Overview

URL training.daystar.ac.ke/login/forgot_password.php
IP41.89.16.6
ASNKenya Education Network
Location Kenya
Report completed2022-09-17 14:57:04 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-17 2 training.daystar.ac.ke/login/forgot_password.php Malware
2022-09-17 2 training.daystar.ac.ke/login/forgot_password.php Malware
2022-09-17 2 training.daystar.ac.ke/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js Malware
2022-09-17 2 piwik.daystar.ac.ke/piwik.js Malware
2022-09-17 2 training.daystar.ac.ke/lib/requirejs.php?file=%2F1662049511%2F/core_form/ev (...) Malware
2022-09-17 2 training.daystar.ac.ke/lib/requirejs.php?file=%2F1662049511%2F/core/first.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-17 12:08:38 UTC 143.204.55.35
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-17 04:50:33 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-17 06:12:04 UTC 143.204.55.49
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-17 04:50:44 UTC 34.120.237.76
mnemonic passive DNS piwik.daystar.ac.ke (3) 0 2020-06-09 12:45:31 UTC 2022-09-06 22:19:56 UTC 41.89.16.6 Domain (daystar.ac.ke) ranked at: 459142
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-17 04:54:02 UTC 34.117.237.239
mnemonic passive DNS training.daystar.ac.ke (20) 0 2017-12-22 14:24:37 UTC 2022-09-17 09:24:55 UTC 41.89.16.6 Domain (daystar.ac.ke) ranked at: 459142
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-17 08:47:22 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-17 05:57:39 UTC 34.217.237.91


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 41.89.16.6

Date UQ / IDS / BL URL IP
2022-09-17 14:57:04 +0000
0 - 0 - 6 training.daystar.ac.ke/login/forgot_password.php 41.89.16.6

Last 5 reports on ASN: Kenya Education Network

Date UQ / IDS / BL URL IP
2022-11-23 03:48:37 +0000
0 - 0 - 1 puea.ac.ke/Confirm/customer_center/customer_C (...) 41.204.160.15
2022-10-07 14:39:04 +0000
0 - 0 - 2 sbe.mut.ac.ke/wp-includes/m2/ 41.204.160.15
2022-09-17 14:57:04 +0000
0 - 0 - 6 training.daystar.ac.ke/login/forgot_password.php 41.89.16.6
2022-09-13 11:13:42 +0000
0 - 0 - 4 dspace.daystar.ac.ke/handle/123456789/2934 41.89.16.78
2022-09-07 15:46:02 +0000
0 - 0 - 1 www.kimc.ac.ke/libraries/legacy/dispatcher/la (...) 197.136.17.23

Last 2 reports on domain: daystar.ac.ke

Date UQ / IDS / BL URL IP
2022-09-17 14:57:04 +0000
0 - 0 - 6 training.daystar.ac.ke/login/forgot_password.php 41.89.16.6
2022-09-13 11:13:42 +0000
0 - 0 - 4 dspace.daystar.ac.ke/handle/123456789/2934 41.89.16.78

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-22 12:32:23 +0000
0 - 0 - 12 moodle.vample.com/login/forgot_password.php 3.0.6.6


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 14:11:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ba4yHS0aJrhuH2KHeKCKneIr6SLoqRVHMxfF_Xp1-FzpN0S1TnIG1g==
Age: 2728


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18685
Expires: Sat, 17 Sep 2022 20:08:18 GMT
Date: Sat, 17 Sep 2022 14:56:53 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: emeG5CHIWRdAtRHDgMWhq5swXDSzKwEfAdAJmytC7Dd0ajACmCXCIw==
age: 41171
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 17 Sep 2022 14:56:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /login/forgot_password.php HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         41.89.16.6
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 17 Sep 2022 14:56:53 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
Location: https://training.daystar.ac.ke/login/forgot_password.php
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   264
Md5:    b1e56fc20fea1fe6becb32448afda13e
Sha1:   2dbe9f690740d5012d690a3d6ef5f7290e2d24af
Sha256: f2782311535db7e742822553de1d332472bfcf7a83a5e634e61c657739b4cdde

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 14:41:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lOFIS6oFXs12-jEqwsf59ksAffyIRFRbFGqswWu4dL7nJrwIIzHx4w==
Age: 3212


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3588
Cache-Control: 'max-age=158059'
Date: Sat, 17 Sep 2022 14:56:54 GMT
Last-Modified: Sat, 17 Sep 2022 13:57:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F2BBC0CC15AD2E754A64B01E51F68C063C102031B4E70263E5CF0389E9498858"
Last-Modified: Fri, 16 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2940
Expires: Sat, 17 Sep 2022 15:45:54 GMT
Date: Sat, 17 Sep 2022 14:56:54 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0KdL+7bIq8WDwVxbYThTjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tgZjXmoZqmI5JVBOUvcGCjkL7ww=

