| 194.44.202.254/course/index.php | 194.44.202.254 | 200 OK | 67 kB |
URL User Request GET HTTP/1.1194.44.202.254/course/index.php IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12642) Hash84da9a519e593e8ab460443b67d05f6e 82a56ad5b421915da396b6bc3138a9eb14f2b047 eee0f231f5fad3e05e3bead5c5e3940b14c8499d877d011b1ab7b8f02f12cef5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /course/index.php HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Set-Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u; path=/
Expires:
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Content-Language: uk
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Accept-Ranges: none
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
|
|
| 194.44.202.254/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css | 194.44.202.254 | 200 OK | 1.0 kB |
URL GET HTTP/1.1194.44.202.254/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeASCII text, with very long lines (1965) Hash73cbdae81548a6d6b35d801af5eadef8 fc80239620ebad54e36e1865338e8c5e1a7e9e8b fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Content-Disposition: inline; filename="combo"
Last-Modified: Sat, 25 Apr 2020 05:54:12 GMT
Expires: Mon, 05 May 2025 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1031
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
|
|
| 194.44.202.254/lib/javascript.php/1705485376/lib/javascript-static.js | 194.44.202.254 | 200 OK | 6.8 kB |
URL GET HTTP/1.1194.44.202.254/lib/javascript.php/1705485376/lib/javascript-static.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (1875) Hashac7f47cc5271b4115ac489f7a0d70737 bb091a4de18f4ffce0ba80668ed0427ae03001d0 ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1705485376/lib/javascript-static.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "0c845bc16e1e4c907f490bd11489aed70787f43d"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6777
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/lib/javascript.php/1705485376/lib/requirejs/require.min.js | 194.44.202.254 | 200 OK | 6.7 kB |
URL GET HTTP/1.1194.44.202.254/lib/javascript.php/1705485376/lib/requirejs/require.min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (17535) Hash1f53ac504f7e69a6df96140eed2d4df2 da00136dd3fd0ccab626d7555ccb5fdf1c096fad 9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1705485376/lib/requirejs/require.min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "d8a340a1c4cf51aa5c75dde657466f457f982055"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6662
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/lib/javascript.php/1705485376/lib/mdn-polyfills/polyfill.js | 194.44.202.254 | 200 OK | 5.1 kB |
URL GET HTTP/1.1194.44.202.254/lib/javascript.php/1705485376/lib/mdn-polyfills/polyfill.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (17500), with no line terminators Hash901890f127a81c136912ceb57c131305 ef4bd0e1c5d2dcb97265830feff005f682020a5d 244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1705485376/lib/mdn-polyfills/polyfill.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "0b219b2b3df657e46c054c98b5ed36b34f730b85"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5131
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/lib/javascript.php/1705485376/lib/babel-polyfill/polyfill.min.js | 194.44.202.254 | 200 OK | 33 kB |
URL GET HTTP/1.1194.44.202.254/lib/javascript.php/1705485376/lib/babel-polyfill/polyfill.min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33914), with NEL line terminators Hash169b64486b9acd57b4c8b3744a80a3e2 03f6b54f5cd791c7b4e82eccfa8859303f859d80 859a26b9f8233b3ddce1f2a0cd365528ea0341c4687a30c7dee00ad94189bd61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1705485376/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "b1e96216d0b5375c494eadedbc245d6568198c7d"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js | 194.44.202.254 | 200 OK | 84 kB |
URL GET HTTP/1.1194.44.202.254/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (6010) Hash8039fd714b58260199b364107c92bff6 3776c202a78a99e5eeaafbdc7d8ad61acee3af1d 13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Content-Disposition: inline; filename="combo"
Last-Modified: Sat, 25 Apr 2020 05:54:12 GMT
Expires: Mon, 05 May 2025 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
|
|
| 194.44.202.254/theme/styles.php/boost/1705485376_1/all | 194.44.202.254 | 200 OK | 126 kB |
URL GET HTTP/1.1194.44.202.254/theme/styles.php/boost/1705485376_1/all IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeUnicode text, UTF-8 text, with very long lines (65530), with no line terminators Size126 kB (126281 bytes) Hasheb4a02858942771f01dd6636e655dd77 8c7c24e4bc90b214e954d522b5cd0eb4d69429dc 86e5dfea2378cee53dd0bd0fb273fd9f8808d0f6a8ac0b3c43b27cf06b2ee683
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/styles.php/boost/1705485376_1/all HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "1b42490e9307b49be49b6e65e236f7cad9bcd9ae"
