Overview

URL lms.newcag.be/login/forgot_password.php
IP152.228.220.164
ASNOVH SAS
Location France
Report completed2022-09-09 15:00:07 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-09 2 lms.newcag.be/login/forgot_password.php Malware
2022-09-09 2 lms.newcag.be/login/forgot_password.php Malware
2022-09-09 2 lms.newcag.be/lib/javascript.php/1631751669/lib/babel-polyfill/polyfill.min.js Malware
2022-09-09 2 lms.newcag.be/lib/javascript.php/1631751669/lib/polyfills/polyfill.js Malware
2022-09-09 2 lms.newcag.be/lib/javascript.php/1631751669/lib/javascript-static.js Malware
2022-09-09 2 lms.newcag.be/lib/javascript.php/1631751669/lib/requirejs/require.min.js Malware
2022-09-09 2 lms.newcag.be/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js Malware
2022-09-09 2 lms.newcag.be/theme/styles.php/boost/1631751669_1/all Malware
2022-09-09 2 lms.newcag.be/theme/font.php/boost/core/1631751669/fontawesome-webfont.woff (...) Malware
2022-09-09 2 lms.newcag.be/theme/image.php/boost/theme/1631751669/favicon Malware
2022-09-09 2 lms.newcag.be/theme/yui_combo.php?m/1631751669/core/formchangechecker/formc (...) Malware
2022-09-09 2 lms.newcag.be/lib/requirejs.php/1631751669/core/first.js Malware
2022-09-09 2 lms.newcag.be/lib/javascript.php/1631751669/lib/jquery/jquery-3.5.1.min.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-09 12:02:18 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-09 04:43:53 UTC 52.35.74.102
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-09 07:18:24 UTC 34.120.237.76
mnemonic passive DNS lms.newcag.be (21) 0 2019-07-03 10:24:09 UTC 2022-09-09 11:05:47 UTC 152.228.220.164 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-09 05:37:59 UTC 143.204.55.115
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-09 04:40:05 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-09 04:47:11 UTC 143.204.55.49
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-09 04:48:21 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 152.228.220.164

Date UQ / IDS / BL URL IP
2022-09-09 15:00:07 +0000
0 - 0 - 13 lms.newcag.be/login/forgot_password.php 152.228.220.164

Last 5 reports on ASN: OVH SAS

Date UQ / IDS / BL URL IP
2022-12-06 19:20:45 +0000
0 - 0 - 1 technob2bzone.com/campaigns/xz64857z3da19/tra (...) 167.114.36.53
2022-12-06 19:05:48 +0000
0 - 0 - 1 www.estadoempresaweblife.com/1670353027/ib/pr (...) 46.105.204.31
2022-12-06 18:43:57 +0000
0 - 0 - 1 mattwhitaker.com/wp-content/plugins/radiantth (...) 139.99.69.157
2022-12-06 18:34:07 +0000
0 - 0 - 0 vps-e469f57b.vps.ovh.ca/ 51.79.158.235
2022-12-06 18:26:22 +0000
0 - 0 - 9 baladia.ma/info/af02df16ff77f487b3e77dd359192 (...) 51.178.240.56

Last 1 reports on domain: newcag.be

Date UQ / IDS / BL URL IP
2022-09-09 15:00:07 +0000
0 - 0 - 13 lms.newcag.be/login/forgot_password.php 152.228.220.164

No other reports with similar screenshot



JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (38)


Request Response
                                        
                                            GET /login/forgot_password.php HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         152.228.220.164
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Sep 2022 14:59:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://lms.newcag.be/login/forgot_password.php
Content-Length: 334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   334
Md5:    9e691ee770b455fca0de40d1431280af
Sha1:   eeceb39d31466c7fe26600f1a017642b3b1d8879
Sha256: defe90c83aa2e282927c2d7e09e645d2b8b609df09f839b2179bb2e01c45f1ce

