lms.newcag.be/login/forgot_password.php
152.228.220.164301 Moved Permanently 334 B URL HTTP/1.1 lms.newcag.be/login/forgot_password.php
IP 152.228.220.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9e691ee770b455fca0de40d1431280af
eeceb39d31466c7fe26600f1a017642b3b1d8879
defe90c83aa2e282927c2d7e09e645d2b8b609df09f839b2179bb2e01c45f1ce
Analyzer Verdict Alert fortinet Malware
GET /login/forgot_password.php HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 14:59:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://lms.newcag.be/login/forgot_password.php
Content-Length: 334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 14:05:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qwEv4VU2jUD_UUB5oYH8pbf63jFVKge9FyKOQb1kG881WvZghAkE8Q==
Age: 3248
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Fri, 09 Sep 2022 16:06:38 GMT
Date: Fri, 09 Sep 2022 14:59:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m_8TWSEfhvt1avT6OsGbIv7TZHa4kfCn7H6_2UTluTUOildN0nXOQw==
age: 40402
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 14:59:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fa7848d6b66e22b8117c8f01b50464b
8acdad3251d9824f28255d21870e0475759567a8
a61274f5f6ca9c8b804f98d87592bdbcc49d4d29f7db69cee36db3f1c7782e85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A61274F5F6CA9C8B804F98D87592BDBCC49D4D29F7DB69CEE36DB3F1C7782E85"
Last-Modified: Fri, 09 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21504
Expires: Fri, 09 Sep 2022 20:58:21 GMT
Date: Fri, 09 Sep 2022 14:59:57 GMT
Connection: keep-alive
lms.newcag.be/login/forgot_password.php
152.228.220.164200 OK 7.7 kB URL HTTP/1.1 lms.newcag.be/login/forgot_password.php
IP 152.228.220.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11861)
Hash 59edf85e2772ed71175c3f69860ba876
af447b02fdaa01e69d761e27e396856496a5186c
a11362cb49ef813c9f8800dfd70dcbc22999f523dbcd8437edc5d75a89d60e11
Analyzer Verdict Alert fortinet Malware
GET /login/forgot_password.php HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires:
Accept-Ranges: none
X-Frame-Options: sameorigin
Set-Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60; path=/; secure
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
lms.newcag.be/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
152.228.220.164200 OK 1.0 kB URL HTTP/1.1 lms.newcag.be/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
IP 152.228.220.164:0
File type ASCII text, with very long lines (1965)
Hash 954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 14:56:07 GMT
Expires: Fri, 09 Sep 2022 15:49:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mN4ZajHQO_-6FO_osVf4P_s53EWO9y8b2WoMbcNnZcoAhZ_7jb8ilQ==
Age: 230
lms.newcag.be/lib/javascript.php/1631751669/lib/babel-polyfill/polyfill.min.js
152.228.220.164200 OK 34 kB URL HTTP/1.1 lms.newcag.be/lib/javascript.php/1631751669/lib/babel-polyfill/polyfill.min.js
IP 152.228.220.164:0
File type Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Hash a8da4866c35fec35e4ead0c273e5d8fe
cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1631751669/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "15b0127c42918713e345de4cc3bb0a82bf6b3c45"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
lms.newcag.be/lib/javascript.php/1631751669/lib/polyfills/polyfill.js
152.228.220.164200 OK 5.2 kB URL HTTP/1.1 lms.newcag.be/lib/javascript.php/1631751669/lib/polyfills/polyfill.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (17856), with no line terminators
Hash b00bc2defa5b15d6ace9fbfbb21e497b
bbc448bdeaaf79a982ba1d192107f07aebe3e123
443e73663610cb7ccb8a7ae7da6f080ddde4a6414ea975e0914edddc6aabdefc
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1631751669/lib/polyfills/polyfill.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "c12d31ef5101d4438cb7d0d6af44c282840f25d0"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
lms.newcag.be/lib/javascript.php/1631751669/lib/javascript-static.js
152.228.220.164200 OK 6.8 kB URL HTTP/1.1 lms.newcag.be/lib/javascript.php/1631751669/lib/javascript-static.js
IP 152.228.220.164:0
File type HTML document, ASCII text, with very long lines (1875)
Hash 9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1631751669/lib/javascript-static.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "60e5dc6b3cbb2b3770a59f9c96f08d8b8c93a554"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
lms.newcag.be/lib/javascript.php/1631751669/lib/requirejs/require.min.js
152.228.220.164200 OK 6.7 kB URL HTTP/1.1 lms.newcag.be/lib/javascript.php/1631751669/lib/requirejs/require.min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (17535)
Hash d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1631751669/lib/requirejs/require.min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "d54aa41839b0d52c09d998c40e347f3dcc93baf8"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
lms.newcag.be/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
152.228.220.164200 OK 84 kB URL HTTP/1.1 lms.newcag.be/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (6010)
Hash 8bcb376a1000018ace15774394400419
2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af
Analyzer Verdict Alert fortinet Malware
