firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 18:03:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa2f611dc578ba7eecb9a39cb23b1b70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: rImysdWn_J8xDyFwa8QjQTG3dcvtsr_FlXWBt1FSjtLsEM6KdR2Baw==
Age: 2305
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10429
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 18:41:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 0014cc5ed6f7d7422fe78da5a10aa120.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: t4neeNAZCnWsub0UY_mLR3PNtPA2PlJuNCkArGGSFqXKxJVWeeGg_w==
age: 54501
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 18:41:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ontarioinvestigatortraining.ca/blog/index.php?entryid=241
173.254.104.65200 OK 19 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/blog/index.php?entryid=241
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12135), with CRLF, LF line terminators
Hash c8948d15b9f00ae8fe293a47c87cbf46
73bba54c7d335274748b1e0a5462fd7b5993806e
d9fb2c297924621225993d8333769d5777517a494086de14e6213a9f37b1b694
Analyzer Verdict Alert fortinet Phishing
GET /blog/index.php?entryid=241 HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:37 GMT
Server: Apache
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires:
X-Frame-Options: sameorigin
Set-Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/requirejs/require.min.js
173.254.104.65200 OK 6.7 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/requirejs/require.min.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17535)
Hash d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/lib/requirejs/require.min.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 12 Aug 2020 03:05:20 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 3ffc494014d1d1ba7644f6707a2cf696.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: dj92tfkgSC9tLURlB1xbHv0EymPwrHgkgjFaq-EB0N_ojxCG-kG0Qw==
Age: 525
ontarioinvestigatortraining.ca/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css
173.254.104.65200 OK 1.0 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1965)
Hash 954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/mdn-polyfills/polyfill.js
173.254.104.65200 OK 3.4 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/mdn-polyfills/polyfill.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11332), with no line terminators
Hash 8cc3d769d481d78ececf598ee76d689d
92a54279127cfc3b4a94a0b8b104aa646c9e7d77
104f8dcc25063cae328a049cbfcd5ce52e69a19f779cea9be6331d528bc4c981
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/lib/mdn-polyfills/polyfill.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 12 Aug 2020 03:06:09 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/javascript-static.js
173.254.104.65200 OK 6.8 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/javascript-static.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (1875)
Hash 9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/lib/javascript-static.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 12 Aug 2020 03:06:10 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:38 GMT
Last-Modified: Sun, 02 Oct 2022 16:58:36 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ontarioinvestigatortraining.ca/theme/jquery.php/core/jquery-3.4.1.js
173.254.104.65200 OK 83 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/jquery.php/core/jquery-3.4.1.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 887e7aa43b9a5ad68077980977e33cb5
4ce78ac7e666a5476dc1679b47fef09e05c9f7e9
65a47a99884d21a84db009e89dc65f24724f722fc437034c74130c4732a6f776
Analyzer Verdict Alert fortinet Phishing
GET /theme/jquery.php/core/jquery-3.4.1.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-3.4.1.js"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/babel-polyfill/polyfill.min.js
173.254.104.65200 OK 33 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/babel-polyfill/polyfill.min.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33914), with NEL line terminators
Hash f90bc17b61d0f35a492bc3955990ad52
f7fac0829ccdb23a8cf4bcbba81bdac5c9f6e6b8
fab5c59b4c9264e2478ed4e7455503e0aaac37b89104bb08fae91fb7b2720513
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 12 Aug 2020 03:06:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/theme/javascript.php/edumy/1597332595/head
173.254.104.65200 OK 186 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/javascript.php/edumy/1597332595/head
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (37109)
Size 186 kB (186314 bytes)
Hash b137c1e0cfa77553ae532526d116ad98
d083ad69e43649d34844adacdf9c47c3a64e3eed
dbeecd086d51268761f41a0e58b38cda53e02cf6a2af8f3cf1b3ede7673e576e
Analyzer Verdict Alert fortinet Phishing
GET /theme/javascript.php/edumy/1597332595/head HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Aug 2020 15:30:01 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js
173.254.104.65200 OK 289 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Size 289 kB (288720 bytes)
Hash c8181f03171c4047651484fc206f8b4a
67369e1b7821d80094ad6e9e62ccd5e1fa85ef89
1d7d3f01e0909dce2ae3ec3659f0f5bf180d71fd60762e6198dca69a9667eddb