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 14:05:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qwEv4VU2jUD_UUB5oYH8pbf63jFVKge9FyKOQb1kG881WvZghAkE8Q==
Age: 3248


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4002
Expires: Fri, 09 Sep 2022 16:06:38 GMT
Date: Fri, 09 Sep 2022 14:59:56 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m_8TWSEfhvt1avT6OsGbIv7TZHa4kfCn7H6_2UTluTUOildN0nXOQw==
age: 40402
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Sep 2022 14:59:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A61274F5F6CA9C8B804F98D87592BDBCC49D4D29F7DB69CEE36DB3F1C7782E85"
Last-Modified: Fri, 09 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21504
Expires: Fri, 09 Sep 2022 20:58:21 GMT
Date: Fri, 09 Sep 2022 14:59:57 GMT
Connection: keep-alive

                                        
                                            GET /login/forgot_password.php HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires:
Accept-Ranges: none
X-Frame-Options: sameorigin
Set-Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60; path=/; secure
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11861)
Size:   7657
Md5:    59edf85e2772ed71175c3f69860ba876
Sha1:   af447b02fdaa01e69d761e27e396856496a5186c
Sha256: a11362cb49ef813c9f8800dfd70dcbc22999f523dbcd8437edc5d75a89d60e11

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (1965)
Size:   1031
Md5:    954717f56656e687295097c986703269
Sha1:   eacac549df0a6f873918b09c167f67683363484f
Sha256: 3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 14:56:07 GMT
Expires: Fri, 09 Sep 2022 15:49:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mN4ZajHQO_-6FO_osVf4P_s53EWO9y8b2WoMbcNnZcoAhZ_7jb8ilQ==
Age: 230


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /lib/javascript.php/1631751669/lib/babel-polyfill/polyfill.min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "15b0127c42918713e345de4cc3bb0a82bf6b3c45"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Size:   34221
Md5:    a8da4866c35fec35e4ead0c273e5d8fe
Sha1:   cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
Sha256: f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/javascript.php/1631751669/lib/polyfills/polyfill.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "c12d31ef5101d4438cb7d0d6af44c282840f25d0"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (17856), with no line terminators
Size:   5244
Md5:    b00bc2defa5b15d6ace9fbfbb21e497b
Sha1:   bbc448bdeaaf79a982ba1d192107f07aebe3e123
Sha256: 443e73663610cb7ccb8a7ae7da6f080ddde4a6414ea975e0914edddc6aabdefc

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/javascript.php/1631751669/lib/javascript-static.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "60e5dc6b3cbb2b3770a59f9c96f08d8b8c93a554"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1875)
Size:   6777
Md5:    9a4c20372f0c53bc61ac3c90d203776a
Sha1:   05879d8f0e082b0663c76e1c81ff2e368d8a09ae
Sha256: b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/javascript.php/1631751669/lib/requirejs/require.min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "d54aa41839b0d52c09d998c40e347f3dcc93baf8"
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (17535)
Size:   6662
Md5:    d52d474e00d80d4373cf714f60707c21
Sha1:   74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
Sha256: 4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (6010)
Size:   84392
Md5:    8bcb376a1000018ace15774394400419
Sha1:   2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
Sha256: ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/styles.php/boost/1631751669_1/all HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="styles.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "63b4f838e98332b3d73301498e56ca64736faab0"
Last-Modified: Mon, 21 Mar 2022 15:27:10 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size:   111054
Md5:    a4681165ff573c152a5d92c90f6c1da4
Sha1:   2a9ff87390570936579dffb1d18000db28b88321
Sha256: 316021256f8ca06467ef1d3db18199a51ad46f8eea06987bf84f615528c4aeef

