nrlA6A8%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240504T210000Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Credential=ASIAZH6WM4PLW4QAWKEH%2F20240504%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Signature=94998d6598d9a33e8d644b8b4d84f5a4a2a5d08a76251f74a320f7985948365e
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Set-Cookie: source_domain="YmxhY2tib2FyZC5pZS5lZHU="; Version=1; Path=/; Secure; HttpOnly; SameSite=None
AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4BF8BD47B8D608973DE63CDDB8ACCF9CE493AABCCDE1135458D508365530240B56AE26B3D7C782DECE9AEAEF54056928D2;PATH=/;MAX-AGE=900
AWSELBCORS=077F23DD16158118DD7F63B8FFB2EBC82D97657F4BF8BD47B8D608973DE63CDDB8ACCF9CE493AABCCDE1135458D508365530240B56AE26B3D7C782DECE9AEAEF54056928D2;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Blackboard-appserver: ip-10-148-213-163.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 0
Connection: keep-alive
|
|
| storage.googleapis.com/html_test_sldldsldw/iframe.html | 142.250.74.187 | 200 OK | 371 B |
URL GET HTTP/2storage.googleapis.com/html_test_sldldsldw/iframe.html IP142.250.74.187:443
CertificateIssuerGoogle Trust Services LLC Subjectstorage.googleapis.com Fingerprint20:06:F0:40:84:A5:B3:5B:B0:13:3B:BF:C4:47:06:7C:D2:41:90:3A ValidityTue, 16 Apr 2024 04:35:37 GMT - Tue, 09 Jul 2024 04:35:36 GMT
File typeHTML document, ASCII text Hash7a3e31c9be2997f7d45d3f0fbb4f07b0 62d5d304b719da6eaf2d07e64b1b3ddc23007b36 f8f89bf2e330bf3e761932d52936c708a9c8341cb89aad195314c7f887582955
GET /html_test_sldldsldw/iframe.html HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPorY6Hba1lgGyyt_t1Xr6PxeGSDJ4uPN3HCyTPwly5VfbCl6g4n1JjANmCHLD0Jpj0jBvI
x-goog-generation: 1704979087355013
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 371
x-goog-hash: crc32c=eYpDoQ==, md5=ej4xyb4pl/fUXT8Pu08HsA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 371
server: UploadServer
date: Sat, 04 May 2024 21:54:38 GMT
expires: Sat, 04 May 2024 22:54:38 GMT
cache-control: public, max-age=3600
age: 1427
last-modified: Thu, 11 Jan 2024 13:18:07 GMT
etag: "7a3e31c9be2997f7d45d3f0fbb4f07b0"
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374 | 104.18.34.143 | 200 OK | 55 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
Hash9803ab26fad5ff933eaf91019dadc102 938a8a0bf30575a959133cf19374bdc41f14200b 6ccc4db52a60ffda910783e43af9ab0bd0d626427667c41b1c8bef09d0154c38
GET /3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: text/css
cf-ray: 87ebddd2fe6db518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218785
cache-control: public, max-age=2592000
etag: W/"9803ab26fad5ff933eaf91019dadc102"
last-modified: Tue, 30 Apr 2024 19:15:23 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3.65.111.254/favicon.ico | 3.65.111.254 | 200 | 2.6 kB |
IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashe60d45ed40811e2af464be6dd48f16df 378903c1d74b3fb2cb4c4ab3fa09f09d305214ba 7310e3c01e1ec9f241ace4cae6ab0bb36185d9d54e9e6a7422aa1f976ef5f6a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; _gcl_au=1.1.1488710673.1714861106; _ga_Y7HB3S34Y5=GS1.1.1714861105.1.0.1714861105.60.0.0; _ga=GA1.1.1134907962.1714861106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Cache-Control: max-age=300,must-revalidate
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/x-icon
Date: Sat, 04 May 2024 22:18:25 GMT
ETag: W/"3370-1714673132147"
