r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2627
Expires: Tue, 17 Jan 2023 05:04:50 GMT
Date: Tue, 17 Jan 2023 04:21:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2588
Expires: Tue, 17 Jan 2023 05:04:11 GMT
Date: Tue, 17 Jan 2023 04:21:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 03:49:12 GMT
content-type: application/json
age: 1911
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7886
Expires: Tue, 17 Jan 2023 06:32:29 GMT
Date: Tue, 17 Jan 2023 04:21:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IR0smYOC7p4ZGdwsllfJt3kQ+XFejRC4/6IHE5PuYEXynd+1Lbsv7uMiVMOXw0TgPKvoWnJQ6xM=
x-amz-request-id: PR42G878CHQ77NM7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 03:56:05 GMT
age: 1498
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 04:21:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
103.226.213.97/login/index.php
103.226.213.97200 OK 6.4 kB URL HTTP/1.1 103.226.213.97/login/index.php
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12109), with CRLF, LF line terminators
Hash 054ad2ce4bc0d8c19aefd39c47edb51c
1bdd5532f424336114b8adfd8608db8391501c51
42409f3adf6cfdaa23dd2e3c741b686af166c773510dc1115c36a52fbacb6c1f
Analyzer Verdict Alert quad9 Sinkholed
GET /login/index.php HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; path=/
Expires:
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Accept-Ranges: none
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6439
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 04:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-B1H1991763
142.250.74.40200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-B1H1991763
IP 142.250.74.40:0
File type ASCII text, with very long lines (22462)
Hash ac2209f3fe13748b74500e5494ac104a
779e87450825b1ee8eaeeb92fac826a5589efb5c
c9f09e1679b3ee402f8b6c33f72b50f0909414580acabdbfadd051e4d7273630
GET /gtag/js?id=G-B1H1991763 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://103.226.213.97/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 17 Jan 2023 04:21:03 GMT
expires: Tue, 17 Jan 2023 04:21:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6f4934ef37f04950c15313f2cdc6902d
3ed5b8439867115a06edaf046472ee8d271c33ea
3fb58a81be10df91f59e3f6ceed7d607f77409087515cf675ff0d098c482c574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 04:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
103.226.213.97/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
103.226.213.97200 OK 1.0 kB URL HTTP/1.1 103.226.213.97/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type ASCII text, with very long lines (1965)
Hash 954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
Analyzer Verdict Alert quad9 Sinkholed
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 01 Jul 2022 10:28:53 GMT
Expires: Fri, 12 Jan 2024 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1031
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 04:17:25 GMT
age: 218
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 04:21:03 GMT
Last-Modified: Tue, 17 Jan 2023 03:44:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
103.226.213.97/gtp.css
103.226.213.97200 OK 428 B IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
Hash 7a09343c588076acbeb183399c6798c5
1732f7ca3fc369b74badc0f7483ad3ef26c1dcbd
873b498c8ed19e6e6ba334e1393c56f1c5ae38ddc84a6ecc63072df9521f98f0
Analyzer Verdict Alert quad9 Sinkholed
GET /gtp.css HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 30 Sep 2022 02:40:12 GMT
ETag: "3b0-5e9dbe9c06e24-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 428
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
103.226.213.97/lib/javascript.php/1664252250/lib/polyfills/polyfill.js
103.226.213.97200 OK 5.1 kB URL HTTP/1.1 103.226.213.97/lib/javascript.php/1664252250/lib/polyfills/polyfill.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type ASCII text, with very long lines (17500), with no line terminators
Hash d189e9a405ceb1d114e9be6cf80bfd1c
932d4caaa5cb6160f30e78e22537933432344541
fb1125608532bdcec008620a829b61cf55d91fd92f7135d97b6093635ddcf959
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/javascript.php/1664252250/lib/polyfills/polyfill.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "f0930c7047ffbd1ff53daf7176c4ec7e71746bde"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Tue, 27 Sep 2022 04:17:34 GMT
Expires: Mon, 17 Apr 2023 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5131
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
103.226.213.97/lib/javascript.php/1664252250/lib/javascript-static.js
103.226.213.97200 OK 6.8 kB URL HTTP/1.1 103.226.213.97/lib/javascript.php/1664252250/lib/javascript-static.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type HTML document, ASCII text, with very long lines (1875)
Hash 9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/javascript.php/1664252250/lib/javascript-static.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "5e9f864ce876c1a6236776bcf49d9c962ac12211"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Tue, 27 Sep 2022 04:17:34 GMT
Expires: Mon, 17 Apr 2023 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6777