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /pluginfile.php/1/core_admin/logocompact/300x300/1631751669/CAG.png HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="CAG.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Tue, 08 Nov 2022 14:59:57 GMT
Pragma:
Accept-Ranges: bytes
Last-Modified: Thu, 16 Sep 2021 00:21:09 GMT
Content-Length: 9068
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 250 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size:   9068
Md5:    bfd2683edcadc6bd3a154f4fe3aa53b9
Sha1:   90bdc71abebf13973ab13de2c210298bb1b68d8a
Sha256: f882333aa3fe31f549ede1ae9c848c71e54e29640ffbf9643c528a045abb1d51
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 14:59:57 GMT
Last-Modified: Fri, 09 Sep 2022 13:29:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /theme/yui_combo.php?m/1631751669/core/event/event-min.js&m/1631751669/filter_mathjaxloader/loader/loader-min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b3268ba9d735c1e2b62dff94391b2274790a10b9"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (2198), with no line terminators
Size:   857
Md5:    260b3cd4413738b36a0f5701136e4b68
Sha1:   24f548756b34d4c67c80b44214d1cdd9ff65ea1c
Sha256: 949a6496f576e9171c6d9244bf7eeb8129fc1840f609b502e529851154ade6fc
                                        
                                            GET /theme/font.php/boost/core/1631751669/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lms.newcag.be/theme/styles.php/boost/1631751669_1/all
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Etag: "6fe8a90021d692246a13f94cf443bd7fa7e8c67f"
Last-Modified: Thu, 16 Sep 2021 00:21:51 GMT
Content-Length: 77160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/image.php/boost/theme/1631751669/favicon HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="favicon.ico"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Etag: "c737eb8ddc0cf3fd0b0a9b7a1c509ae13089f06e"
Last-Modified: Thu, 16 Sep 2021 00:21:11 GMT
Content-Length: 1150
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    135aed33c0a7b8f44f0227a71b9ce345
Sha1:   120e10c8a17aebb31c74b6988f8bce9b05dd6606
Sha256: 7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/yui_combo.php?m/1631751669/core/formchangechecker/formchangechecker-min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "6a2c725b541839eacc9d95d82d89aa1b365694e9"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (3346), with no line terminators
Size:   960
Md5:    2d4ab876b01b8a87555c29fd705ec3a3
Sha1:   59163b820641ee4b2dca4bf34440cabae1814c75
Sha256: 1c66ca0075c1fd9b5e91c8810c71cf87044e35ea7b360c5c06a12faf8a9ffd76

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/requirejs.php/1631751669/core/first.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="requirejs.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "5ccad347acfe3174e205a737357c8a74cbfc7334"
Last-Modified: Thu, 16 Sep 2021 00:21:10 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (10043)
Size:   309085
Md5:    228065f3832191fa78e8fd7d2047e019
Sha1:   6c38e9fa0bf8d4832cc6622b1b5c88bd1697298e
Sha256: 070d68c965d30e215785fab2a10cb6e8f68a5bcd6e519e94a3ce9757172211e8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5EWSiPd6wb3Aul0OfGJ1Zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dbfrNzj/w6yCqc+kXb1v/Rvw7aE=

                                        
                                            GET /lib/javascript.php/1631751669/lib/jquery/jquery-3.5.1.min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="javascript.php"
Expires: Thu, 08 Dec 2022 14:59:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "fee01ee4e2f90feb5af0b8ea82aaf6c7e858abbc"
Last-Modified: Thu, 16 Sep 2021 00:21:11 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30914
Md5:    9e20b290f3bf1923af08d826a5e82c86
Sha1:   fa97509e0967c34ea5393af9f7e1a79162404205
Sha256: 9af00f1990a36ea52fb3eee0118efc546fb6976d2fa8d6d048f5e9a896062cf0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Disposition: inline; filename="combo"
Expires: Mon, 04 Sep 2023 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sun, 12 Sep 2021 10:37:26 GMT
Etag: "b24ca831785ba367093f089618e840be511be85d"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (3857)
Size:   4808
Md5:    713bb7fd594c64c3598edc178658783a
Sha1:   5cf119be436a34e733ca1fee6c41b3c8350cedaf
Sha256: f5cfc9a7087a218ad9951e7e5d22bade76acb58ccac10f3ca1ec891299b6735e
                                        