Expires: Sun, 04 May 2025 22:18:25 GMT
Last-Modified: Thu, 02 May 2024 18:05:32 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862905,id:6F6F9CA254D454497C24F98D04824C49,signature:b7ccd2e8ed1b671ee06aff3362ac56b7ccc2827f452056f9159edcefe36d1ab5,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-205-148.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn ™ 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 2639
Connection: keep-alive
|
|
| bat.bing.com/bat.js | 204.79.197.237 | 200 OK | 13 kB |
IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46429), with no line terminators Hash72bca04fd669eb89fc65d59052d0fc00 27e60aef86f0cb1b2f6b6ed9df9a4e3ba88efd21 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13261
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ranges: bytes
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 54A26042305541EC8E02FE19A7940A0A Ref B: OSL30EDGE0414 Ref C: 2024-05-04T22:18:25Z
date: Sat, 04 May 2024 22:18:25 GMT
X-Firefox-Spdy: h2
|
|
| prod-eu-central-1.ally.ac/static/integration/learn/ally.7a8867efc05204cd720c.js | 3.127.8.17 | 200 OK | 541 kB |
URL GET HTTP/2prod-eu-central-1.ally.ac/static/integration/learn/ally.7a8867efc05204cd720c.js IP3.127.8.17:443
CertificateIssuerAmazon Subject*.ally.ac Fingerprint6A:A4:E8:83:CA:9E:0B:57:75:33:C8:A0:DE:17:C7:57:08:DC:AA:9D ValidityTue, 06 Feb 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Size541 kB (540595 bytes) Hash5263f2666ecfc838034671985a4693ee 45be87d7c7c8c6c18c288a4bdfe8813d7025d205 cc28d4d5a1ec5e83cbff92079f9ebc3055c24fe87f7403731439a6f0a8c534d9
GET /static/integration/learn/ally.7a8867efc05204cd720c.js HTTP/1.1
Host: prod-eu-central-1.ally.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
server: Apache
strict-transport-security: max-age=31536000
last-modified: Mon, 29 Apr 2024 12:17:28 GMT
etag: "507a2-6173b3ca1a600-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 04 May 2025 22:18:25 GMT
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-encoding, accept-language, authorization, host, referer, user-agent
access-control-max-age: 86400, 86400
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/22021935.js | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/p/action/22021935.js IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/22021935.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB33D958AFDB46F5B90CF7360090BAA2 Ref B: OSL30EDGE0414 Ref C: 2024-05-04T22:18:26Z
date: Sat, 04 May 2024 22:18:25 GMT
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/icon-listing.css | 104.18.34.143 | 200 OK | 3.1 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/icon-listing.css IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
Hash1c41a4e6a2ad6e410fb6d3520e3b2c82 a6d9b2adf78fbeca9f312ccfb4948d54d79cdfbc 717a37d00b6b59825e69ac19ecf89aa3c0a2a4527c5bdf18ab5596bab5af3a9b
GET /3900.91.0-rel.20+75bf374/fonts/icon-listing.css HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: text/css
cf-ray: 87ebddd46f72b518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218784
cache-control: public, max-age=2592000
etag: W/"1c41a4e6a2ad6e410fb6d3520e3b2c82"