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
push.services.mozilla.com/
44.239.122.196101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.239.122.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 74DgFzm7tGZHYQq+FD6KBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y+udCJApe1pVk9vyJUhzLgJ3fL0=
103.226.213.97/clipboard.min.js
103.226.213.97200 OK 3.4 kB URL HTTP/1.1 103.226.213.97/clipboard.min.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (10645)
Hash 7016e82990a2bead8aa3e6f7be2786b1
fc4852e14600557c846167acf89a52d94282629a
5aef8c26a58c1242566392c236fbf32bbe9f771494cf218d43e7ec07147aec07
Analyzer Verdict Alert quad9 Sinkholed
GET /clipboard.min.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:04 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 21 Nov 2019 18:26:17 GMT
ETag: "2a02-597df6edc8440-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3356
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
103.226.213.97/theme/styles.php/boost/1664252250_1/all
103.226.213.97200 OK 94 kB URL HTTP/1.1 103.226.213.97/theme/styles.php/boost/1664252250_1/all
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash eb8cdea650d2f2edea0f81225b84d298
e4bb3649a10e1ce6ebe2b959c1d0267619cd921b
3d2ad75c43eb112834316f0cb6c49342269762428579b77b655956fd4960a833
Analyzer Verdict Alert quad9 Sinkholed
GET /theme/styles.php/boost/1664252250_1/all HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "b946925d571f744a04a412b9df02e8d808ab5418"
Content-Disposition: inline; filename="styles.php"
Last-Modified: Wed, 04 Jan 2023 06:42:47 GMT
Expires: Mon, 17 Apr 2023 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
103.226.213.97/lib/javascript.php/1664252250/lib/requirejs/require.min.js
103.226.213.97200 OK 6.7 kB URL HTTP/1.1 103.226.213.97/lib/javascript.php/1664252250/lib/requirejs/require.min.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type ASCII text, with very long lines (17535)
Hash d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/javascript.php/1664252250/lib/requirejs/require.min.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:04 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "1555dcba1ed6f98b2c3e61a7432a11e983868214"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Tue, 27 Sep 2022 04:17:29 GMT
Expires: Mon, 17 Apr 2023 04:21:04 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6662
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
103.226.213.97/lib/javascript.php/1664252250/lib/babel-polyfill/polyfill.min.js
103.226.213.97200 OK 34 kB URL HTTP/1.1 103.226.213.97/lib/javascript.php/1664252250/lib/babel-polyfill/polyfill.min.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Hash a8da4866c35fec35e4ead0c273e5d8fe
cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/javascript.php/1664252250/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "ed652672a7d25d5aceb2165f2f5e08a77a920818"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Tue, 27 Sep 2022 04:17:34 GMT
Expires: Mon, 17 Apr 2023 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
103.226.213.97/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
103.226.213.97200 OK 84 kB URL HTTP/1.1 103.226.213.97/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type ASCII text, with very long lines (6010)
Hash 8bcb376a1000018ace15774394400419
2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af
Analyzer Verdict Alert quad9 Sinkholed
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 01 Jul 2022 10:28:53 GMT
Expires: Fri, 12 Jan 2024 04:21:03 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
103.226.213.97/theme/font.php/boost/core/1664252250/fontawesome-webfont.woff2?v=4.7.0
103.226.213.97200 OK 77 kB URL HTTP/1.1 103.226.213.97/theme/font.php/boost/core/1664252250/fontawesome-webfont.woff2?v=4.7.0
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /theme/font.php/boost/core/1664252250/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://103.226.213.97/theme/styles.php/boost/1664252250_1/all
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:04 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "16b0bd70f4692b87f8868988b2b7c98fb01d8cd5"
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Last-Modified: Tue, 27 Sep 2022 04:17:41 GMT
Expires: Mon, 17 Apr 2023 04:21:04 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 77160
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/font-woff2
region1.google-analytics.com/g/collect?v=2&tid=G-B1H1991763>m=2oe1a1&_p=828796665&cid=781691621.1673929265&ul=en-us&sr=1280x1024&_s=1&sid=1673929264&sct=1&seg=0&dl=http%3A%2F%2F103.226.213.97%2Flogin%2Findex.php&dt=IT%20Learning%20Studio%3A%20Log%20in%20to%20the%20site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-B1H1991763>m=2oe1a1&_p=828796665&cid=781691621.1673929265&ul=en-us&sr=1280x1024&_s=1&sid=1673929264&sct=1&seg=0&dl=http%3A%2F%2F103.226.213.97%2Flogin%2Findex.php&dt=IT%20Learning%20Studio%3A%20Log%20in%20to%20the%20site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B1H1991763>m=2oe1a1&_p=828796665&cid=781691621.1673929265&ul=en-us&sr=1280x1024&_s=1&sid=1673929264&sct=1&seg=0&dl=http%3A%2F%2F103.226.213.97%2Flogin%2Findex.php&dt=IT%20Learning%20Studio%3A%20Log%20in%20to%20the%20site&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://103.226.213.97