                                            POST /lib/ajax/service.php?sesskey=CUbKdV4izG&info=media_videojs_get_language HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: https://lms.newcag.be
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4530), with no line terminators
Size:   4530
Md5:    4d5523cbc76f44fe608854860b0a2569
Sha1:   b821723eb7ecf0b7e97c516fbbc88c3b85560229
Sha256: 2088fbe413aa7bc5fc811ec5778bd623becf7c1c149d2f12fc8c21ad7cd343d5
                                        
                                            GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (30335), with no line terminators
Size:   30335
Md5:    d524f73a29e9b843039ae1cb6cbb32d2
Sha1:   cc543fc5baddf7344d1bfc74b2379e566dec348e
Sha256: d93c5799a66eb9410fac78ba5931b91952e86535506c004bf508ef4b1fdac69b
                                        
                                            GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1661047862&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   211
Md5:    c135ebb8306e47146c197265b9c9022b
Sha1:   425c439b399cc4a29df884f4ac5aa75505944c2c
Sha256: afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
                                        
                                            GET /lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1631751669&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1 
Host: lms.newcag.be
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lms.newcag.be/login/forgot_password.php
Cookie: MoodleSession=80k202iq9p212gfd1bnucjbj60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         152.228.220.164
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Fri, 09 Sep 2022 14:59:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 08 Dec 2022 14:59:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2422), with no line terminators
Size:   2422
Md5:    f2f5d195ae0262b5de27122ead127b83
Sha1:   021acaf9e14d4fd6992da17347faf26bd4697d65
Sha256: 380abdf554c0d04799270cb6d2effc74cde736b03adf4cc3b1e3aac6cadab2c1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7570
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 14:59:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 61971
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9011
Md5:    ba8d1b764c2d18807caecb5ee1e046c0
Sha1:   c0e3d10ce67f77a92b54954410e30621af7ee87c
Sha256: f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 60277
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4002
Md5:    c9590b525c8b07a297c8784f02b161a1
Sha1:   cec8428d159a5bde29e89c64cfb04146f759d52b
Sha256: d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
age: 37658
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3125
Md5:    0078c7a407144a1ede33aef6f734eecf
Sha1:   113393e0dbabb3aff949d19ab6517ba1082b622d
Sha256: 42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 59606
etag: "70ede5692526afd351d134a391383461dafdc64f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4532
Md5:    a5fdeb374d4e3669ce5d9ff2cd22cd19
Sha1:   70ede5692526afd351d134a391383461dafdc64f
Sha256: 10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7515
x-amzn-requestid: eaf81b32-3b53-4e89-a9d0-943bc9f9982f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0j0QFhxoAMF-Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b34e-114287d30092033a2b54ec01;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:39:58 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: _mlXN3nJ7ZPcUDWIqqiv2CB6dkSJ2Y-AZIXNs4xOj18ZX6DYMdhXAA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:19 GMT
age: 62019
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7515
Md5:    60fa03262bb3728f24a4c7a8177ec788
Sha1:   09dcbdc6043f01dd56920cca3ce3920d0d07b795
Sha256: e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a39739-e855-4625-859f-7e2fed3d2511.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12107
x-amzn-requestid: 9ea883d8-b844-49d0-8651-67124d2c0852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgHANIAMF5rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-137ad22c52baa6fb04ae190d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fq_ew5bfpcSJ7F229SyDLZlpOnmSWujlU7HzwsQIS1q2HZSvsHGuvQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:13:21 GMT
age: 60397
etag: "15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12107
Md5:    a9ca2de4e61d1aae73da7d13ad3ec727
Sha1:   15cefe1e2be8ad63e40cfe02c2f5f8c59af015ad
Sha256: 911550bc2b8e4c4aad215692361fe494275002f89faa9eae2e2fc2664da1107c