last-modified: Tue, 30 Apr 2024 19:15:26 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bat.bing.com/action/0?ti=22021935&tm=gtm002&Ver=2&mid=f757c05b-08d6-4e85-a2dd-59b3ad75f82f&sid=3a3a4f200a6411efbc073f2a210c0a17&vid=3a3aa7200a6411ef8f1083761b573c5b&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Blackboard%20Learn&kw=Blackboard&p=https%3A%2F%2F3.65.111.254%2F&r=<=213&evt=pageLoad&sv=1&rn=71984 | 204.79.197.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/action/0?ti=22021935&tm=gtm002&Ver=2&mid=f757c05b-08d6-4e85-a2dd-59b3ad75f82f&sid=3a3a4f200a6411efbc073f2a210c0a17&vid=3a3aa7200a6411ef8f1083761b573c5b&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Blackboard%20Learn&kw=Blackboard&p=https%3A%2F%2F3.65.111.254%2F&r=<=213&evt=pageLoad&sv=1&rn=71984 IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=22021935&tm=gtm002&Ver=2&mid=f757c05b-08d6-4e85-a2dd-59b3ad75f82f&sid=3a3a4f200a6411efbc073f2a210c0a17&vid=3a3aa7200a6411ef8f1083761b573c5b&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Blackboard%20Learn&kw=Blackboard&p=https%3A%2F%2F3.65.111.254%2F&r=<=213&evt=pageLoad&sv=1&rn=71984 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2BF645A5F91668D035A251D0F8416976; domain=.bing.com; expires=Thu, 29-May-2025 22:18:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32F7515A72F34ABFAC4D9078CEDFAA1A Ref B: OSL30EDGE0414 Ref C: 2024-05-04T22:18:26Z
date: Sat, 04 May 2024 22:18:25 GMT
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-Y7HB3S34Y5>m=45je4510v869421342z8811066910za200&_p=1714861104934&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1134907962.1714861106&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=3.65.111.254%2F&sid=1714861105&sct=1&seg=0&dl=https%3A%2F%2F3.65.111.254%2F&dt=Blackboard%20Learn&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cd85LandingPage=3.65.111.254%2F&ep.cd86GTMContainer=GTM-NQS7233&tfd=2809 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-Y7HB3S34Y5>m=45je4510v869421342z8811066910za200&_p=1714861104934&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1134907962.1714861106&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=3.65.111.254%2F&sid=1714861105&sct=1&seg=0&dl=https%3A%2F%2F3.65.111.254%2F&dt=Blackboard%20Learn&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cd85LandingPage=3.65.111.254%2F&ep.cd86GTMContainer=GTM-NQS7233&tfd=2809 IP216.239.34.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y7HB3S34Y5>m=45je4510v869421342z8811066910za200&_p=1714861104934&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1134907962.1714861106&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=3.65.111.254%2F&sid=1714861105&sct=1&seg=0&dl=https%3A%2F%2F3.65.111.254%2F&dt=Blackboard%20Learn&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cd85LandingPage=3.65.111.254%2F&ep.cd86GTMContainer=GTM-NQS7233&tfd=2809 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://3.65.111.254
date: Sat, 04 May 2024 22:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-Y7HB3S34Y5&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 286 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-Y7HB3S34Y5&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size286 kB (286463 bytes) Hash9bb800aaeecd5b067f8f13bcf3f377cc 85a15a5c2c00270abfe2d28e032f23ff3a64c681 b521ce8212e94fd8bd5bec2cdcfc40ad4529d78a73e0bb6a0c40c3efd3394048
GET /gtag/js?id=G-Y7HB3S34Y5&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 22:18:25 GMT