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
lms.newcag.be/theme/styles.php/boost/1631751669_1/all
152.228.220.164200 OK 111 kB URL HTTP/1.1 lms.newcag.be/theme/styles.php/boost/1631751669_1/all
IP 152.228.220.164:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 111 kB (111054 bytes)
Hash a4681165ff573c152a5d92c90f6c1da4
2a9ff87390570936579dffb1d18000db28b88321
316021256f8ca06467ef1d3db18199a51ad46f8eea06987bf84f615528c4aeef
Analyzer Verdict Alert fortinet Malware
GET /theme/styles.php/boost/1631751669_1/all HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="styles.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "63b4f838e98332b3d73301498e56ca64736faab0"
Last-Modified: Mon, 21 Mar 2022 15:27:10 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
lms.newcag.be/pluginfile.php/1/core_admin/logocompact/300x300/1631751669/CAG.png
152.228.220.164200 OK 9.1 kB URL HTTP/1.1 lms.newcag.be/pluginfile.php/1/core_admin/logocompact/300x300/1631751669/CAG.png
IP 152.228.220.164:0
File type PNG image data, 250 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash bfd2683edcadc6bd3a154f4fe3aa53b9
90bdc71abebf13973ab13de2c210298bb1b68d8a
f882333aa3fe31f549ede1ae9c848c71e54e29640ffbf9643c528a045abb1d51
GET /pluginfile.php/1/core_admin/logocompact/300x300/1631751669/CAG.png HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="CAG.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Tue, 08 Nov 2022 14:59:57 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Content-Length: 9068
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 14:59:57 GMT
Last-Modified: Fri, 09 Sep 2022 13:29:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
lms.newcag.be/theme/yui_combo.php?m/1631751669/core/event/event-min.js&m/1631751669/filter_mathjaxloader/loader/loader-min.js
152.228.220.164200 OK 857 B URL HTTP/1.1 lms.newcag.be/theme/yui_combo.php?m/1631751669/core/event/event-min.js&m/1631751669/filter_mathjaxloader/loader/loader-min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (2198), with no line terminators
Hash 260b3cd4413738b36a0f5701136e4b68
24f548756b34d4c67c80b44214d1cdd9ff65ea1c
949a6496f576e9171c6d9244bf7eeb8129fc1840f609b502e529851154ade6fc
GET /theme/yui_combo.php?m/1631751669/core/event/event-min.js&m/1631751669/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b3268ba9d735c1e2b62dff94391b2274790a10b9"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
lms.newcag.be/theme/font.php/boost/core/1631751669/fontawesome-webfont.woff2?v=4.7.0
152.228.220.164200 OK 77 kB URL HTTP/1.1 lms.newcag.be/theme/font.php/boost/core/1631751669/fontawesome-webfont.woff2?v=4.7.0
IP 152.228.220.164:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /theme/font.php/boost/core/1631751669/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lms.newcag.be/theme/styles.php/boost/1631751669_1/all
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Etag: "6fe8a90021d692246a13f94cf443bd7fa7e8c67f"
Last-Modified: Thu, 16 Sep 2021 00:21:51 GMT
Content-Length: 77160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/font-woff2
lms.newcag.be/theme/image.php/boost/theme/1631751669/favicon
152.228.220.164200 OK 1.2 kB URL HTTP/1.1 lms.newcag.be/theme/image.php/boost/theme/1631751669/favicon
IP 152.228.220.164:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 135aed33c0a7b8f44f0227a71b9ce345
120e10c8a17aebb31c74b6988f8bce9b05dd6606
7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
Analyzer Verdict Alert fortinet Malware
GET /theme/image.php/boost/theme/1631751669/favicon HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="favicon.ico"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Etag: "c737eb8ddc0cf3fd0b0a9b7a1c509ae13089f06e"
Last-Modified: Thu, 16 Sep 2021 00:21:11 GMT
Content-Length: 1150
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
lms.newcag.be/theme/yui_combo.php?m/1631751669/core/formchangechecker/formchangechecker-min.js
152.228.220.164200 OK 960 B URL HTTP/1.1 lms.newcag.be/theme/yui_combo.php?m/1631751669/core/formchangechecker/formchangechecker-min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (3346), with no line terminators
Hash 2d4ab876b01b8a87555c29fd705ec3a3
59163b820641ee4b2dca4bf34440cabae1814c75
1c66ca0075c1fd9b5e91c8810c71cf87044e35ea7b360c5c06a12faf8a9ffd76
Analyzer Verdict Alert fortinet Malware
GET /theme/yui_combo.php?m/1631751669/core/formchangechecker/formchangechecker-min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "6a2c725b541839eacc9d95d82d89aa1b365694e9"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
lms.newcag.be/lib/requirejs.php/1631751669/core/first.js
152.228.220.164200 OK 309 kB URL HTTP/1.1 lms.newcag.be/lib/requirejs.php/1631751669/core/first.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (10043)
Size 309 kB (309085 bytes)
Hash 228065f3832191fa78e8fd7d2047e019
6c38e9fa0bf8d4832cc6622b1b5c88bd1697298e
070d68c965d30e215785fab2a10cb6e8f68a5bcd6e519e94a3ce9757172211e8
Analyzer Verdict Alert fortinet Malware
GET /lib/requirejs.php/1631751669/core/first.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="requirejs.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "5ccad347acfe3174e205a737357c8a74cbfc7334"