Content-Disposition: inline; filename="styles.php"
Last-Modified: Fri, 10 May 2024 07:02:42 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| 194.44.202.254/pluginfile.php/1/core_admin/logocompact/100x100/1705485376/logo.jpg | 194.44.202.254 | 200 OK | 11 kB |
URL GET HTTP/1.1194.44.202.254/pluginfile.php/1/core_admin/logocompact/100x100/1705485376/logo.jpg IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typePNG image data, 100 x 62, 8-bit/color RGBA, non-interlaced Hashf81e322e47dfec5cdbbcdd06ee02b66a 319986a735c6dc18f69890aa4c2f31b0616bd05f fa7b1db37171ef38d88e380687799daab8ca8a26a7c9d3725317a93a93f9e017
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pluginfile.php/1/core_admin/logocompact/100x100/1705485376/logo.jpg HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Expires: Tue, 09 Jul 2024 11:00:40 GMT
Cache-Control: public, max-age=5184000, no-transform
Pragma:
Content-Disposition: inline; filename="logo.jpg"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Accept-Ranges: bytes
Content-Length: 10757
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 194.44.202.254/theme/yui_combo.php?m/1705485376/core/event/event-min.js&m/1705485376/filter_mathjaxloader/loader/loader-min.js | 194.44.202.254 | 200 OK | 868 B |
URL GET HTTP/1.1194.44.202.254/theme/yui_combo.php?m/1705485376/core/event/event-min.js&m/1705485376/filter_mathjaxloader/loader/loader-min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (1421) Hash29ac727d45815eb393ba483369adc719 1a799386b0ff28adba5c8314e6e7b078cee9b3fb af6cc3d2cd44daea9e5c1fe9d80309dcd6044c624f6ec98220ff43a754feed61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?m/1705485376/core/event/event-min.js&m/1705485376/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Content-Disposition: inline; filename="combo"
Last-Modified: Sat, 25 Apr 2020 05:54:12 GMT
Expires: Mon, 05 May 2025 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "a9e1cb5d643dd254f6aba80ea98a792e19752fb1"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 868
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 194.44.202.254/theme/image.php/boost/core/1705485376/t/collapsed | 194.44.202.254 | 200 OK | 318 B |
URL GET HTTP/1.1194.44.202.254/theme/image.php/boost/core/1705485376/t/collapsed IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
Hash4b7bbb83d2ed1efeb092a35842c45dfd 60b29600c00f558ad92172d2a91a5a82e47c23a6 9720ea8cefe18638520b837aef0374d3da8acbd188704c04b870c4f5017e3244
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/boost/core/1705485376/t/collapsed HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/theme/styles.php/boost/1705485376_1/all
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "7ec332405c491a458e92dde412cd86d6e612bbfb"
Content-Disposition: inline; filename="collapsed.svg"
Last-Modified: Wed, 17 Jan 2024 09:56:51 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 318
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| 194.44.202.254/theme/image.php/boost/core/1705485376/i/course | 194.44.202.254 | 200 OK | 539 B |
URL GET HTTP/1.1194.44.202.254/theme/image.php/boost/core/1705485376/i/course IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
Hash7367b96c3f4f27b8a4f88e0b08d81380 a894c5f201c93ed79b7eb45f2fc94828a6cc3393 202f142974f0d92ce8083d956e58c1d5ca9ea41c24b03ef6cabe31657fdf8649
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/boost/core/1705485376/i/course HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/theme/styles.php/boost/1705485376_1/all
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "ac9c222e1d18152558c6be4ac0cf100ab35545ee"
Content-Disposition: inline; filename="course.svg"
Last-Modified: Wed, 17 Jan 2024 09:56:44 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 539
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| 194.44.202.254/theme/yui_combo.php?m/1705485376/course/categoryexpander/categoryexpander-min.js | 194.44.202.254 | 200 OK | 1.9 kB |
URL GET HTTP/1.1194.44.202.254/theme/yui_combo.php?m/1705485376/course/categoryexpander/categoryexpander-min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (6006) Hash09b6d79f9500d29c7be109e5925fdb11 fc859b54b23c7a505efdb70947bc194449a90222 c47be3cecf35b46c7e667470d3df5f492bea6563059f487ec31d795e53c339f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?m/1705485376/course/categoryexpander/categoryexpander-min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Content-Disposition: inline; filename="combo"
Last-Modified: Sat, 25 Apr 2020 05:54:08 GMT
Expires: Mon, 05 May 2025 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "0e377dd42961e7e06aa2a38bb5b116230d6fab3f"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1905
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 194.44.202.254/theme/font.php/boost/core/1705485376/fontawesome-webfont.woff2?v=4.7.0 | 194.44.202.254 | 200 OK | 77 kB |