expires: Sat, 04 May 2024 22:18:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| learn-eu-central-1-prod-fleet01-xythos.content.blackboardcdn.com/602a4d3616431/8887?X-Blackboard-S3-Bucket=learn-eu-central-1-prod-fleet01-xythos&X-Blackboard-Expiration=1714878000000&X-Blackboard-Signature=SQ0pGltXhH7PgX1RgnNpUhPZuiWGfFoCuvQTuMw4MOI%3D&X-Blackboard-Client-Id=100649&X-Blackboard-S3-Region=eu-central-1&response-cache-control=private%2C%20max-age%3D21600&response-content-disposition=inline%3B%20filename%2A%3DUTF-8%27%27Fondo_Login.jpg&response-content-type=image%2Fjpeg&X-Amz-Security-Token=IQoJb3JpZ2luX2VjED4aDGV1LWNlbnRyYWwtMSJIMEYCIQCQXzWlfuHGnQFQGY6UCG79HXA7e7dqfq%2FSy7tVfSjVIAIhAJHA57q3Y7HQkZUmBE7k2AOAgHHUQYQy%2F%2Bx4ZUtXs8YbKscFCJf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQAxoMNjM1NTY3OTI0MTgzIgzHBRtrBr8p1nL11psqmwV26bPnLEn3A0fE5FlIDuV93SxuatzA%2FazSrEcEh4OBIP9GPhnFocRFmUw8jadzXtMG73%2BrckYgv9v%2Bm09QYB3YyuU8hwcgS%2Fto7S35N8hgp4quLN5KK6vNmIQTzpiW1G0TLb3iCRS7u0qgzdOBnzMnOZ5pruH33m35J66tFHapAR4bxY02usCthSN2%2BkMWgBYufX2fXuphLlmgDI9TM%2BfamHOa%2FWUK7m7NYiVrFUDzGmvmFE2Zu3AsSOMa1XK9usGBkl704tnPW4ktaAghSSPwRy7n1UW5yhVJFG8DIq9r1wCAHp%2Baol1XEVIc8z0WbB0R71sZCxO114BlOVp8cxBvOWftkG%2F52FR%2ByyZ2P12ZQuzXrczA0%2BJB%2FMttcPtblAVy17cjidi9JkuGxtSILHaOsSRb2k19G%2FzI1rNK9DMjw6YTq%2BtcU%2F9NRlRYxtG7aR5uQusckMyYBmUuEI4yL4ZsFcD9CpaPTEHoNUiBXcOM411PGdCZXrOZJ9EAvZBLCB7uGQkhDtI8c%2FMmOkBajRDRhDlrE9%2Bsk9Xne5JjxIkTxJrIcT3BYhp1GLXBAb%2Fh4GhEizdafzur1R%2FDNoiq7CBLR43RA%2Fka%2FGi%2BVi3J%2FnuAMe%2BDUzdJir5Urhz%2BHFoJ2G4NlyeazUWllNyXyxPIPTSg8KEsacpE6Gd74OSHU9wmGzTYbbjErScC6VRlxCBx2qJ3Phsm8DFS1mJ67IVOpMBWz9gDhWvA2D4Whomts1p8nL1QUbGSyqsC%2Brr4L1XuhQXgHla5GYaMMQiS9fwCTVsnZpjEwifcxJeG87COCCWvkPIYymQ4dLnrpB8pbkK7Nznqs7iQ08a2z6tjY6mze30qnJljdr81WfEP8saLh0ewnHq0snO0pNdNIgX0MJvc2rEGOrAB3ApN6BIzMbZHp6vBVbbrzSOZNA4jKRmE7qz%2BxF1PIfDpu8lorkEhRJk2CHom5S6rI%2FFOzglFkOvOt76mbIr6VOrROkzzDDFHi17TtCVlLi2Eg57KBVcQqeOpU4R0H2ZnwMvFejfus0zIF9kyQmYhGuZQ6mdmYH5E2MxJ4i5mGZTHV7dQ0uYm2KwFedj%2F0UXoPrhouPLUVV3LiT3cseXFzjQErNtXlGRvtIN5nrlA6A8%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240504T210000Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Credential=ASIAZH6WM4PLW4QAWKEH%2F20240504%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Signature=94998d6598d9a33e8d644b8b4d84f5a4a2a5d08a76251f74a320f7985948365e | 104.18.34.143 | 200 OK | 441 kB |
URL GET HTTP/2learn-eu-central-1-prod-fleet01-xythos.content.blackboardcdn.com/602a4d3616431/8887?X-Blackboard-S3-Bucket=learn-eu-central-1-prod-fleet01-xythos&X-Blackboard-Expiration=1714878000000&X-Blackboard-Signature=SQ0pGltXhH7PgX1RgnNpUhPZuiWGfFoCuvQTuMw4MOI%3D&X-Blackboard-Client-Id=100649&X-Blackboard-S3-Region=eu-central-1&response-cache-control=private%2C%20max-age%3D21600&response-content-disposition=inline%3B%20filename%2A%3DUTF-8%27%27Fondo_Login.jpg&response-content-type=image%2Fjpeg&X-Amz-Security-Token=IQoJb3JpZ2luX2VjED4aDGV1LWNlbnRyYWwtMSJIMEYCIQCQXzWlfuHGnQFQGY6UCG79HXA7e7dqfq%2FSy7tVfSjVIAIhAJHA57q3Y7HQkZUmBE7k2AOAgHHUQYQy%2F%2Bx4ZUtXs8YbKscFCJf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQAxoMNjM1NTY3OTI0MTgzIgzHBRtrBr8p1nL11psqmwV26bPnLEn3A0fE5FlIDuV93SxuatzA%2FazSrEcEh4OBIP9GPhnFocRFmUw8jadzXtMG73%2BrckYgv9v%2Bm09QYB3YyuU8hwcgS%2Fto7S35N8hgp4quLN5KK6vNmIQTzpiW1G0TLb3iCRS7u0qgzdOBnzMnOZ5pruH33m35J66tFHapAR4bxY02usCthSN2%2BkMWgBYufX2fXuphLlmgDI9TM%2BfamHOa%2FWUK7m7NYiVrFUDzGmvmFE2Zu3AsSOMa1XK9usGBkl704tnPW4ktaAghSSPwRy7n1UW5yhVJFG8DIq9r1wCAHp%2Baol1XEVIc8z0WbB0R71sZCxO114BlOVp8cxBvOWftkG%2F52FR%2ByyZ2P12ZQuzXrczA0%2BJB%2FMttcPtblAVy17cjidi9JkuGxtSILHaOsSRb2k19G%2FzI1rNK9DMjw6YTq%2BtcU%2F9NRlRYxtG7aR5uQusckMyYBmUuEI4yL4ZsFcD9CpaPTEHoNUiBXcOM411PGdCZXrOZJ9EAvZBLCB7uGQkhDtI8c%2FMmOkBajRDRhDlrE9%2Bsk9Xne5JjxIkTxJrIcT3BYhp1GLXBAb%2Fh4GhEizdafzur1R%2FDNoiq7CBLR43RA%2Fka%2FGi%2BVi3J%2FnuAMe%2BDUzdJir5Urhz%2BHFoJ2G4NlyeazUWllNyXyxPIPTSg8KEsacpE6Gd74OSHU9wmGzTYbbjErScC6VRlxCBx2qJ3Phsm8DFS1mJ67IVOpMBWz9gDhWvA2D4Whomts1p8nL1QUbGSyqsC%2Brr4L1XuhQXgHla5GYaMMQiS9fwCTVsnZpjEwifcxJeG87COCCWvkPIYymQ4dLnrpB8pbkK7Nznqs7iQ08a2z6tjY6mze30qnJljdr81WfEP8saLh0ewnHq0snO0pNdNIgX0MJvc2rEGOrAB3ApN6BIzMbZHp6vBVbbrzSOZNA4jKRmE7qz%2BxF1PIfDpu8lorkEhRJk2CHom5S6rI%2FFOzglFkOvOt76mbIr6VOrROkzzDDFHi17TtCVlLi2Eg57KBVcQqeOpU4R0H2ZnwMvFejfus0zIF9kyQmYhGuZQ6mdmYH5E2MxJ4i5mGZTHV7dQ0uYm2KwFedj%2F0UXoPrhouPLUVV3LiT3cseXFzjQErNtXlGRvtIN5nrlA6A8%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240504T210000Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Credential=ASIAZH6WM4PLW4QAWKEH%2F20240504%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Signature=94998d6598d9a33e8d644b8b4d84f5a4a2a5d08a76251f74a320f7985948365e IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn-eu-central-1-prod-fleet01-xythos.content.blackboardcdn.com Fingerprint65:2A:25:2A:AE:A9:C4:C0:53:58:95:EC:8B:1D:53:CF:18:D1:E3:4B ValidityThu, 04 Apr 2024 03:19:23 GMT - Wed, 03 Jul 2024 03:19:22 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1744x981, components 3 Size441 kB (440619 bytes) Hash2d3a5e09e651e9d6a5b1239bfc2af522 f63c7cabf891e1db7ecef4c62e626ba4be4106b0 829742e7cf7ee363ec63b79283c26c27c4112b1c7072586503ec205869d71d01
GET /602a4d3616431/8887?X-Blackboard-S3-Bucket=learn-eu-central-1-prod-fleet01-xythos&X-Blackboard-Expiration=1714878000000&X-Blackboard-Signature=SQ0pGltXhH7PgX1RgnNpUhPZuiWGfFoCuvQTuMw4MOI%3D&X-Blackboard-Client-Id=100649&X-Blackboard-S3-Region=eu-central-1&response-cache-control=private%2C%20max-age%3D21600&response-content-disposition=inline%3B%20filename%2A%3DUTF-8%27%27Fondo_Login.jpg&response-content-type=image%2Fjpeg&X-Amz-Security-Token=IQoJb3JpZ2luX2VjED4aDGV1LWNlbnRyYWwtMSJIMEYCIQCQXzWlfuHGnQFQGY6UCG79HXA7e7dqfq%2FSy7tVfSjVIAIhAJHA57q3Y7HQkZUmBE7k2AOAgHHUQYQy%2F%2Bx4ZUtXs8YbKscFCJf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQAxoMNjM1NTY3OTI0MTgzIgzHBRtrBr8p1nL11psqmwV26bPnLEn3A0fE5FlIDuV93SxuatzA%2FazSrEcEh4OBIP9GPhnFocRFmUw8jadzXtMG73%2BrckYgv9v%2Bm09QYB3YyuU8hwcgS%2Fto7S35N8hgp4quLN5KK6vNmIQTzpiW1G0TLb3iCRS7u0qgzdOBnzMnOZ5pruH33m35J66tFHapAR4bxY02usCthSN2%2BkMWgBYufX2fXuphLlmgDI9TM%2BfamHOa%2FWUK7m7NYiVrFUDzGmvmFE2Zu3AsSOMa1XK9usGBkl704tnPW4ktaAghSSPwRy7n1UW5yhVJFG8DIq9r1wCAHp%2Baol1XEVIc8z0WbB0R71sZCxO114BlOVp8cxBvOWftkG%2F52FR%2ByyZ2P12ZQuzXrczA0%2BJB%2FMttcPtblAVy17cjidi9JkuGxtSILHaOsSRb2k19G%2FzI1rNK9DMjw6YTq%2BtcU%2F9NRlRYxtG7aR5uQusckMyYBmUuEI4yL4ZsFcD9CpaPTEHoNUiBXcOM411PGdCZXrOZJ9EAvZBLCB7uGQkhDtI8c%2FMmOkBajRDRhDlrE9%2Bsk9Xne5JjxIkTxJrIcT3BYhp1GLXBAb%2Fh4GhEizdafzur1R%2FDNoiq7CBLR43RA%2Fka%2FGi%2BVi3J%2FnuAMe%2BDUzdJir5Urhz%2BHFoJ2G4NlyeazUWllNyXyxPIPTSg8KEsacpE6Gd74OSHU9wmGzTYbbjErScC6VRlxCBx2qJ3Phsm8DFS1mJ67IVOpMBWz9gDhWvA2D4Whomts1p8nL1QUbGSyqsC%2Brr4L1XuhQXgHla5GYaMMQiS9fwCTVsnZpjEwifcxJeG87COCCWvkPIYymQ4dLnrpB8pbkK7Nznqs7iQ08a2z6tjY6mze30qnJljdr81WfEP8saLh0ewnHq0snO0pNdNIgX0MJvc2rEGOrAB3ApN6BIzMbZHp6vBVbbrzSOZNA4jKRmE7qz%2BxF1PIfDpu8lorkEhRJk2CHom5S6rI%2FFOzglFkOvOt76mbIr6VOrROkzzDDFHi17TtCVlLi2Eg57KBVcQqeOpU4R0H2ZnwMvFejfus0zIF9kyQmYhGuZQ6mdmYH5E2MxJ4i5mGZTHV7dQ0uYm2KwFedj%2F0UXoPrhouPLUVV3LiT3cseXFzjQErNtXlGRvtIN5nrlA6A8%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240504T210000Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Credential=ASIAZH6WM4PLW4QAWKEH%2F20240504%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Signature=94998d6598d9a33e8d644b8b4d84f5a4a2a5d08a76251f74a320f7985948365e HTTP/1.1