Last-Modified: Thu, 16 Sep 2021 00:21:10 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5EWSiPd6wb3Aul0OfGJ1Zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dbfrNzj/w6yCqc+kXb1v/Rvw7aE=
lms.newcag.be/lib/javascript.php/1631751669/lib/jquery/jquery-3.5.1.min.js
152.228.220.164200 OK 31 kB URL HTTP/1.1 lms.newcag.be/lib/javascript.php/1631751669/lib/jquery/jquery-3.5.1.min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (65451)
Hash 9e20b290f3bf1923af08d826a5e82c86
fa97509e0967c34ea5393af9f7e1a79162404205
9af00f1990a36ea52fb3eee0118efc546fb6976d2fa8d6d048f5e9a896062cf0
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1631751669/lib/jquery/jquery-3.5.1.min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "fee01ee4e2f90feb5af0b8ea82aaf6c7e858abbc"
Last-Modified: Thu, 16 Sep 2021 00:21:11 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
lms.newcag.be/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js
152.228.220.164200 OK 4.8 kB URL HTTP/1.1 lms.newcag.be/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js
IP 152.228.220.164:0
File type ASCII text, with very long lines (3857)
Hash 713bb7fd594c64c3598edc178658783a
5cf119be436a34e733ca1fee6c41b3c8350cedaf
f5cfc9a7087a218ad9951e7e5d22bade76acb58ccac10f3ca1ec891299b6735e
GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b24ca831785ba367093f089618e840be511be85d"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
lms.newcag.be/lib/ajax/service.php?sesskey=CUbKdV4izG&info=media_videojs_get_language
152.228.220.164200 OK 4.5 kB URL HTTP/1.1 lms.newcag.be/lib/ajax/service.php?sesskey=CUbKdV4izG&info=media_videojs_get_language
IP 152.228.220.164:0
File type JSON data\012- , ASCII text, with very long lines (4530), with no line terminators
Hash 4d5523cbc76f44fe608854860b0a2569
b821723eb7ecf0b7e97c516fbbc88c3b85560229
2088fbe413aa7bc5fc811ec5778bd623becf7c1c149d2f12fc8c21ad7cd343d5
POST /lib/ajax/service.php?sesskey=CUbKdV4izG&info=media_videojs_get_language HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: https://lms.newcag.be
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
lms.newcag.be/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
152.228.220.164200 OK 30 kB URL HTTP/1.1 lms.newcag.be/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
IP 152.228.220.164:0
File type JSON data\012- , ASCII text, with very long lines (30335), with no line terminators
Hash d524f73a29e9b843039ae1cb6cbb32d2
cc543fc5baddf7344d1bfc74b2379e566dec348e
d93c5799a66eb9410fac78ba5931b91952e86535506c004bf508ef4b1fdac69b
GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
lms.newcag.be/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1661047862&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
152.228.220.164200 OK 211 B URL HTTP/1.1 lms.newcag.be/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1661047862&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP 152.228.220.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c135ebb8306e47146c197265b9c9022b
425c439b399cc4a29df884f4ac5aa75505944c2c
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1661047862&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
lms.newcag.be/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
152.228.220.164200 OK 2.4 kB URL HTTP/1.1 lms.newcag.be/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP 152.228.220.164:0
File type JSON data\012- , ASCII text, with very long lines (2422), with no line terminators
Hash f2f5d195ae0262b5de27122ead127b83
021acaf9e14d4fd6992da17347faf26bd4697d65
380abdf554c0d04799270cb6d2effc74cde736b03adf4cc3b1e3aac6cadab2c1
GET /lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: lms.newcag.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba8d1b764c2d18807caecb5ee1e046c0
c0e3d10ce67f77a92b54954410e30621af7ee87c
f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 61971
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 60277
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 37658
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 59606
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: eaf81b32-3b53-4e89-a9d0-943bc9f9982f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0j0QFhxoAMF-Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b34e-114287d30092033a2b54ec01;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:39:58 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: _mlXN3nJ7ZPcUDWIqqiv2CB6dkSJ2Y-AZIXNs4xOj18ZX6DYMdhXAA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:19 GMT
age: 62019
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9ca2de4e61d1aae73da7d13ad3ec727
15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad
911550bc2b8e4c4aad215692361fe494275002f89faa9eae2e2fc2664da1107c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12107
x-amzn-requestid: 9ea883d8-b844-49d0-8651-67124d2c0852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgHANIAMF5rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-137ad22c52baa6fb04ae190d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fq_ew5bfpcSJ7F229SyDLZlpOnmSWujlU7HzwsQIS1q2HZSvsHGuvQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:13:21 GMT
age: 60397
etag: "15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2