Connection: keep-alive
Referer: http://103.226.213.97/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://103.226.213.97
date: Tue, 17 Jan 2023 04:21:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
103.226.213.97/theme/image.php/boost/theme/1664252250/favicon
103.226.213.97200 OK 1.2 kB URL HTTP/1.1 103.226.213.97/theme/image.php/boost/theme/1664252250/favicon
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 135aed33c0a7b8f44f0227a71b9ce345
120e10c8a17aebb31c74b6988f8bce9b05dd6606
7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
Analyzer Verdict Alert quad9 Sinkholed
GET /theme/image.php/boost/theme/1664252250/favicon HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:05 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "929c5ce1f69302b21519652f72fdcd4c40d5964b"
Content-Disposition: inline; filename="favicon.ico"
Last-Modified: Tue, 27 Sep 2022 04:17:35 GMT
Expires: Mon, 17 Apr 2023 04:21:05 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Content-Length: 1150
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9122
Expires: Tue, 17 Jan 2023 06:53:07 GMT
Date: Tue, 17 Jan 2023 04:21:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9122
Expires: Tue, 17 Jan 2023 06:53:07 GMT
Date: Tue, 17 Jan 2023 04:21:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9122
Expires: Tue, 17 Jan 2023 06:53:07 GMT
Date: Tue, 17 Jan 2023 04:21:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9122
Expires: Tue, 17 Jan 2023 06:53:07 GMT
Date: Tue, 17 Jan 2023 04:21:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e29bab4151d6c143d3cf16e7a34b0390
38f5261653926d95074fa5550af5d77a25ebd74e
84bbdf1850d2d76ebb06c7a84446e4723e62a9d9b8e459ec6b833e5892ef66fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8488
x-amzn-requestid: 5e260260-bd4b-44a5-919a-a6085a057c0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1xkHSiIAMF9zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1033d-2e4e00dd43f10f0e0a3e0ac4;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:07:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CUYQrmGPsmYN1xGmZWAjnFLQ1N2Fq4o0NxBX93DG0JR8l-iIqDy3-w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 10:02:58 GMT
age: 65887
etag: "38f5261653926d95074fa5550af5d77a25ebd74e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4eb179a-8966-491f-9879-9d42b2009706.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4eb179a-8966-491f-9879-9d42b2009706.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cfc0e633a95f79ac8db807bfb525d87
4148e7e0aad80e97b0b4215098689f840fe02e81
7472054a95a393028fdda6d4bfab59184df93630cc3e029ab3265b8472ef4912
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4eb179a-8966-491f-9879-9d42b2009706.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7092
x-amzn-requestid: 670ae65f-a022-4ac0-a912-5482b2f9d4c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eo557GlnIAMFy1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c03d0c-1dd49029023dcde461e7a460;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 17:02:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNsjBcLpB0vxLJmFO7qz4EeqRldy0EHiBlDpb7uDED0Bf3ovfc_3OA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 16:10:23 GMT
age: 43842
etag: "4148e7e0aad80e97b0b4215098689f840fe02e81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcaf94e244d0b492c26d4964836f4913
fde259440056930606a16b88e6d87e2edc420bd6
6cc207b89ceda6a27a0c9905a3284044984af07cdf5eb91a84b93bc56e414806
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F385b83d3-24b4-4a2f-b857-c5ad36c6c6f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3027
x-amzn-requestid: 9599f603-0ef7-40c7-aa0e-699a82057dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tr0GvUoAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c318-3d11e6404c85fcb737852aaf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9U7jKrDbganO37QtU-I_g8A9G3XEHtsj-z6s0UF419IdEj_Zw1-uw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "fde259440056930606a16b88e6d87e2edc420bd6"
content-type: image/jpeg
age: 23690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23558a9c-5e81-40b3-9128-4d3adbf13bd0.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23558a9c-5e81-40b3-9128-4d3adbf13bd0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d83151ff2e8bb0726f9576dfa3d5e3b7
085f624f8e4522cf946d12f2427c40e6953b42f2
05aedc682431e631fc2354e9a432b241ea90256980643b327b922854b05d4302
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23558a9c-5e81-40b3-9128-4d3adbf13bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8247
x-amzn-requestid: 4e9f89a6-b604-4171-9f41-66b9fbe4b8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: excJLHWjIAMFckg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a707-4379c4e00cfecc1a01903192;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:11:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WKyuKXlToQ5jzkl7emSPPJG_wLaCI_JA3LGNDoJG_g3bMpC8WXYocA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 07:22:34 GMT
age: 75511