Host: learn-eu-central-1-prod-fleet01-xythos.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.65.111.254/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:26 GMT
content-type: image/jpeg
content-length: 440619
cf-ray: 87ebddd85b1fb523-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, max-age=2592000
content-disposition: inline; filename*=UTF-8''Fondo_Login.jpg
etag: "7e72ce8192104f47fe6e99983ed68bf4"
last-modified: Wed, 16 Jun 2021 10:43:51 GMT
vary: Accept-Encoding, Origin
cf-bgj: h2pri
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/core.css | 104.18.34.143 | 200 OK | 12 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/core.css IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
Hashd616cc54b56a90485996a7544034efb9 a8b9753a2359221265b04660939a696b116983b3 0a57f5fbaca0908e5147dde373759aa657eeb7182622860f8bd67e49fcdb4039
GET /3900.91.0-rel.20+75bf374/common/core.css HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: text/css
cf-ray: 87ebddd46f74b518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218784
cache-control: public, max-age=2592000
etag: W/"d616cc54b56a90485996a7544034efb9"
last-modified: Tue, 30 Apr 2024 19:15:23 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 | 104.18.34.143 | 200 OK | 2.0 kB |
URL GET HTTP/2learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeASCII text, with very long lines (2126), with no line terminators Hashcdcfed3c006c30d0fa6291b3e0e182e3 f1552d9aae333bb466edb49012ad3c2a578fac4c 41669fe6b57e83810cec16bf947d2a81b8bbb7093c3b2ee616498be76293bc4b
GET /3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:24 GMT
content-type: application/javascript
cf-ray: 87ebddcf699b7128-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218784
cache-control: public, max-age=2592000
etag: W/"81ad40b5487c3b62dc6c79067a2de090"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dwr_open/interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 0.0.0.0 | | 0 B |
URL GET dwr_open/interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /interface/MashupDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: dwr_open
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y7HB3S34Y5&cid=1134907962.1714861106>m=45je4510v869421342z8811066910za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1013855187 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y7HB3S34Y5&cid=1134907962.1714861106>m=45je4510v869421342z8811066910za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1013855187 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y7HB3S34Y5&cid=1134907962.1714861106>m=45je4510v869421342z8811066910za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1013855187 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 22:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/icon-core.css | 104.18.34.143 | 200 OK | 3.2 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/fonts/icon-core.css IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeASCII text, with very long lines (3408), with no line terminators Hash08bc9aaf31eb281780fbb005baec7e54 9036ec08eaf14cfeee6dc64dbaa5af204197b546 4813e5c00cc726a5127316e53f0914f607d2d9a9afaa2235a35123b56296bfd9