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
173.254.104.65200 OK 297 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 297 kB (297394 bytes)
Hash 8c104254a58a39b7685a306b4edaa32c
f62375e7bdc93943edbb68750b4f79f69bc0f495
102302d8e7210c3ec1a31ef502c20abbbe60df4eb87d26163c31e22aaf0bf640
Analyzer Verdict Alert fortinet Phishing
GET /theme/styles.php/edumy/1597332595_1/all HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:38 GMT
Server: Apache
Content-Disposition: inline; filename="styles.php"
Expires: Sat, 31 Dec 2022 18:41:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Aug 2020 15:30:13 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
i.imgur.com/euewsTY.jpg
151.101.84.193301 Moved Permanently 0 B IP 151.101.84.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /euewsTY.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/euewsTY.jpg
Accept-Ranges: bytes
Date: Sun, 02 Oct 2022 18:41:39 GMT
X-Served-By: cache-bma1632-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1664736099.396643,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/euewsTY.jpg
151.101.84.193200 OK 17 kB IP 151.101.84.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x275, components 3\012- data
Hash ed514fdf7496ead29bf47418e3c14273
dffc7e308a919da181c3e0d0166867726c4d7600
81f2f96bb8c2df5f0179a0b762137b06413bf6678ef08f095ef5cf11eaa1073c
GET /euewsTY.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ontarioinvestigatortraining.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jan 2016 20:44:18 GMT
etag: "ed514fdf7496ead29bf47418e3c14273"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 02 Oct 2022 18:41:39 GMT
age: 372268
x-served-by: cache-iad-kiad7000046-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 1
x-timer: S1664736099.459617,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 17062
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:400,500,600,700
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito:400,500,600,700
IP 142.250.74.10:0
Hash a3806b5c0229aaf0b3c704895eaff811
cb9012053cdf1ec39387c0882ca5c442b7f3859c
a9aa3e06631d805dbe5bee225279cd88b2ace6a9fd878926941b39f4778b3339
GET /css?family=Nunito:400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 18:41:39 GMT
date: Sun, 02 Oct 2022 18:41:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo2/1597332595/pi.png
173.254.104.65200 OK 2.3 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo2/1597332595/pi.png
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 117 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash ef466ab9a76f879d1fad4ee76d75bb9c
14163093ef19372b7f058e3c916923c402f219a1
c6227743ed442d789672adb465f08ab1e45c0b731bd0d980fdf8146e73abe1d6
GET /pluginfile.php/1/theme_edumy/headerlogo2/1597332595/pi.png HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="pi.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Thu, 01 Dec 2022 18:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Wed, 12 Aug 2020 04:00:27 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2310
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png
ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/footerlogo1/1597332595/pi.png
173.254.104.65200 OK 2.3 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/footerlogo1/1597332595/pi.png
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 117 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash ef466ab9a76f879d1fad4ee76d75bb9c
14163093ef19372b7f058e3c916923c402f219a1
c6227743ed442d789672adb465f08ab1e45c0b731bd0d980fdf8146e73abe1d6
GET /pluginfile.php/1/theme_edumy/footerlogo1/1597332595/pi.png HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="pi.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Thu, 01 Dec 2022 18:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Wed, 12 Aug 2020 04:00:27 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2310
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo_mobile/1597332595/pi.png
173.254.104.65200 OK 2.3 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo_mobile/1597332595/pi.png
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 117 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash ef466ab9a76f879d1fad4ee76d75bb9c
14163093ef19372b7f058e3c916923c402f219a1
c6227743ed442d789672adb465f08ab1e45c0b731bd0d980fdf8146e73abe1d6
GET /pluginfile.php/1/theme_edumy/headerlogo_mobile/1597332595/pi.png HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="pi.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Thu, 01 Dec 2022 18:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Wed, 12 Aug 2020 04:00:27 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2310
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png
ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/3/2.jpg
173.254.104.65200 OK 1.1 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/3/2.jpg
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=PhotoScape], baseline, precision 8, 306x450, components 3\012- data
Hash 90ba77f56fbe98d6315a2a56f400aede
abf4e8e8860363fee33cfe4a8d121a354c6ea375
56965b2a2fce504a3f5a22e02d4b3db11915235e12b34880e521686512971bf4