URL GET HTTP/1.1194.44.202.254/theme/font.php/boost/core/1705485376/fontawesome-webfont.woff2?v=4.7.0 IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/font.php/boost/core/1705485376/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/theme/styles.php/boost/1705485376_1/all
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "0468a002e0d51f3a0f3d59da9a4cc091b3a05e01"
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Last-Modified: Wed, 17 Jan 2024 09:56:25 GMT
Expires: Thu, 08 Aug 2024 11:00:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 77160
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/font-woff2
|
|
| 194.44.202.254/theme/image.php/boost/theme/1705485376/favicon | 194.44.202.254 | 200 OK | 1.2 kB |
URL GET HTTP/1.1194.44.202.254/theme/image.php/boost/theme/1705485376/favicon IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash135aed33c0a7b8f44f0227a71b9ce345 120e10c8a17aebb31c74b6988f8bce9b05dd6606 7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/image.php/boost/theme/1705485376/favicon HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:41 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "a62e7a34faa5bcc9a235c60e3820a4b7d9e61c6e"
Content-Disposition: inline; filename="favicon.ico"
Last-Modified: Wed, 17 Jan 2024 09:56:20 GMT
Expires: Thu, 08 Aug 2024 11:00:41 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Content-Length: 1150
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
|
|
| 194.44.202.254/lib/requirejs.php/1705485376/core/first.js | 194.44.202.254 | 200 OK | 378 kB |
URL GET HTTP/1.1194.44.202.254/lib/requirejs.php/1705485376/core/first.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size378 kB (378429 bytes) Hashc4d0621ac37a9505cd44ed8047e17bbc 58cbc1a083900619f8a70558ad52d83aaddcf8f4 ef236e8418065ba3508ca5e2ad6934820520d214886046c8d53c26f54f332d97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/requirejs.php/1705485376/core/first.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:40 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "efa276f494aaba47910fd9edd986abd3e7e3b50c"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Wed, 17 Jan 2024 09:56:19 GMT
Expires: Thu, 08 Aug 2024 11:00:41 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/lib/javascript.php/1705485376/lib/jquery/jquery-3.4.1.min.js | 194.44.202.254 | 200 OK | 31 kB |
URL GET HTTP/1.1194.44.202.254/lib/javascript.php/1705485376/lib/jquery/jquery-3.4.1.min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (65451) Hashbebd549d68e85f6f38a6807a693d018d 1b79ede0b4d00d9142b2ce3cb9f98201e59b58cb 76033adbf3f2858078c77c078677aa57ae48e98fd2de3ebb71baf646a110909e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lib/javascript.php/1705485376/lib/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:41 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Etag: "d43d5e2a25bae668a7fc474f9e62c62f1eeff9d0"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Wed, 17 Jan 2024 09:56:20 GMT
Expires: Thu, 08 Aug 2024 11:00:41 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
|
|
| 194.44.202.254/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js | 194.44.202.254 | 200 OK | 4.8 kB |
URL GET HTTP/1.1194.44.202.254/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
File typeJavaScript source, ASCII text, with very long lines (3857) Hash0151b48e61660bed14bf6acd5bb77210 e096360d7d8819dbbf42e7137ed9e37cdd286700 26d1a45d173703f01ca9bb8be4335bae6005c3bc0a5f78b380ad18fb152b8835
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:41 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Content-Disposition: inline; filename="combo"
Last-Modified: Sat, 25 Apr 2020 05:54:12 GMT
Expires: Mon, 05 May 2025 11:00:41 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b24ca831785ba367093f089618e840be511be85d"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4808
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 194.44.202.254/lib/ajax/service.php?sesskey=jnWOn5TYiD&info=core_fetch_notifications | 194.44.202.254 | 200 OK | 361 B |
URL POST HTTP/1.1194.44.202.254/lib/ajax/service.php?sesskey=jnWOn5TYiD&info=core_fetch_notifications IP194.44.202.254:80 ASN#3255 State Enterprise Scientific and Telecommunication Centre Ukrainian Academic and Research Netw
Requested byhttp://194.44.202.254/course/index.php
Hashed95e42c9f26148419bc4e6adeeac00f 99fd9a2aff70d2d864cd31e524c95a681fdd269b 39c9ddef2a8226285c8b584300aeae36395c26bbc69f96d79858e4ebdf44d572
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /lib/ajax/service.php?sesskey=jnWOn5TYiD&info=core_fetch_notifications HTTP/1.1
Host: 194.44.202.254
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: http://194.44.202.254
DNT: 1
Connection: keep-alive
Referer: http://194.44.202.254/course/index.php
Cookie: MoodleSession=berlcreg7pfv72t80bocbeib8u
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:00:41 GMT
Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.11
X-Powered-By: PHP/7.3.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 361
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
|
|