GET /3900.91.0-rel.20+75bf374/fonts/icon-core.css HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/common/shared.css?v=3900.91.0-rel.20+75bf374
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: text/css
cf-ray: 87ebddd46f6fb518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218784
cache-control: public, max-age=2592000
etag: W/"53bb619ab2ea277733eb9aa707d03194"
last-modified: Tue, 30 Apr 2024 19:15:26 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prod-eu-central-1.ally.ac/integration/learn/ally.js?_=1714861104784 | 3.127.8.17 | 200 OK | 851 B |
URL GET HTTP/2prod-eu-central-1.ally.ac/integration/learn/ally.js?_=1714861104784 IP3.127.8.17:443
CertificateIssuerAmazon Subject*.ally.ac Fingerprint6A:A4:E8:83:CA:9E:0B:57:75:33:C8:A0:DE:17:C7:57:08:DC:AA:9D ValidityTue, 06 Feb 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (883), with no line terminators Hashc9690d4f2b75a9941304ef7de4ba998d 930eb84def4a6220e633a391e604599239d65aa5 9668a8dd6f101d48bc65f03d05b9ffd73471aa72e11fe964c74564b39f96a4a0
GET /integration/learn/ally.js?_=1714861104784 HTTP/1.1
Host: prod-eu-central-1.ally.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
content-length: 480
server: Apache
strict-transport-security: max-age=31536000
last-modified: Mon, 29 Apr 2024 12:17:28 GMT
etag: "353-6173b3ca1a600-gzip"
accept-ranges: bytes
cache-control: max-age=0
expires: Sat, 04 May 2024 22:18:25 GMT
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-encoding, accept-language, authorization, host, referer, user-agent
access-control-max-age: 86400, 86400
X-Firefox-Spdy: h2
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 | 104.18.34.143 | 200 OK | 2.0 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeASCII text, with very long lines (2126), with no line terminators Hashcdcfed3c006c30d0fa6291b3e0e182e3 f1552d9aae333bb466edb49012ad3c2a578fac4c 41669fe6b57e83810cec16bf947d2a81b8bbb7093c3b2ee616498be76293bc4b
GET /3900.91.0-rel.20+75bf374/javascript/i18n.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
cf-ray: 87ebddd30e79b518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218785
cache-control: public, max-age=2592000
etag: W/"81ad40b5487c3b62dc6c79067a2de090"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cdn.js | 104.18.34.143 | 200 OK | 7.5 kB |
URL GET HTTP/2learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cdn.js IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeC source, ASCII text, with very long lines (7910), with no line terminators Hash092d8a76fe4d493135f405a0fa62a7e3 4d350445e38c6ec91fdd5652d340a0a9668192de 905073814295632313f3efd98acd952c1f37e253d61cae907a8fd9958e0e6ea6
GET /3900.91.0-rel.20+75bf374/javascript/cdn.js HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:24 GMT
content-type: application/javascript
cf-ray: 87ebddcf59987128-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218784
cache-control: public, max-age=2592000
etag: W/"7f298f32a138572408938fd65e61e1b9"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 156 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css IP104.18.10.207:443
CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65324) Size156 kB (155758 bytes) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://3.65.111.254