                                        
                                            GET /login/forgot_password.php HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:54 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Set-Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; path=/
Expires:
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Accept-Ranges: none
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12816)
Size:   28716
Md5:    8167097ba46b4fcc8e8c125513ae04c5
Sha1:   916c384d3726cf74a5ccb7bfb7a022359044a11f
Sha256: 1f2e7d5dabdfaf12a2ae6f527438deab3f483655b89eec0af30614ae281a4f5a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 26 Aug 2022 11:07:38 GMT
Expires: Tue, 12 Sep 2023 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1031
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1965)
Size:   1031
Md5:    954717f56656e687295097c986703269
Sha1:   eacac549df0a6f873918b09c167f67683363484f
Sha256: 3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
                                        
                                            GET /lib/javascript.php?rev=1662049511&jsfile=%2Flib%2Frequirejs%2Frequire.min.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "5362fcb42f1953dc8e446417a1d6bb3f85062f86"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Thu, 01 Sep 2022 16:25:12 GMT
Expires: Fri, 16 Dec 2022 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6662
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (17535)
Size:   6662
Md5:    d52d474e00d80d4373cf714f60707c21
Sha1:   74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
Sha256: 4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
                                        
                                            GET /lib/javascript.php?rev=1662049511&jsfile=%2Flib%2Fjavascript-static.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "13cd118bef9125e57ae6f8e278fabc412edafdfb"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Thu, 01 Sep 2022 16:25:12 GMT
Expires: Fri, 16 Dec 2022 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6812
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1875)
Size:   6812
Md5:    71c0986b7353ce9fa8abf6d0e4d3a1ab
Sha1:   a902f85fd0bc00eb63f19c201636ec2c52cc5e45
Sha256: f13654681d02d6597b044b73eb021d54129833b20c2ca93138346fbfc13a5169
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10818
Expires: Sat, 17 Sep 2022 17:57:13 GMT
Date: Sat, 17 Sep 2022 14:56:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10818
Expires: Sat, 17 Sep 2022 17:57:13 GMT
Date: Sat, 17 Sep 2022 14:56:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10818
Expires: Sat, 17 Sep 2022 17:57:13 GMT
Date: Sat, 17 Sep 2022 14:56:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10818
Expires: Sat, 17 Sep 2022 17:57:13 GMT
Date: Sat, 17 Sep 2022 14:56:55 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12221
x-amzn-requestid: ede87d50-8626-40bf-bb1a-d3f95e252f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUrGuqIAMF7tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-2952b2ba7271a5b516295a55;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YYSEIw0DmOePLbviwIigaNWxlKzqTFrurV_maW5JaW7Ahij-HtioaA==
via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:54:30 GMT
age: 61345
etag: "5740a5507f21449319597ef49dbb456cbf7372b5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12221
Md5:    1f1583c126dab43886a89cda3f82d760
Sha1:   5740a5507f21449319597ef49dbb456cbf7372b5
Sha256: 3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 00:42:42 GMT
age: 51253
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6109
Md5:    8c35b7f5f8e1b0b24570a41b7d18533a
Sha1:   c5b82c9d77851820b8d206573d5c03cd36d27a20
Sha256: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5234
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yknn_EFzoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63"
age: 62133
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5234
Md5:    9c807387d303abb2bca1ef14b14c9e26
Sha1:   428fe80d3f35758433a6b2cf25e6bcb5f63a6a63
Sha256: 277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 60807
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    d46a910081eb782408f1a2fa3c6aabba
Sha1:   28ac45ef155c66dd79a306f14d3b38f597b6a32e
Sha256: d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9280
x-amzn-requestid: acc18b78-3596-4d7d-9124-8bdb422171f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsHsVoAMFm0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-460db789669ecf5f1ad4d3c4;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3FqpHvXOa57CepJAzZ7IMViWsC5WSwTEjIqDCC58cFFewd6-xr4moA==
via: 1.1 bb568be725e8f0bfefe1fb7412e5804a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 23:32:58 GMT
age: 55437
etag: "5dc0ef56244f8a5ddbb7823e25c61312860b2d0f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9280
Md5:    571f174a66e87ea77b36542c6c7a29a4
Sha1:   5dc0ef56244f8a5ddbb7823e25c61312860b2d0f
Sha256: e624e35cc734b8cacc2a8eaa80c81175a879c1195d7a4c65cdcd769836b96a1b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 59144
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7788
Md5:    7a22ab7dcdf50f4a297b8e117d336eae
Sha1:   e139a0974317212f094fdbe59e26ca5cf6b9e56d
Sha256: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
                                        
