Report - 3.66.36.205/

Report Overview

Submitted URL
3.66.36.205/
IP
3.66.36.205
ASN
#16509 AMAZON-02
Submitted
2024-05-04 22:18:51
Access
public
Website Title
Campus | Planeta Formación y Universidades
Final URL
3.66.36.205/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
3.66.36.205	unknown	unknown	No data	No data	10 kB	348 kB	3.66.36.205
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	445 B	1.7 kB	142.250.74.106
learn.content.blackboardcdn.com	10134	2018-04-25	2021-02-04	2024-04-22	958 B	5.5 kB	172.64.153.113
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.6 kB	92 kB	216.58.207.227
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-04	338 B	942 B	143.204.53.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed
2024-05-04	medium	3.66.36.205	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/validate_login.js?v=3900.91.0-rel.20+75bf374	3.2 kB	2023-09-04	2024-05-05
Pretty URL learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/validate_login.js?v=3900.91.0-rel.20+75bf374 IP 172.64.153.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 01:14:43 Last Seen2024-05-05 00:18:57 Times Seen70 Hash 58b55c878740f7be38dc13b71d22646d 75322e885335c88fa8b5ac7aa141fd5fe544845b dd359ba597271f89274080f01b7feae068aebaa90d59ce23f350647f85ccf002 Loading...

	3.66.36.205/javascript/qrcodejs/qrcode.min.js	20 kB	2024-02-28	2024-05-16
Pretty URL 3.66.36.205/javascript/qrcodejs/qrcode.min.js IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-16 10:22:34 Times Seen23 Hash 272a836f3b4bff95839c86eb6064cd85 425c063b9b3f7b4c187c5903f1014a45112b8e6f 2128d181bff54d66702dbb9dca6361bff68e92ce51c2cc9a526a58c3b63a97a4 Loading...

	3.66.36.205/	60 kB	2024-05-05	2024-05-05
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 00:18:57 Last Seen2024-05-05 00:18:57 Times Seen1 Hash 2ce7b0d36c7a2eeb712ac63d7122f64e d097b9c9c63cab3e9d189e865f16a31956de89e2 2cb63989598b89a57dec6459926356cd1563a2270154faac85b0b55bc93361f2 Loading...

	3.66.36.205/branding/themes/pfu/login/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-18
Pretty URL 3.66.36.205/branding/themes/pfu/login/js/bootstrap.min.js IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-18 12:20:47 Times Seen56479 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	3.66.36.205/	12 kB	2024-05-05	2024-05-05
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 00:18:57 Last Seen2024-05-05 00:18:57 Times Seen1 Hash 37e956059cc48e9ded8cbb9f68c12deb a2680ade07046b0e153e047ac0669c3456f47f37 4cd2df26c63c8b5aa786ccd3d362033559b507a74c8e71b06b7b6f2fcf54d616 Loading...

	learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js?v=3900.91.0-rel.20+75bf374	2.6 kB	2023-03-07	2024-05-16
Pretty URL learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js?v=3900.91.0-rel.20+75bf374 IP 172.64.153.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:54 Last Seen2024-05-16 10:22:33 Times Seen99 Hash a183fc09aa8be412e99d9f469396fd48 3e4d6d08adf86ca9f173654883a720b85568c288 2f6a37a29c735dc433c33e9581d0fd237918b350ab5636bd867920cdca147940 Loading...

	3.66.36.205/branding/themes/pfu/login/js/main.js	266 B	2024-02-28	2024-05-05
Pretty URL 3.66.36.205/branding/themes/pfu/login/js/main.js IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-05 00:18:57 Times Seen4 Hash 38100e114d252c0bcc1348a118004869 1fd0cc2dc1c4bed2bdc9fc75886e6bf78da7fe1c 425061b74cb9d5b90405c1bd8f43bed0b0bb0be4a570a8b649fffe1712ff3509 Loading...

	3.66.36.205/	3.2 kB	2024-02-28	2024-05-16
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-16 10:22:33 Times Seen11 Hash fd7512845ed8ab8ec27354b36774f155 a4950a2b28d227e0a4db278987c8957819654bc2 e0a66e93b946fc1286858a09c6b06737b03e7a6a96f6417c52553395a9d2f43a Loading...

	3.66.36.205/	2.7 kB	2024-02-28	2024-05-16
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-16 10:22:33 Times Seen11 Hash ef45257b36bf616c961a7d556cf5035d f56b06c54f5d9be9b3b69215ec73137f9664ba9e e95789e0f1c42f76d329001a9d4a4c32bd54fe1f4f3bc234a4296914d4e434fa Loading...

