Click to jump to signature section
Source: Yara match | File source: 1.2.pages.csv, type: HTML |
Source: Yara match | File source: 1.1.pages.csv, type: HTML |
Source: https://0nline30-online303-newonline302.colegiogg.com/?mrt=dmFsZXJpZS5wZWNyZXNzZUBpbGVkZWZyYW5jZS5mcg==$ | Matcher: Template: captcha matched |
Source: https://0nline30-online303-newonline302.colegiogg.com/?mrt=dmFsZXJpZS5wZWNyZXNzZUBpbGVkZWZyYW5jZS5mcg==$ | Matcher: Template: captcha matched |
Source: https://0nline30-online303-newonline302.colegiogg.com/?mrt=dmFsZXJpZS5wZWNyZXNzZUBpbGVkZWZyYW5jZS5mcg==$ | HTTP Parser: Base64 decoded: a[href="http://www.salidzini.lv/"][style="display: block; width: 88px; height: 31px; overflow: hidden; position: relative;"] |
Source: unknown | HTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.16:49716 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49717 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.16:49718 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49719 version: TLS 1.2 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.44.201.22 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 104.118.8.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.12.23.50 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
Source: global traffic | HTTP traffic detected: GET /smc/wzu/dmFsZXJpZS5wZWNyZXNzZUBpbGVkZWZyYW5jZS5mcg==$ HTTP/1.1Host: liderlerokulu.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: liderlerokulu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://liderlerokulu.com/smc/wzu/dmFsZXJpZS5wZWNyZXNzZUBpbGVkZWZyYW5jZS5mcg==$Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9 |
Source: global traffic | DNS traffic detected: DNS query: za.zalo.me |
Source: global traffic | DNS traffic detected: DNS query: liderlerokulu.com |
Source: global traffic | DNS traffic detected: DNS query: 0nline30-online303-newonline302.colegiogg.com |
Source: global traffic | DNS traffic detected: DNS query: www.google.com |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100cache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Thu, 02 May 2024 14:08:04 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=dev |