www.gelanboysboardingsecondaryschoolaa.edu.et/
162 B URL www.gelanboysboardingsecondaryschoolaa.edu.et/
IP
ASN #24757 Ethiopian Telecommunication Corporation
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET / HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 25 Sep 2023 02:43:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.gelanboysboardingsecondaryschoolaa.edu.et/
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/bg.jpg
200 OK 120 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/bg.jpg
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 120 kB (120105 bytes)
Hash 5f6f14c7e213792c78d8fc08ced0840c
9700da5cdd4b261c657540b4d4d49c90cd57cdac
cde4074549e72df2b148594b13728b01118887d02d99e5e7d67c5d1e54cc6669
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/img/bg.jpg HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: image/jpeg
content-length: 120105
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: "646888d2-1d529"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/logo.svg
200 OK 864 B URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/logo.svg
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (793), with CRLF line terminators
Hash c6a2d2f507cb0f90edba00682d0dc854
ce2d00824f3b9edfd660105e670945c960c65c22
8a421d5798accee1c284865ac05cee792ad3f6bcb3c70ce1dcb954d23e86fdad
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/img/logo.svg HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: image/svg+xml
content-length: 864
x-accel-version: 0.01
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: "360-5fc1c11b65880"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/css/none.css
200 OK 92 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/css/none.css
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type ASCII text, with very long lines (375), with CRLF line terminators
Hash f1c287eb145ecb03b21e2c0d1a6165ed
5f0ae41689046c822b45877c9ccd03bff63c2fc5
996606e12517e3bb57e0a5f01fed3d7144e2d07a4d8076717a90285c351fa835
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/css/none.css HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: text/css
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-245ae"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/fb.png
200 OK 1.5 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/fb.png
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash a33ca47ef110b6e3ec5086b8776407d3
dff5bbbe61b4920a23fb21a7fca69ca9e94dcb6c
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/img/fb.png HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: image/png
content-length: 1455
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: "646888d2-5af"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/favicon.png
200 OK 1.8 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/favicon.png
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/img/favicon.png HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:02 GMT
content-type: image/png
content-length: 1755
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: "646888d2-6db"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/favicon.ico
200 OK 17 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/img/favicon.ico
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/img/favicon.ico HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:02 GMT
content-type: image/vnd.microsoft.icon
content-length: 16958
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: "646888d2-423e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
200 OK 74 kB URL GET HTTP/1.1 assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
IP
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint0A:0A:C7:E2:10:1C:41:9E:0B:AE:B6:7E:96:E4:34:B3:58:F2:D1:01
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Oct 2023 22:53:05 GMT
File type Web Open Font Format, CFF, length 73572, version 0.0\012- data
Hash 7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
GET /ffe/siteui/fonts/nf-icon-v1-93.woff HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gelanboysboardingsecondaryschoolaa.edu.et
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 25 Sep 2023 02:44:03 GMT
Content-Type: font/woff
Content-Length: 73572
Connection: keep-alive
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Cache-Control: max-age=604801
Expires: Mon, 02 Oct 2023 02:44:04 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/
302 Found 9.5 kB URL User Request GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/
IP
ASN #24757 Ethiopian Telecommunication Corporation
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kr/les/ HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh; path=/
location: login.php
x-powered-by: PHP/8.0.30, PleskLin
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.ccvalid.js
200 OK 7.4 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.ccvalid.js
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type ASCII text, with very long lines (7729), with no line terminators
Hash 59b9011404fa8dcc9319f2c642e415aa
45824550b9fc31749bfc562dc39bc5f2e3389329
07ede44bcc2560b2928e93a6f11d4098e48c75786fd7b963e0acb28b8725a92a
GET /kr/les/files/js/jquery.ccvalid.js HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: application/javascript
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-1d12"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.js
200 OK 87 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.js
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash af4078402c5e090d3f81d1abd71e2250
9592732de681f4365e9b7016dc5cf76e2a55ee9b
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/js/jquery.js HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: application/javascript
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-15339"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/css/none2.css
200 OK 167 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/css/none2.css
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type ASCII text, with very long lines (375), with CRLF line terminators
Size 167 kB (166902 bytes)
Hash 547107fe336e4bb0e9a6419bfcd53db4
6b96c54edc6c105a808e2655b9eb2118ebfa35e9
72b3228cb98385052ac5e8e287ad5e563cd7e4f7943bfc23090dc9c4776e72dd
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/css/none2.css HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: text/css
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-28bf6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
200 OK 9.5 kB URL User Request GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
IP
ASN #24757 Ethiopian Telecommunication Corporation
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9895), with no line terminators
Hash 10ee817ae470f0c8c827ff628022888f
ac918992034e00096d95d955e068b618fd2ff816
95c8aaf0a52655f4103bb7db33b06d520b0ff1dcfa7fa24ee415f6fd9505a420
GET /kr/les/login.php HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: PHP/8.0.30, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/modernizr.min.js
200 OK 3.8 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/modernizr.min.js
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type HTML document, ASCII text, with very long lines (3896), with no line terminators
Hash c0547ad6bff386dc451f91f0db90428e
7ab84a8ad13f7d6a0b574d524a21f6a2855e4371
c03c8bd284178fc700f0d79d2a4b6c6e2ce13f350875d2c3da19334544b7bf29
Analyzer Verdict Alert urlquery phishing Phishing - Netflix
GET /kr/les/files/js/modernizr.min.js HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: application/javascript
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-edf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.mask.js
200 OK 8.1 kB URL GET HTTP/2 www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/files/js/jquery.mask.js
IP
ASN #24757 Ethiopian Telecommunication Corporation
Requested by https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Certificate IssuerLet's Encrypt
Subjectgelanboysboardingsecondaryschoolaa.edu.et
FingerprintB9:09:44:7E:60:3E:E6:72:6B:C3:57:E8:29:CE:A4:67:D2:0C:81:A6
ValidityTue, 22 Aug 2023 13:11:27 GMT - Mon, 20 Nov 2023 13:11:26 GMT
File type ASCII text, with very long lines (8330), with no line terminators
Hash c07b6250df1945bf189a324a1a73e34e
1df1138ce1ad2b84d5c4424b86346a3dd9a38e7c
f638b474085c018c3946055b81e4399069032cabb639bef52e88f1342697dd3e
GET /kr/les/files/js/jquery.mask.js HTTP/1.1
Host: www.gelanboysboardingsecondaryschoolaa.edu.et
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gelanboysboardingsecondaryschoolaa.edu.et/kr/les/login.php
Cookie: PHPSESSID=971hs1f3bnq353365jjqr7lgdh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 02:44:01 GMT
content-type: application/javascript
last-modified: Sat, 20 May 2023 08:46:10 GMT
etag: W/"646888d2-1fad"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
213.55.96.153
45.57.91.1