	3.66.36.205/	284 B	2024-02-28	2024-05-16
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-16 10:22:33 Times Seen11 Hash a41db3916ce23696087d946c9bca6305 a7505e2a4b221a391ce59213e86e46d4a7fc1193 53741095f7327f5058739d48a6ccca2c5679787b720b7fb972f694b8af6914e4 Loading...

	3.66.36.205/	173 B	2024-02-28	2024-05-05
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-05 00:18:57 Times Seen2 Hash 364f320fb3c7fa11e1f59fa7dbce76db d5cbb902b0d1babd80c50d6ce105786d6257e1a5 b7e7e37bcbcf0fd5d9eb92e5d3e5fbb9616c4d8e1f214f1ce7087ebf68d88efe Loading...

	unknown	11 B	2024-02-28	2024-05-05
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-05 00:18:57 Times Seen2 Hash 78b891d614fa20b95cee8fd99eddf094 9e72855ddbe7ecb9f0794835f461160915bfc778 2cfb7930c0b1dcda8c6a1b27c21ed8a398474ff86e2fcf5c497dd31f69f77978 Loading...

	3.66.36.205/	418 B	2024-02-28	2024-05-05
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-28 00:17:35 Last Seen2024-05-05 00:18:57 Times Seen2 Hash 909bfbf2567588a77fdac12ed45a848f ea9aabe3ea340bd013795502cc2dfa592e29d63b 59c1a87865b1413e8b19c25f691103bb14e1233ac820df2838104d6cfca12165 Loading...

	3.66.36.205/branding/themes/pfu/login/js/jquery.min.js	86 kB	2023-03-07	2024-05-18
Pretty URL 3.66.36.205/branding/themes/pfu/login/js/jquery.min.js IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-05-18 11:27:05 Times Seen6787 Hash 710458dd559c957714ac4a8e95357eb5 f694238d616f579a0690001f37984af430c19963 b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365 Loading...

	3.66.36.205/	329 B	2024-05-05	2024-05-05
Pretty URL 3.66.36.205/ IP 3.66.36.205 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 00:18:57 Last Seen2024-05-05 00:18:57 Times Seen1 Hash 6c5a49b233a72a2e66d8d830ae3a3bc7 a25d5576afdca6665f32cd4e7c00ea22fadbd108 0bf3d78267629bd16f2ae83546cc59685126fd15c07a4bbcdd4cbfe159aceeb6 Loading...

HTTP Transactions (20)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a0db58a4572710a9f5b48e1958b89b4d
15c72fc441f762183d410e088257d617decd1e41
6290d6add97a40115b0d41230839b145031760b1b454986486b894868434ec15

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 22:18:24 GMT
Last-Modified: Sat, 04 May 2024 21:14:42 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0JUAB0lfKjJghy-KKNXW0dUlsXggu8u01kzcIjtE1PSe9mkYFppOBQ==
Age: 3822

3.66.36.205/

3.66.36.205

200

175 B

URL User Request GET HTTP/1.1
3.66.36.205/
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
175 B (175 bytes)
Hash
ca1ce3399a1abab6d52988a51f3b4307
3ceee27f1294f8d1cc213aa461cad2d2ed706cea
5eb0dfd23b6a6bc58ff93d6e8c61b6418d58fec61e55fa70ee2135a23db3f628

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-control: no-cache="set-cookie"
Content-Type: text/html
Date: Sat, 04 May 2024 22:18:24 GMT
Location: https://3.66.36.205/
Set-Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C;PATH=/;MAX-AGE=900
Content-Length: 175
Connection: keep-alive

3.66.36.205/

3.66.36.205

200

28 kB

URL User Request GET HTTP/1.1
3.66.36.205/
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (59443), with CRLF, LF line terminators
Size
28 kB (27606 bytes)
Hash
3ee0415c9912db029247bb43b694f503
9563871dccc9126c6c9e36d158e842cda88e8515
b623007c9305f73a7f57c752368dd9e14e4d95eede5e9c343d646d94f30c2183

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Sat, 04 May 2024 22:18:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 04 May 2004 22:18:25 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Set-Cookie: JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; Path=/; Secure
BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/css/bootstrap.min.css

3.66.36.205

200

20 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/css/bootstrap.min.css
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
20 kB (19740 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/css/bootstrap.min.css HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"121200-1714675767154"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/js/jquery.min.js

3.66.36.205

200

30 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/js/jquery.min.js
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators
Size
30 kB (29865 bytes)
Hash
710458dd559c957714ac4a8e95357eb5
f694238d616f579a0690001f37984af430c19963
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/js/jquery.min.js HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"85582-1714675767166"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
transfer-encoding: chunked
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/css/font-awesome.min.css

3.66.36.205

200

7.1 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/css/font-awesome.min.css
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7050 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/css/font-awesome.min.css HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"31000-1714675767154"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 7050
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/css/style.css