GET /pluginfile.php/251/block_cocoon_featured_posts/slides/3/2.jpg HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="2.jpg"
Cache-Control: public, max-age=21600, no-transform
Expires: Mon, 03 Oct 2022 00:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Fri, 03 Jan 2020 03:04:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1089
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg
ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/4/3.jpg
173.254.104.65200 OK 1.1 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/4/3.jpg
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=PhotoScape], baseline, precision 8, 306x450, components 3\012- data
Hash 92d910d6c59c22a07b1fd3b5c3b456fb
82bd96a2e6c8cda52bd1c4ed9d615b0608b62cf9
6895d875de23a380dabaeabb877ef5177ec937fed4098a41b477cbd4c5f0eb99
GET /pluginfile.php/251/block_cocoon_featured_posts/slides/4/3.jpg HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="3.jpg"
Cache-Control: public, max-age=21600, no-transform
Expires: Mon, 03 Oct 2022 00:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Fri, 03 Jan 2020 03:04:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1091
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/1/2a.jpg
173.254.104.65200 OK 447 B URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/1/2a.jpg
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 306x450, components 3\012- data
Hash aba113092c8fe9a5d2b132996530569f
931ba8e0a0e80168c5d3a4557a3be8487ccbfd04
d733f5ff86543b95a5809d1627fd32b79d91f42e11eecc1a2df4e5a38b631f04
GET /pluginfile.php/251/block_cocoon_featured_posts/slides/1/2a.jpg HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="2a.jpg"
Cache-Control: public, max-age=21600, no-transform
Expires: Mon, 03 Oct 2022 00:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Fri, 03 Jan 2020 03:04:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 447
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo1/1597332595/pi.png
173.254.104.65200 OK 2.3 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/1/theme_edumy/headerlogo1/1597332595/pi.png
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 117 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash ef466ab9a76f879d1fad4ee76d75bb9c
14163093ef19372b7f058e3c916923c402f219a1
c6227743ed442d789672adb465f08ab1e45c0b731bd0d980fdf8146e73abe1d6
GET /pluginfile.php/1/theme_edumy/headerlogo1/1597332595/pi.png HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="pi.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Thu, 01 Dec 2022 18:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Wed, 12 Aug 2020 03:56:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2310
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png
ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/2/3a.jpg
173.254.104.65200 OK 447 B URL HTTP/1.1 ontarioinvestigatortraining.ca/pluginfile.php/251/block_cocoon_featured_posts/slides/2/3a.jpg
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 306x450, components 3\012- data
Hash aba113092c8fe9a5d2b132996530569f
931ba8e0a0e80168c5d3a4557a3be8487ccbfd04
d733f5ff86543b95a5809d1627fd32b79d91f42e11eecc1a2df4e5a38b631f04
GET /pluginfile.php/251/block_cocoon_featured_posts/slides/2/3a.jpg HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="3a.jpg"
Cache-Control: public, max-age=21600, no-transform
Expires: Mon, 03 Oct 2022 00:41:39 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Fri, 03 Jan 2020 03:04:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 447
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Open+Sans
142.250.74.10200 OK 36 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.10:0
Hash 026f186481f7c781fbd54d081a9a3bd1
ca0e2074b31e6d01a6457d1403c67cb0b8941f64
a5bf39d96455fcd2f5ab297560f283331a7009c3712b97aacb7a15076cfe0178
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 18:41:39 GMT
date: Sun, 02 Oct 2022 18:41:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ontarioinvestigatortraining.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:53:39 GMT
expires: Tue, 26 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 517680
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 18:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ontarioinvestigatortraining.ca/theme/edumy/images/preloader.gif
173.254.104.65200 OK 52 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/edumy/images/preloader.gif
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 80 x 80\012- data
Hash fbf81d06486b2016fc03f155828f0a0c
d93cd00dbf602acab7cb206f024ef10d7688e0ad
3fcb7b4a60293148e6d64b74387dd8659cf37f5816bcafbe58adc0edd5489c04
GET /theme/edumy/images/preloader.gif HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Last-Modified: Mon, 09 Sep 2019 09:06:24 GMT
Accept-Ranges: bytes
Content-Length: 51822
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/gif
ontarioinvestigatortraining.ca/theme/edumy/images/background/inner-pagebg.jpg
173.254.104.65200 OK 13 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/edumy/images/background/inner-pagebg.jpg
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x400, components 3\012- data
Hash 8b3728ae10572b548a503003b2dff6f1
beddea29eda2574314fbabe5e256caa5c30f55bf
677518a3625543f2bd453c0932ba0dde700e2e32491090fc75ad52f9d6a23f05
GET /theme/edumy/images/background/inner-pagebg.jpg HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Last-Modified: Fri, 03 Jan 2020 02:03:32 GMT
Accept-Ranges: bytes
Content-Length: 12625
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
ontarioinvestigatortraining.ca/theme/edumy/fonts/Flaticon.woff2
173.254.104.65200 OK 22 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/edumy/fonts/Flaticon.woff2
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 22384, version 1.0\012- data
Hash efbadf6e3830c51cc205052fd6ec6fa2
f9f0868e8ba51ad43d34f3125d80c67f3d34ceba
f68edb389aa33705485beb09f0395a2514f36dce4491d95d4baf7ec1bef4d2d2
Analyzer Verdict Alert fortinet Phishing
GET /theme/edumy/fonts/Flaticon.woff2 HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Last-Modified: Mon, 09 Sep 2019 08:06:12 GMT
Accept-Ranges: bytes
Content-Length: 22384
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Hash f155ae6c5a655f05edb86445bd7e8d76
23115e9e59853e36044ae725d809759b7e8fa5f2
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ontarioinvestigatortraining.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:07:14 GMT
expires: Tue, 26 Sep 2023 19:07:14 GMT
cache-control: public, max-age=31536000
age: 516865
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ontarioinvestigatortraining.ca/theme/edumy/fonts/fontawesome-webfont.woff2?v=4.7.0
173.254.104.65200 OK 77 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/edumy/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /theme/edumy/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/theme/styles.php/edumy/1597332595_1/all
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Last-Modified: Mon, 09 Sep 2019 08:06:28 GMT
Accept-Ranges: bytes
Content-Length: 77160
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: font/woff2
ontarioinvestigatortraining.ca/theme/yui_combo.php?m/1597201510/core/event/event-debug.js&m/1597201510/filter_mathjaxloader/loader/loader-debug.js
173.254.104.65200 OK 2.8 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?m/1597201510/core/event/event-debug.js&m/1597201510/filter_mathjaxloader/loader/loader-debug.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 241dbe55902ab21afd141026a201f6f8
7969d51307fdd8d059b63cbbde094c723a5b6f98
ba8938a2d70faeaff6c28593d8c576ce1cc05cb69d2295bbbdb1db13a4a0d599
GET /theme/yui_combo.php?m/1597201510/core/event/event-debug.js&m/1597201510/filter_mathjaxloader/loader/loader-debug.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:39 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:39 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8555
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8555
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8555
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:41:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 73225
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 75184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e711c6bf0d0808f0b5c57b80916eba4d
36c8dcdfdc2c59246ba9d999ddffd5387f68155e
e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6101
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnFumIAMFoEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
age: 73423
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a137925cb6116c46ce21c6e27933c44
2973e908318c68489bba9b4242254769a4f3d1ba
737bf9c3d2906a937ed0b082c8830982163be90acf8dd01dacc7ec80c5c8bcd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ae1e7d3-41cb-4400-8cae-870baa006b86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7777
x-amzn-requestid: d035ce80-1700-4e69-8b75-e0bf47ca9ddf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWCFw4oAMFVDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-0412900d669b5381058ec9a2;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qjg6qPJNIehAnTLi-hWNzXTtp0q6Jnw82sOKKZJvTznFmNihUcNgJw==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 18:22:17 GMT
age: 1163
etag: "2973e908318c68489bba9b4242254769a4f3d1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 75186
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 75183
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ontarioinvestigatortraining.ca/theme/edumy/pix/favicon.ico
173.254.104.65200 OK 6.8 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/edumy/pix/favicon.ico
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash fa157a3679a601e2b265da00cdfd994a
0acbd8353eb90fd403ff4db8f8547c2bfc29ff6b
dd64e10d49d19caddcc479a2c4865b119059cff47233ca486cfefb38960ccb45
GET /theme/edumy/pix/favicon.ico HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:40 GMT
Server: Apache
Last-Modified: Thu, 14 Jun 2018 02:01:16 GMT
Accept-Ranges: bytes
Content-Length: 6842
Cache-Control: max-age=604800
Expires: Sun, 09 Oct 2022 18:41:40 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/x-icon
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/comment/comment.js
173.254.104.65200 OK 3.1 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/comment/comment.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (1140)
