{"report_id":"a62b6ce9-dd17-4bbc-b472-f4a49ecf74ec","version":6,"status":"done","tags":[],"date":"2024-09-18T12:01:08Z","url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":""},"ip":{"addr":"174.136.26.141","port":0,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"title":"EFAE|Conalep"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T19:50:45Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r11.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-07 07:43:57","last_seen":"2024-09-17 18:12:27","alert_count":0,"request_count":4,"received_data":3552,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-17 18:12:05","alert_count":0,"request_count":4,"received_data":3549,"sent_data":1308,"comment":"","tags":null,"fingerprints":null},{"fqdn":"174.136.26.141","ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2021-02-02 20:51:35","last_seen":"2024-02-02 09:20:22","alert_count":10,"request_count":10,"received_data":616545,"sent_data":4189,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:42.172547316Z","timestamp":1726660842172,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"17F85499C27B8BAFBC202DC51CD5E7FA80BE0988A0D820DBF8A4C81344F26DA9\"\r\nLast-Modified: Tue, 17 Sep 2024 12:20:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2960\r\nExpires: Wed, 18 Sep 2024 12:50:02 GMT\r\nDate: Wed, 18 Sep 2024 12:00:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"a4e61c096fb8a0f28561b209588076fe","sha1":"84634c409a230cba663826d593379499fce545a8","sha256":"17f85499c27b8bafbc202dc51cd5e7fa80be0988a0d820dbf8a4c81344f26da9","sha512":"af439da21c47c9dca34cedf6642d29cd7fc0b86eec20ead6d595ee6c9ce5aa21fbae65938579746b097430b7cd27cce99730029915d689ac2f5ea06292b22626","ssdeep":"","tlshash":"f9f0055931c63713ff25120535f3d7152f14195e29123fc5116083d3a9143cdb1c458c","first_seen":"2024-09-17T18:32:38Z","last_seen":"2024-09-20T21:40:09.750462Z","times_seen":19419,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:42.174127484Z","timestamp":1726660842174,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"73C53B2F9EA6CB310EB9DF3E6D917F4649A2C2470B3AE7EE1E4BBB7102550016\"\r\nLast-Modified: Sun, 15 Sep 2024 21:19:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=3609\r\nExpires: Wed, 18 Sep 2024 13:00:51 GMT\r\nDate: Wed, 18 Sep 2024 12:00:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"b4ddabe3dc0fdf5ea3a82a9aebbb01c6","sha1":"bfbff7cc66b83f1e16d8739a987f175866a6de68","sha256":"73c53b2f9ea6cb310eb9df3e6d917f4649a2c2470b3ae7ee1e4bbb7102550016","sha512":"fa30674cb0205ddc62bceb4f66b8b8cb150c5da00de2c0ca2fbd9bc68a9a1817e768db99f30e5c54fa4418d89fe881549dc6540662001362b9f80107c53cfa73","ssdeep":"","tlshash":"82f00e372aa875a0bee9154269f9d83d4a753dba72002fc5188216d2ef607e846cc80c","first_seen":"2024-09-16T01:16:34Z","last_seen":"2024-09-19T20:22:21.795612Z","times_seen":28960,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:42.526647607Z","timestamp":1726660842526,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"2B69AA4B3FD8116E6398EE3C8ABEEDC752E2726CE5956D22CB16EF3A175B1502\"\r\nLast-Modified: Tue, 17 Sep 2024 14:34:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10524\r\nExpires: Wed, 18 Sep 2024 14:56:06 GMT\r\nDate: Wed, 18 Sep 2024 12:00:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"38f288d997737ea63520680633589383","sha1":"10f64bb6f960351e9e44aa7a7893d6bb470ac4cd","sha256":"2b69aa4b3fd8116e6398ee3c8abeedc752e2726ce5956d22cb16ef3a175b1502","sha512":"a7fcd3d89f95fcd8ecb8e065d089b32cc9a5a200f33394dfb7525611da8c14a93331208eee9588616a0278c63fae41f1401824ff45924e7bd2d2d0d17ae41abb","ssdeep":"","tlshash":"7af00eba67e6be44f9ba7c309dd4cd2a6e10b26e3c2551ea05c4a2f028507d48bc062c","first_seen":"2024-09-18T13:15:46Z","last_seen":"2024-09-19T19:51:31.47943Z","times_seen":4728,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:42.7312693Z","timestamp":1726660842731,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"095994704E8D5A748194FF92BC91A60BF45B69218CDCBCBC6A46C6FBDA9B8E46\"\r\nLast-Modified: Tue, 17 Sep 2024 14:33:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=7214\r\nExpires: Wed, 18 Sep 2024 14:00:56 GMT\r\nDate: Wed, 18 Sep 2024 12:00:42 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"01dd2ed81ace2da1f35a1168f05c1a14","sha1":"2bbb9554f114bc82c6c6d76652f68804596134e3","sha256":"095994704e8d5a748194ff92bc91a60bf45b69218cdcbcbc6a46c6fbda9b8e46","sha512":"d4e3d09080af1c28acfd3a8a6f6b2216e6700c504f990b080defdccd08ae09906f65b32ae2cd1fdd742f13ffae954b18cc8d09402715917985d4c6a9a4cc08bd","ssdeep":"","tlshash":"9df0057511d53e74f7a526657869c6492f11a6ff7c1056d5049403e3b4437fa04c5064","first_seen":"2024-09-18T06:17:29Z","last_seen":"2024-09-19T19:54:13.091425Z","times_seen":7578,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-18T12:00:43.299Z","timestamp":1726660843299,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/login.php HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3631,"size_decoded":3631,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c2d95c11cd7bb1f8dfdb29805ee9d291","sha1":"562fa5f121dbe9a610f41c45f7a273975d903f14","sha256":"1b5e8ffb0c98560716c33cb83a00593a2f61c983d38b1a8f876a7bbd590f089c","sha512":"1f1759b8f84926dca93a16c66d2c093c78dd649855fd4fae357a069281a0317ad0cd7af46be468fba2ea421df6ec3cfaac36ebc9bedebc55e4fc634a8bb5132e","ssdeep":"","tlshash":"fe710e9529f20673504788b2afdeaa477db19c07cd0b080073be4b9a4f9ad4249a735d","first_seen":"2024-05-30T11:41:20Z","last_seen":"2025-08-19T19:32:44.766339Z","times_seen":3,"resource_available":false,"data":null}},"time_used":424,"timings":{"blocked":126,"dns":0,"connect":125,"send":0,"wait":169,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/estilos.css","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.757Z","timestamp":1726660843757,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/estilos.css HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sat, 20 Aug 2022 17:12:17 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 9834\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9834,"size_decoded":9834,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ee09816b4ad28c70204d563d9909b29f","sha1":"edff4383f6e02cb2329f21aacefb314e00f2fd6e","sha256":"9389cda1045ab34a31e77cb02d55d394cc9a9e77607f3f8d5c6472c416b0c042","sha512":"b934e6c8488bebbb00f9f0eb1e3bd485988d6f685e0d4abf3a7d97fe6bc41abff186aa726fd2aa4794e64ec94c485fd35589fb1294f99cacc1cdaa7d1a3cca60","ssdeep":"192:3onJzmTCZkzgCZtmmnEfCO3BxCZiCZefA6W5ZhGfME21iI:QWo2UI","tlshash":"c412dd5da6420d42653789687be187e5d7d48033c80647bd7fd7b2a09ffa1b4a2a0f8c","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.771926Z","times_seen":4,"resource_available":false,"data":null}},"time_used":357,"timings":{"blocked":108,"dns":0,"connect":124,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/login.css","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.758Z","timestamp":1726660843758,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/login.css HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sat, 20 Aug 2022 17:45:46 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 2693\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2693,"size_decoded":2693,"mime_type":"text/css","magic":"ASCII text","md5":"6f2a029bc596a52e09ce7d63bad2c225","sha1":"56e82a4c94369e619680c1e40fbbdf7be267daf1","sha256":"2d305001a06bf99fccfd77bcb9d0e28c187132c4249934ffd5b35d3a139ebef7","sha512":"b4244826c04950a8c822f78ef37f366d684694ddc4f0b3a50bfc0f01df095ece9085872d682c598f9076598c3bbb96cc4db3ea8a04fe83d1f82df5ddc71a838e","ssdeep":"","tlshash":"4b51bbeb5fb31a11b805d5ba6fad96c3713c1c435c0ec8287fd26b598f86584d461b0c","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.774442Z","times_seen":4,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":108,"dns":0,"connect":125,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/fonts.css","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:44.002Z","timestamp":1726660844002,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/fonts.css HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/estilos.css\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Wed, 13 Oct 2021 02:27:44 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 518\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":518,"size_decoded":518,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"fe420ea0c53aa258d7465b40add0a9db","sha1":"f0379f52bd68f9c87e0345ce3a29b51d336ee38b","sha256":"3ac7705a347fe477962e77d419dd343f4e62bbc1d46d33ee6bb8f92d0e1cf864","sha512":"36e07534aa2d9035378f78b83728dcf1f918f692e90ab24dc6bdcf7a0ba4662e13f028a1ba461706d5d7c49b6dc40b92bf0b7afb952153f4f7b8b2d87d262277","ssdeep":"","tlshash":"d6f0964447dd3222abf01d9ff3232d129c0e482e6145d46971b8278ecef9c244281e7d","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.775372Z","times_seen":4,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/all.css","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.753Z","timestamp":1726660843753,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/all.css HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sat, 20 Aug 2022 16:31:45 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 114047\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114047,"size_decoded":114047,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"205a8a373a20a6924836c11c54126ae4","sha1":"319e99e61151489454d561c2f122dc03cd072a02","sha256":"a4f2e6ad359aa04e25ea6bdd3b375d7cff1d182667a33464ad23b0814489fa89","sha512":"f6d7eebe5f45436c9edb5174d88edeca57e0a2e6b06e00c8bd763a9e6ce2a32c2fbf6bde2a09f72beace8bd04b92f64ca3ad39992f5999da2ee2673d457df90f","ssdeep":"1536:9qQQmrmhQQmrmKCQQmrmKXQQmrm/QQmrmVspOkB7WiOoAZCF7EXoMEPlONCxpSNP:nxeB7WiOoAZ3oMEPlODN2xNn8b","tlshash":"59b345fad1ff00d48312e4892647e2a0f735b62c9c4a4c58e2a67d8de6c561cb1d2bdd","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.749168Z","times_seen":4,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":376,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/bootstrap.min.css","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.755Z","timestamp":1726660843755,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/bootstrap.min.css HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:43 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sun, 06 Feb 2022 01:31:41 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 210652\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":210652,"size_decoded":210652,"mime_type":"text/css","magic":"ASCII text, with very long lines (625)","md5":"b50780c88960d2c3887c214d640b9d55","sha1":"177bd5f193ca1edf8c2f8c93c4541cd3770b0070","sha256":"5f6c5977295b70adbef8c56dc51e806d89ac40e029a77607843b33f70e489c71","sha512":"eeafce7d324c85f78b3813e4756c2cc1f826901c3690daf7183c993c37ff964bee6658a409e9bcaf1f452aee8e174c2f8b7c356ebb53e8ddc342a9dfeb036879","ssdeep":"1536:Y2FnUBJJEbTxCHjEHd7S2S53pW3UtusWRMQmUilMJ53wjwIC7sjwYJjSY77:YItTxCQHJ3dIC7sjwYJjSYH","tlshash":"e5248616e8f229599847816c16ec67a5637d8087c72eeeb97d4f33448f4e1c18db2e8c","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.769373Z","times_seen":4,"resource_available":false,"data":null}},"time_used":738,"timings":{"blocked":109,"dns":0,"connect":123,"send":0,"wait":125,"receive":381,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:44.418868518Z","timestamp":1726660844418,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238\"\r\nLast-Modified: Tue, 17 Sep 2024 14:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18794\r\nExpires: Wed, 18 Sep 2024 17:13:58 GMT\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"45c440d4cead985bd4f1f69f84162f7b","sha1":"1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b","sha256":"91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238","sha512":"3e88a049c8907ddd726b1db55b4266b10de51a73bb662545bfc1bdfd18fa541a249628f37cf4b595af06618521c2a7dcdfb8df09496932cc7abc696a80876909","ssdeep":"","tlshash":"dcf005263929ba305d680c1edce5d5bf0b2059bd388054f1595963c16605bef1590008","first_seen":"2024-09-18T02:27:16Z","last_seen":"2024-09-20T21:41:36.76444Z","times_seen":12325,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:44.422601919Z","timestamp":1726660844422,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238\"\r\nLast-Modified: Tue, 17 Sep 2024 14:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18794\r\nExpires: Wed, 18 Sep 2024 17:13:58 GMT\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"45c440d4cead985bd4f1f69f84162f7b","sha1":"1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b","sha256":"91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238","sha512":"3e88a049c8907ddd726b1db55b4266b10de51a73bb662545bfc1bdfd18fa541a249628f37cf4b595af06618521c2a7dcdfb8df09496932cc7abc696a80876909","ssdeep":"","tlshash":"dcf005263929ba305d680c1edce5d5bf0b2059bd388054f1595963c16605bef1590008","first_seen":"2024-09-18T02:27:16Z","last_seen":"2024-09-20T21:41:36.76444Z","times_seen":12325,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:44.424188635Z","timestamp":1726660844424,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238\"\r\nLast-Modified: Tue, 17 Sep 2024 14:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18794\r\nExpires: Wed, 18 Sep 2024 17:13:58 GMT\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"45c440d4cead985bd4f1f69f84162f7b","sha1":"1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b","sha256":"91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238","sha512":"3e88a049c8907ddd726b1db55b4266b10de51a73bb662545bfc1bdfd18fa541a249628f37cf4b595af06618521c2a7dcdfb8df09496932cc7abc696a80876909","ssdeep":"","tlshash":"dcf005263929ba305d680c1edce5d5bf0b2059bd388054f1595963c16605bef1590008","first_seen":"2024-09-18T02:27:16Z","last_seen":"2024-09-20T21:41:36.76444Z","times_seen":12325,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r11.o.lencr.org/","fqdn":"r11.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-18T12:00:44.425667248Z","timestamp":1726660844425,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r11.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238\"\r\nLast-Modified: Tue, 17 Sep 2024 14:39:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18794\r\nExpires: Wed, 18 Sep 2024 17:13:58 GMT\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"45c440d4cead985bd4f1f69f84162f7b","sha1":"1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b","sha256":"91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238","sha512":"3e88a049c8907ddd726b1db55b4266b10de51a73bb662545bfc1bdfd18fa541a249628f37cf4b595af06618521c2a7dcdfb8df09496932cc7abc696a80876909","ssdeep":"","tlshash":"dcf005263929ba305d680c1edce5d5bf0b2059bd388054f1595963c16605bef1590008","first_seen":"2024-09-18T02:27:16Z","last_seen":"2024-09-20T21:41:36.76444Z","times_seen":12325,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/webfonts/fa-solid-900.woff2","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:44.451Z","timestamp":1726660844451,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/all.css\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Tue, 21 Sep 2021 00:50:22 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 122760\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":122760,"size_decoded":122760,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 122760, version 768.66","md5":"d1bea16f470ff27ca26131a867131fda","sha1":"c1e34985d239716f1f236b932f2ecf4fb4c167d2","sha256":"57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777","sha512":"42649dd7a0ea45d09c2af4da8948a60287c244519ed6cac5c2455cdcef416d8b01485b5ed5ac27e2e776246a0492cf58f7fcbb26d6b0275ca8f53010b53ff836","ssdeep":"3072:hM6miztL/IXreldjYx7AuvIDhSB4Hlh0R7QkXt+0rH:a6m0h/6reldd4cK7Qetn","tlshash":"ebc312108f6a2e12cb988d7c749db6227508e5f0c1a7cc9299efb45d31c52eef1ed258","first_seen":"2023-04-14T08:43:31Z","last_seen":"2026-05-23T14:34:52.386936Z","times_seen":1684,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/logo-conalep-verde.png","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.762Z","timestamp":1726660843762,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/logo-conalep-verde.png HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sun, 06 Feb 2022 20:57:09 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 36441\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36441,"size_decoded":36441,"mime_type":"image/png","magic":"PNG image data, 2512 x 1776, 8-bit colormap, non-interlaced","md5":"2545a09ee03261aab0f723914a72b29f","sha1":"3b84cfc86703e749b410e9f96ac042781b45872c","sha256":"595921ad23da977fa3f995855a0367726719fec713cd56609111fe118b830d61","sha512":"b987e6aff1d03d61465e4e0f71fdd095b69d34f6412e3aefd5064f6eade7412af30f4a6074c8f36a6a52c22fad5afba6d2b0029c348e5945c94c5d1858023e40","ssdeep":"","tlshash":"","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.757323Z","times_seen":4,"resource_available":false,"data":null}},"time_used":878,"timings":{"blocked":610,"dns":0,"connect":0,"send":0,"wait":128,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/~conalepcoahedu/login/moodle-login/imagen-carrera.jpg","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:43.759Z","timestamp":1726660843759,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /~conalepcoahedu/login/moodle-login/imagen-carrera.jpg HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nLast-Modified: Sat, 20 Aug 2022 17:21:14 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 102197\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102197,"size_decoded":102197,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x558, components 3","md5":"656c417416ea5c2812516f750d74672f","sha1":"9c3ba3d7e3975382cc9bdc127bb18606ca896f68","sha256":"0639b45d19c54958c40d9744379879476e2e009b797cf7cf238b884f4a55a127","sha512":"55bdda2c6086766b6ef73934cd4801a0957fe4bc55805d4091e9c8ed3654c44344611e65fb78596f16dc11f7a6ed6e32b908178b5b9df331f71155db456e52e9","ssdeep":"","tlshash":"","first_seen":"2023-09-14T10:26:11Z","last_seen":"2025-08-19T19:32:44.753906Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1111,"timings":{"blocked":612,"dns":0,"connect":0,"send":0,"wait":126,"receive":373,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"174.136.26.141/favicon.ico","fqdn":"174.136.26.141","domain":"174.136.26.141","tld":"141"},"ip":{"addr":"174.136.26.141","port":80,"asn":17378,"as":"AS17378","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php","date":"2024-09-18T12:00:44.756Z","timestamp":1726660844756,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 174.136.26.141\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://174.136.26.141/~conalepcoahedu/login/moodle-login/login.php\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 18 Sep 2024 12:00:44 GMT\r\nServer: Apache\r\nX-XSS-Protection: 1\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nReferrer-Policy: no-referrer-when-downgrade\r\nAccept-Ranges: bytes\r\nCache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\nExpires: 0\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":10081,"size_decoded":10081,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"7b6d2d7dad346491d653181234093637","sha1":"ac03c843d6a0d6d9127d4ecd58bd206a0582fe22","sha256":"1d3454ebeb3e604952ee2e5c04977262d9e12eb8f0f9e8c06a7307309cef801d","sha512":"76bfa9179e289db41415e624085cf02a12ed719c4a90da0c39aedc5bcdf3ef7ce0ff059ef4d81af465b58581641a3f4e2d9176fca0f2950aea3e130b78e0ead7","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93J+:FVGaRF8I8Zl+1","tlshash":"f922a5971ae3000b744761b96bba2211ab68b543d12fcd643f4db2e4df869818d93b4e","first_seen":"2024-09-19T19:50:48.607446Z","last_seen":"2024-09-19T19:50:48.607446Z","times_seen":1,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":125,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-09-18","alert":"Sinkholed","trigger":"174.136.26.141","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}