3.66.36.205

200

4.9 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/css/style.css
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
4.9 kB (4921 bytes)
Hash
0898e64ad81d8ae94b5579b8981ae3a6
0017f0d76b418f414c1c1a217832769253b31e21
b574390149e48f5197237e14ddfca92e982c143f159f00f59b47204748a99766

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/css/style.css HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/css
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"25490-1714675767154"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 4921
Connection: keep-alive

3.66.36.205/javascript/qrcodejs/qrcode.min.js

3.66.36.205

200

7.0 kB

URL GET HTTP/1.1
3.66.36.205/javascript/qrcodejs/qrcode.min.js
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (19928)
Size
7.0 kB (7010 bytes)
Hash
272a836f3b4bff95839c86eb6064cd85
425c063b9b3f7b4c187c5903f1014a45112b8e6f
2128d181bff54d66702dbb9dca6361bff68e92ce51c2cc9a526a58c3b63a97a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /javascript/qrcodejs/qrcode.min.js HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"19929-1714670954308"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 17:29:14 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 7010
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/js/bootstrap.min.js

3.66.36.205

200

9.8 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/js/bootstrap.min.js
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32033)
Size
9.8 kB (9832 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/js/bootstrap.min.js HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"37045-1714675767166"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 9832
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/js/main.js

3.66.36.205

200

203 B

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/js/main.js
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
203 B (203 bytes)
Hash
38100e114d252c0bcc1348a118004869
1fd0cc2dc1c4bed2bdc9fc75886e6bf78da7fe1c
425061b74cb9d5b90405c1bd8f43bed0b0bb0be4a570a8b649fffe1712ff3509

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/js/main.js HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"266-1714675767166"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 203
Connection: keep-alive

3.66.36.205/branding/themes/pfu/login/img/Logotipos_pfu_3.png

3.66.36.205

200

17 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/img/Logotipos_pfu_3.png
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
PNG image data, 231 x 89, 8-bit/color RGBA, non-interlaced
Size
17 kB (16729 bytes)
Hash
9ca8264990ad8cfbe5b2341e203e06ee
d8b494bf8abdc529515257f76f339c9bd685208f
c494f8837548e516ca988c9de3fb1f44a2c10751c2bd536af4327013ae9892e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/img/Logotipos_pfu_3.png HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/png
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"16729-1714675767162"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 16729
Connection: keep-alive

3.66.36.205/images/ci/icons/complete.svg

3.66.36.205

200

197 B

URL GET HTTP/1.1
3.66.36.205/images/ci/icons/complete.svg
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
197 B (197 bytes)
Hash
bace85b1fa415de4a4a74ca3d381902d
7483c9d380d9c771840f9a0f4d1a896c5fc644d0
6b1d4c32909ee44f2d4e1800bad63003aa44eee1898d89992a061985780f6687

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/ci/icons/complete.svg HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714889905,id:FDB0360A1902317861AB3E43249D7687,signature:721eb83d75350e54f1580f7d98fe61aec823b47c734a0e3cc009d1331cd94d7e,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: private, max-age=0, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"342-1714670932832"
Expires: Thu, 04 May 2023 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 17:28:52 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 197
Connection: keep-alive

fonts.googleapis.com/css?family=Lato:700%7CMontserrat:400,600

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:700%7CMontserrat:400,600
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.1 kB (1080 bytes)
Hash
4ab85608f444f0390d2c0f430a1e238d
8c6c9733593ff0f3a9ea1f2209c03c765eaeffbb
607d0ca925e96d71572d563b55c9062ddf0f3aa6f29774ee889018a777f9d57d

HTTP Headers

GET /css?family=Lato:700%7CMontserrat:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 22:18:26 GMT
date: Sat, 04 May 2024 22:18:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.66.36.205/branding/themes/pfu/login/img/PFU_Hospitalet.jpg

3.66.36.205

200

213 kB

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/img/PFU_Hospitalet.jpg
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x991, components 3
Size
213 kB (212765 bytes)
Hash
aa8810f0cb53da98979daf39f8f2a2eb
a69401c36752cc209ff97d7a2a75e5a9eb8ad211
51cd463d2a29ca331326382ea883c60a69c2d16b4c79a50f37d66753d36c19ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/img/PFU_Hospitalet.jpg HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/branding/themes/pfu/login/css/style.css
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Accept-Ranges: bytes
Cache-Control: public
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/jpeg
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"212765-1714675767162"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 212765
Connection: keep-alive

learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js?v=3900.91.0-rel.20+75bf374

172.64.153.113

200 OK

1.3 kB

URL GET HTTP/2
learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/cookie.js?v=3900.91.0-rel.20+75bf374
IP
172.64.153.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subjectlearn.content.blackboardcdn.com
FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36
ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT

File type
ASCII text
Size
1.3 kB (1283 bytes)
Hash
a183fc09aa8be412e99d9f469396fd48
3e4d6d08adf86ca9f173654883a720b85568c288
2f6a37a29c735dc433c33e9581d0fd237918b350ab5636bd867920cdca147940

HTTP Headers

GET /3900.91.0-rel.20+75bf374/javascript/cookie.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:26 GMT
content-type: application/javascript
cf-ray: 87ebddd9cfbfb512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 218786
cache-control: public, max-age=2592000
etag: W/"a183fc09aa8be412e99d9f469396fd48"
last-modified: Tue, 30 Apr 2024 19:15:44 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.66.36.205
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 243624
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.66.36.205
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 159785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://3.66.36.205
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 243624
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.66.36.205/branding/themes/pfu/login/img/favicon.ico

3.66.36.205

200

567 B

URL GET HTTP/1.1
3.66.36.205/branding/themes/pfu/login/img/favicon.ico
IP
3.66.36.205:443
ASN
#16509 AMAZON-02

Requested by
https://3.66.36.205/
Certificate
IssuerAmazon
Subject*.planetaformacion.com
Fingerprint67:41:C8:C7:9F:28:F9:B5:AB:0F:6D:4D:B0:1F:08:86:BB:71:C5:F5
ValiditySat, 17 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
567 B (567 bytes)
Hash
28680060e7d271e44a090825544a7e4f
727048256eb664775cb773a02d873f1f2fdba32f
2099ce209df439da9bae33b7635c11380e04477bccd4ff918390f35850725561

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /branding/themes/pfu/login/img/favicon.ico HTTP/1.1
Host: 3.66.36.205
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Cookie: AWSELB=5FA9C5091C1B6F826542FF0FC5C21E139C16182C142BE47455FDF1894A9E66C09C6A2423C6CBE2EFF3869CE2F1DE4424C06AB2203357501889FA26D74FDF1E8921DF1CA94C; JSESSIONID=3CAD5F43B30C1764D54495B9D7486D28; BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Cache-Control: public
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/x-icon
Date: Sat, 04 May 2024 22:18:26 GMT
ETag: W/"1150-1714675767162"
Expires: Sun, 04 May 2025 22:18:26 GMT
Last-Modified: Thu, 02 May 2024 18:49:27 GMT
P3P: CP="CAO PSA OUR"
Set-Cookie: BbRouter=expires:1714862906,id:FDB0360A1902317861AB3E43249D7687,signature:e41ffe3b4e009a91042605264c48eec1c9cce87cdd4a036b9e8c2e3e97ef41f4,site:23571791-3f2c-405d-a28b-05c54c271d9d,v:2,xsrf:6d9e5051-6417-4b95-a3c8-e250c35d7b02; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Blackboard-appserver: ip-10-148-214-165.eu-central-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.91.0-rel.20+75bf374
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 567
Connection: keep-alive

learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/validate_login.js?v=3900.91.0-rel.20+75bf374

172.64.153.113

200 OK

3.2 kB

URL GET HTTP/2
learn.content.blackboardcdn.com/3900.91.0-rel.20+75bf374/javascript/validate_login.js?v=3900.91.0-rel.20+75bf374
IP
172.64.153.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://3.66.36.205/
Certificate
IssuerGoogle Trust Services LLC
Subjectlearn.content.blackboardcdn.com
FingerprintC2:61:8B:75:CE:2E:63:71:B3:EA:0D:72:B7:57:75:10:FD:2B:49:36
ValidityWed, 03 Apr 2024 23:44:39 GMT - Tue, 02 Jul 2024 23:44:38 GMT

File type
ASCII text, with very long lines (3368), with no line terminators
Size
3.2 kB (3225 bytes)
Hash
f27db630f8fcd54669b40f93f7a1b3c7
baa0922197da345b8087bc8ee8edca486b42f849
b1d67f15c6a6efed855f99b542ae6f1e07757065588d8dff4b16c028458d35b3

HTTP Headers

GET /3900.91.0-rel.20+75bf374/javascript/validate_login.js?v=3900.91.0-rel.20+75bf374 HTTP/1.1
Host: learn.content.blackboardcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3.66.36.205/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 22:18:26 GMT
content-type: application/javascript
cf-ray: 87ebddd9dfcbb512-OSL
cf-cache-status: HIT
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"58b55c878740f7be38dc13b71d22646d"
last-modified: Tue, 30 Apr 2024 19:15:45 GMT
vary: Accept-Encoding, Origin
x-worker-version: iW/tmK21arnNMMoDMStU832MRxDXRJtalnyNOSizCKM=
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML