IP 23.36.76.226:0
ASN#20940 Akamai International B.V.
Hash8da573ed2ea38caa3cf2e6bfe947fc83 4ddebb5e1b077189f7a38e5e7bc0d51b92278307 7dc6edc45ebc495841af6fcd9d5ab3638e206c39b5d7847c16d173ffbb65883f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7DC6EDC45EBC495841AF6FCD9D5AB3638E206C39B5D7847C16D173FFBB65883F"
Last-Modified: Mon, 06 Nov 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21240
Expires: Tue, 07 Nov 2023 23:05:09 GMT
Date: Tue, 07 Nov 2023 17:11:09 GMT
Connection: keep-alive
|
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8da573ed2ea38caa3cf2e6bfe947fc83 4ddebb5e1b077189f7a38e5e7bc0d51b92278307 7dc6edc45ebc495841af6fcd9d5ab3638e206c39b5d7847c16d173ffbb65883f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7DC6EDC45EBC495841AF6FCD9D5AB3638E206C39B5D7847C16D173FFBB65883F"
Last-Modified: Mon, 06 Nov 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21239
Expires: Tue, 07 Nov 2023 23:05:09 GMT
Date: Tue, 07 Nov 2023 17:11:10 GMT
Connection: keep-alive
|
| moodle.calvino.ge.it/pluginfile.php/4728/mod_folder/content/0/Astar.exe?forcedownload=1 |  188.114.96.1 | | 304 kB |
URL moodle.calvino.ge.it/pluginfile.php/4728/mod_folder/content/0/Astar.exe?forcedownload=1 IP188.114.96.1:0
File typePE32+ executable (console) x86-64, for MS Windows\012- data Size304 kB (303616 bytes) Hash225a1b1bc2a40f3c9646000a07124a5d 918380de48a566964ce7041d311317a6c77a9c12 9ccccc659ad32f869c3d98000d0bc469ff8a9299cf5c4c7216b5c56f225f84a6
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /pluginfile.php/4728/mod_folder/content/0/Astar.exe?forcedownload=1 HTTP/1.1
Host: moodle.calvino.ge.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 Nov 2023 17:11:09 GMT
content-type: application/octet-stream
content-length: 303616
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: private, max-age=10, no-transform
pragma:
content-disposition: attachment; filename="Astar.exe"
last-modified: Wed, 14 Nov 2018 13:08:05 GMT
etag: "918380de48a566964ce7041d311317a6c77a9c12"
cf-cache-status: BYPASS
set-cookie: MoodleSession=rqrnh8hplf1vtj0d3j3q2833rj; path=/; secure
MoodleSession=c8mtf38r4sko20g7get5t6nkhm; path=/; secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDDw13SMa759ZqiZd7p3a1FQ0pHadKvGy%2Fys9Y1UGC2G2af5m5Udxt4k9fOcj4d2v9CtXnK58O8vrrfRNN5vhXrXuP6NR7QoRQyOMgX%2Fwo8wfn%2FWNQWwWK%2F4Nf5AGS8%2BdwHAly1guw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8227319cace10b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|