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:24 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 03/18/2024 12:46:56
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5cca4dff34bd87a9c831da1884100042
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ebddcf5e7b569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dwr_open/interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 | 0.0.0.0 | | 0 B |
URL GET dwr_open/interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /interface/UserDataDWRFacade.js?v=3900.91.0-rel.20+75bf374_3900.91.0-rel.20+75bf374 HTTP/1.1
Host: dwr_open
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3.65.111.254/ui-ultra/fonts/noto-serif/noto-serif-regular.woff | 3.65.111.254 | 200 | 27 kB |
URL GET HTTP/1.13.65.111.254/ui-ultra/fonts/noto-serif/noto-serif-regular.woff IP3.65.111.254:443
CertificateIssuerAmazon Subject*.ie.edu Fingerprint25:B6:C5:36:F2:2A:90:F3:6B:92:42:52:63:BD:4E:6F:03:B5:57:D2 ValiditySat, 06 Jan 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 26800, version 1.1 Hashb6ba7dac6b1c9fae143afd1ce4525e20 2955ba4f22888a7eed61748798833c22483180f9 ea01504bd051c7abe5f01fca1f3d916766a2b48954eb5e3ec70b9a3c1b5d00b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ui-ultra/fonts/noto-serif/noto-serif-regular.woff HTTP/1.1
Host: 3.65.111.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/ui-ultra/css/ultra.css?v=3900.91.0-rel.20+75bf374
Cookie: AWSELB=077F23DD16158118DD7F63B8FFB2EBC82D97657F4B386AC823E3B34554730A089CABD98C13F7D9C485F3171FB1EEDB404172A955A380C041BD5CE622E9F6D99B7B29F218E4; JSESSIONID=777F1F4AA9FECF2B43C86D4BB3CBF95C; BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; BbClientCalenderTimeZone=UTC
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: font/woff
Date: Sat, 04 May 2024 22:18:24 GMT
ETag: W/"26800-1714670878190"
Expires: Sun, 04 May 2025 22:18:24 GMT
Last-Modified: Thu, 02 May 2024 17:27:58 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862904,id:6F6F9CA254D454497C24F98D04824C49,signature:d2aafbdafd998da797787246859754474feddbcc1d6aa3312de1294fbc4fbe05,site:1f72abaa-fb03-41c1-a1f5-ced024f53eaf,v:2,xsrf:a8fe599b-cc54-4983-8f22-53512b2df3c9; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 26800
Connection: keep-alive
|
|
| learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cdn.js | 104.18.34.143 | 200 OK | 7.5 kB |
URL GET HTTP/3learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cdn.js IP104.18.34.143:443
CertificateIssuerGoogle Trust Services LLC Subjectlearn.content.blackboardcdn.com FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36 ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT
File typeC source, ASCII text, with very long lines (7910), with no line terminators Hash092d8a76fe4d493135f405a0fa62a7e3 4d350445e38c6ec91fdd5652d340a0a9668192de 905073814295632313f3efd98acd952c1f37e253d61cae907a8fd9958e0e6ea6
GET /3900.91.0-rel.20+75bf374/javascript/cdn.js HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.65.111.254/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 22:18:25 GMT
content-type: application/javascript
cf-ray: 87ebddd30e7fb518-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218785
cache-control: public, max-age=2592000
etag: W/"7f298f32a138572408938fd65e61e1b9"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|