Hash 08ccd032a4c9d47c622ce557499198e1
4fc51279e0b1a9c98dae46e96741e46c0fe67c6c
119791a3380febefb96481794d6f0f3a020be2ef3d2a382eead9a2a5cbbf58d4
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/comment/comment.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:40 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Aug 2020 02:44:53 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/theme/yui_combo.php?3.17.2/json-stringify/json-stringify.js&2in3/2.9.0/build/yui2-animation/yui2-animation.js
173.254.104.65200 OK 12 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?3.17.2/json-stringify/json-stringify.js&2in3/2.9.0/build/yui2-animation/yui2-animation.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754)
Hash 190e5fb0850bc3822bb3d75c43820909
c2fa569e03c492a97ff81d30fa149971d76908c4
30a1758ce0379bcdacb8e4514c5b61b38b259a743082380e3eac290dbae07d56
GET /theme/yui_combo.php?3.17.2/json-stringify/json-stringify.js&2in3/2.9.0/build/yui2-animation/yui2-animation.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:40 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ontarioinvestigatortraining.ca/theme/yui_combo.php?2in3/2.9.0/build/yui2-yahoo/yui2-yahoo.js&2in3/2.9.0/build/yui2-dom/yui2-dom.js&2in3/2.9.0/build/yui2-event/yui2-event.js
173.254.104.65200 OK 43 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?2in3/2.9.0/build/yui2-yahoo/yui2-yahoo.js&2in3/2.9.0/build/yui2-dom/yui2-dom.js&2in3/2.9.0/build/yui2-event/yui2-event.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash 5df05e4a058948cb6d36950e53fe26e1
baf3dc1a61995487c3b017b7cca09a2adad44d7d
203bfec1c1732d996709e2494d14917d44ac3de7b963d0949e45bf85b34812e5
GET /theme/yui_combo.php?2in3/2.9.0/build/yui2-yahoo/yui2-yahoo.js&2in3/2.9.0/build/yui2-dom/yui2-dom.js&2in3/2.9.0/build/yui2-event/yui2-event.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:40 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:40 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ontarioinvestigatortraining.ca/lib/requirejs.php/1597201510/core/first.js
173.254.104.65200 OK 263 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/requirejs.php/1597201510/core/first.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18223)
Size 263 kB (263081 bytes)
Hash 725c8c92cf55190a8e373386073ae5d8
3c59a80f2236307a8967a10016d6713559bc1cea
5152b3a3b8c7cbdcb1b88f18b01b9352f0499a12e5dfd4ab125e242863db2914
Analyzer Verdict Alert fortinet Phishing
GET /lib/requirejs.php/1597201510/core/first.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:40 GMT
Server: Apache
Content-Disposition: inline; filename="requirejs.php"
Expires: Sat, 31 Dec 2022 18:41:40 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 12 Aug 2020 03:05:28 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/jquery/jquery-3.4.1.min.js
173.254.104.65200 OK 31 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/javascript.php/1597201510/lib/jquery/jquery-3.4.1.min.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65451)
Hash f93e3ed042f71e5f7fe68859936b38ef
69461b9374414ecdaa736061a4b302e81f0c7c89
24b2b2bb2c54222c3db2276e9989b6a027fa0d0469993b4b9332c68ce5c3e469
Analyzer Verdict Alert fortinet Phishing
GET /lib/javascript.php/1597201510/lib/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:41 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sat, 31 Dec 2022 18:41:41 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 12 Aug 2020 03:05:30 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
ontarioinvestigatortraining.ca/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js
173.254.104.65200 OK 15 kB URL HTTP/1.1 ontarioinvestigatortraining.ca/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (437)
Hash 968eef4e2bfe69b5bc52caa8093f624e
6b5916393ef4dec25be5533835ca64136183c411
8b242bd66a81b1ffbbd99008ad2a728e32675385f535b6d9c76498e15eb6b9d5
GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:41 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Wed, 27 Sep 2023 18:41:41 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 03 Jan 2020 03:25:08 GMT
Accept-Ranges: none, none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ontarioinvestigatortraining.ca/lib/ajax/service.php?sesskey=tr6PA2umn1&info=core_fetch_notifications
173.254.104.65200 OK 372 B URL HTTP/1.1 ontarioinvestigatortraining.ca/lib/ajax/service.php?sesskey=tr6PA2umn1&info=core_fetch_notifications
IP 173.254.104.65:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (719), with no line terminators
Hash c04a798f28e93f838975c7ce9d3106f4
54ac38755e940dca6286afde784a2628ed73b48c
af6f941e5cb6b93c4580e2b3cf807a925744c6e4dfd16a63b71bfc0ec687c5a5
POST /lib/ajax/service.php?sesskey=tr6PA2umn1&info=core_fetch_notifications HTTP/1.1
Host: ontarioinvestigatortraining.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 78
Origin: http://ontarioinvestigatortraining.ca
Connection: keep-alive
Referer: http://ontarioinvestigatortraining.ca/blog/index.php?entryid=241
Cookie: MoodleSession=f9dfd556f4f0da87f3698a3509c1c2e6
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 18:41:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 372
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8