etag: "085f624f8e4522cf946d12f2427c40e6953b42f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wALvrvX2EOL6xe6U3Vf2Xmcx_Nmh0mHXveaX1mZL1yUzOLdKg8f_A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:45:05 GMT
age: 12960
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7558650f7e974b34a7b3cb0c3c3a310c
7adb15e8c38cb18b57a696f8c1f08c523e1137e4
3179a4c545337e9a32d4f1ab851a3ec30ee16b44014c127630e1efcbf77e0c29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f4b6ad-4bfa-468c-ac97-628f5ed79b68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10592
x-amzn-requestid: 7cb5c56a-324a-4eef-b2d0-63e151ae2920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlLyEhToAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be4-7b48a8de0c2957dc329af0e0;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U4yiXXjOtTAxXIINAt6tIZGqsp1XPD2TMvcDPG_daMfEZ3Cf6fNKDw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 08:25:07 GMT
age: 71758
etag: "7adb15e8c38cb18b57a696f8c1f08c523e1137e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
103.226.213.97/lib/requirejs.php/1664252250/core/first.js
103.226.213.97200 OK 379 kB URL HTTP/1.1 103.226.213.97/lib/requirejs.php/1664252250/core/first.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (19485)
Size 379 kB (379431 bytes)
Hash 14c67c202a0ac1a0796c0382d5915351
0fb6075f5ef68b0b49da0e492ea01757ea545530
bb5913247776cc8764c338054908da0e1fb7526e6961f7e5293267c52390a486
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/requirejs.php/1664252250/core/first.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:04 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "0bf92e73c71f77edd08a618295b485125ea9e70d"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Tue, 27 Sep 2022 04:17:33 GMT
Expires: Mon, 17 Apr 2023 04:21:04 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
103.226.213.97/lib/javascript.php/1664252250/lib/jquery/jquery-3.5.1.min.js
103.226.213.97200 OK 31 kB URL HTTP/1.1 103.226.213.97/lib/javascript.php/1664252250/lib/jquery/jquery-3.5.1.min.js
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type ASCII text, with very long lines (65451)
Hash 9e20b290f3bf1923af08d826a5e82c86
fa97509e0967c34ea5393af9f7e1a79162404205
9af00f1990a36ea52fb3eee0118efc546fb6976d2fa8d6d048f5e9a896062cf0
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/javascript.php/1664252250/lib/jquery/jquery-3.5.1.min.js HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:06 GMT
Server: Apache/2.4.29 (Ubuntu)
Etag: "4f885ee66b1b5b4c72dec92f20e4d5839d1532cd"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Tue, 27 Sep 2022 04:17:33 GMT
Expires: Mon, 17 Apr 2023 04:21:06 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
103.226.213.97/lib/ajax/service-nologin.php?info=6-method-calls
103.226.213.97200 OK 211 B URL HTTP/1.1 103.226.213.97/lib/ajax/service-nologin.php?info=6-method-calls
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type JSON data\012- , ASCII text, with no line terminators
Hash c135ebb8306e47146c197265b9c9022b
425c439b399cc4a29df884f4ac5aa75505944c2c
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
Analyzer Verdict Alert quad9 Sinkholed
POST /lib/ajax/service-nologin.php?info=6-method-calls HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 757
Origin: http://103.226.213.97
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:07 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 211
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
103.226.213.97/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
103.226.213.97200 OK 29 kB URL HTTP/1.1 103.226.213.97/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type JSON data\012- , ASCII text, with very long lines (28574), with no line terminators
Hash d8c1e68eb3c61cdae78281bfc25f0caf
5b0a83d03cf33d64fa8ae8d7997c187a109d1ed7
b35f1a9975c4d014407c59f3f6e9480a74f50e474139e1d645919a8f87ad00a9
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:07 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Mon, 17 Apr 2023 04:21:07 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
103.226.213.97/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
103.226.213.97200 OK 2.4 kB URL HTTP/1.1 103.226.213.97/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP 103.226.213.97:0
ASN #131584 Taiwan Intelligent Fiber Optic Network Co.,Ltd.
File type JSON data\012- , ASCII text, with very long lines (2422), with no line terminators
Hash f2f5d195ae0262b5de27122ead127b83
021acaf9e14d4fd6992da17347faf26bd4697d65
380abdf554c0d04799270cb6d2effc74cde736b03adf4cc3b1e3aac6cadab2c1
Analyzer Verdict Alert quad9 Sinkholed
GET /lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664252250&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: 103.226.213.97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://103.226.213.97/login/index.php
Cookie: MoodleSession=mmed02l5ofj1p66sarukqef8kt; _ga_B1H1991763=GS1.1.1673929264.1.0.1673929264.0.0.0; _ga=GA1.1.781691621.1673929265
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 04:21:07 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Mon, 17 Apr 2023 04:21:07 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 2422
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8