                                            GET /lib/javascript.php?rev=1662049511&jsfile=%2Flib%2Fpolyfills%2Fpolyfill.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "191e996727510b5e99e62e7a309b15fa3f738e25"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Thu, 01 Sep 2022 16:25:12 GMT
Expires: Fri, 16 Dec 2022 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (36874)
Size:   60482
Md5:    ce9415d2c1929e4a1b7d898589fe26af
Sha1:   075322fe75631ff4465484d633c504b90502e761
Sha256: 1178b68f63a7c959c95d189d57c8688ea44ec623cddfc86b2abe8cf08e3b837c
                                        
                                            GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 26 Aug 2022 11:07:38 GMT
Expires: Tue, 12 Sep 2023 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (6010)
Size:   84392
Md5:    8bcb376a1000018ace15774394400419
Sha1:   2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
Sha256: ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /theme/styles.php?theme=boost&rev=1662049511_1&type=all HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:55 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "02e278bc597b7bdba431361366f3d73b552a8281"
Content-Disposition: inline; filename="styles.php"
Last-Modified: Thu, 01 Sep 2022 16:25:16 GMT
Expires: Fri, 16 Dec 2022 14:56:55 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size:   163654
Md5:    b6cbd781c5dec64afb7885420005e5ad
Sha1:   80c29044881f9f873b0954daf75cc9b00039a46d
Sha256: dcd9e9a97253fc7c62f071bab0e063a0121fa0d1e8e876e909529bdd2d06b659
                                        
                                            GET /theme/yui_combo.php?m/1662049511/core/event/event-min.js&m/1662049511/filter_mathjaxloader/loader/loader-min.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 17 Sep 2022 14:56:56 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 26 Aug 2022 11:07:38 GMT
Expires: Tue, 12 Sep 2023 14:56:56 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "9facba89c57dea6cc1172606d15c1333b207ee7b"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1047
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2627), with no line terminators
Size:   1047
Md5:    ed721a80e424f86e1ab0d36ddbb1b2d0
Sha1:   6401cd77a250b875c3af769f56d0afa81acf5af7
Sha256: a1d7d3b73b7c5f5d7447c54b0c4c1b8058ad5ac9352f451cffc55db050df9112
                                        
                                            GET /theme/font.php?theme=boost&component=core&rev=1662049511&font=fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://training.daystar.ac.ke/theme/styles.php?theme=boost&rev=1662049511_1&type=all
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Sat, 17 Sep 2022 14:56:56 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "ec0161aa356a886782d34cb7f52ccaf9cd224afe"
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Last-Modified: Thu, 01 Sep 2022 16:25:24 GMT
Expires: Fri, 16 Dec 2022 14:56:56 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 77160
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /theme/image.php?theme=boost&component=theme&rev=1662049511&image=favicon HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Sat, 17 Sep 2022 14:56:57 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "5dc990c9c1c49231b27b5566ce9cc738472ef8f3"
Content-Disposition: inline; filename="favicon.ico"
Last-Modified: Thu, 01 Sep 2022 16:25:17 GMT
Expires: Fri, 16 Dec 2022 14:56:57 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
Content-Length: 1150
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    135aed33c0a7b8f44f0227a71b9ce345
Sha1:   120e10c8a17aebb31c74b6988f8bce9b05dd6606
Sha256: 7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
                                        
                                            GET /piwik.js HTTP/1.1 
Host: piwik.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sat, 17 Sep 2022 14:56:56 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
Last-Modified: Thu, 04 Aug 2022 07:38:12 GMT
ETag: "fbde-5e5656e8fbf26"
Accept-Ranges: bytes
Content-Length: 64478
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1601)
Size:   64478
Md5:    e9e9d0884aaa3aa73208190831ad132e
Sha1:   af8e8910de429e3648ceed380aa8bb091029e26b
Sha256: 5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/requirejs.php?file=%2F1662049511%2F/core_form/events.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:56 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "1e67af21739f682d7be73556a1cda7b5f622d39e"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Thu, 01 Sep 2022 16:25:17 GMT
Expires: Fri, 16 Dec 2022 14:56:56 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (31676)
Size:   864743
Md5:    72887cfefc21540d0dd9987696f6eacb
Sha1:   455d596427470a9dbcc1572665e1150c9e5d2639
Sha256: f535141d13ca0e418d4cf8d521f88c720308f79049a70f4dfe5f084591b63410

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /lib/requirejs.php?file=%2F1662049511%2F/core/first.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:56 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "1e67af21739f682d7be73556a1cda7b5f622d39e"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Thu, 01 Sep 2022 16:25:17 GMT
Expires: Fri, 16 Dec 2022 14:56:56 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (31676)
Size:   864743
Md5:    72887cfefc21540d0dd9987696f6eacb
Sha1:   455d596427470a9dbcc1572665e1150c9e5d2639
Sha256: f535141d13ca0e418d4cf8d521f88c720308f79049a70f4dfe5f084591b63410

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /piwik.php?action_name=Forgotten%20password&idsite=4&rec=1&r=188143&h=14&m=56&s=40&url=https%3A%2F%2Ftraining.daystar.ac.ke%2Flogin%2Fforgot_password.php&_id=db6a34dcefdb49d7&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=2vCcC4&pf_net=468&pf_srv=163&pf_tfr=407&pf_dm1=1397 HTTP/1.1 
Host: piwik.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://training.daystar.ac.ke
Connection: keep-alive
Referer: https://training.daystar.ac.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         41.89.16.6
HTTP/1.1 204 No Response
                                        
Date: Sat, 17 Sep 2022 14:56:57 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Access-Control-Allow-Origin: https://training.daystar.ac.ke
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            GET /lib/javascript.php?file=%2F1662049511%2Flib/jquery/jquery-3.6.0.min.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:58 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Etag: "b8b2fac47f660ccc6f6c7914e5d2a945e7f31778"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Thu, 01 Sep 2022 16:25:17 GMT
Expires: Fri, 16 Dec 2022 14:56:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30906
Md5:    b356459fdf4586cb17866ee79db1a740
Sha1:   c810ffed64e9eafe9f80b0609858ec77b1cf2ea7
Sha256: b5cadc039eec1ec56b1e533d5910e0f9b6c12388339c93854025cc29644d6e74
                                        
                                            POST /piwik.php?action_name=&idsite=4&rec=1&r=778099&h=14&m=56&s=40&url=https%3A%2F%2Ftraining.daystar.ac.ke%2Flogin%2Fforgot_password.php&_id=db6a34dcefdb49d7&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=bddrlU&pf_net=468&pf_srv=163&pf_tfr=407&pf_dm1=1397 HTTP/1.1 
Host: piwik.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://training.daystar.ac.ke
Connection: keep-alive
Referer: https://training.daystar.ac.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         41.89.16.6
HTTP/1.1 204 No Response
                                        
Date: Sat, 17 Sep 2022 14:56:58 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Access-Control-Allow-Origin: https://training.daystar.ac.ke
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 17 Sep 2022 14:56:58 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 26 Aug 2022 11:07:38 GMT
Expires: Tue, 12 Sep 2023 14:56:58 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b24ca831785ba367093f089618e840be511be85d"
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4808
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3857)
Size:   4808
Md5:    713bb7fd594c64c3598edc178658783a
Sha1:   5cf119be436a34e733ca1fee6c41b3c8350cedaf
Sha256: f5cfc9a7087a218ad9951e7e5d22bade76acb58ccac10f3ca1ec891299b6735e
                                        
                                            POST /lib/ajax/service.php?sesskey=H2KvyhkjLA&info=media_videojs_get_language HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: https://training.daystar.ac.ke
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:58 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 4531
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4531), with no line terminators
Size:   4531
Md5:    1d55bc8fb15ace98616b30027310a057
Sha1:   1109dee50f7660eb75b2ec7dfc5889434d91351c
Sha256: aaf9075c9b35ee27d05a21e89ec43d1b2013a8151360e59050c8977edd33d5b8
                                        
                                            GET /lib/ajax/service-nologin.php?info=core_get_string&cachekey=1663291866&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22changesmadereallygoaway%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22moodle%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:58 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Expires: Fri, 16 Dec 2022 14:56:58 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 111
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   111
Md5:    aa4910d44753abc18bf53998693d909d
Sha1:   96a26d0478af621a4df6bde7cbc05a8176806903
Sha256: 28824dbe3abcada0b65643717944a5f84416d44cbb5b5e478cb25bbc56d4e7a0
                                        
                                            GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1663291866&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:59 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Expires: Fri, 16 Dec 2022 14:56:59 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 211
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   211
Md5:    c135ebb8306e47146c197265b9c9022b
Sha1:   425c439b399cc4a29df884f4ac5aa75505944c2c
Sha256: afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
                                        
                                            GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1662049511&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:59 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Expires: Fri, 16 Dec 2022 14:56:59 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (35534), with no line terminators
Size:   35534
Md5:    a58677024b234721f00c85d466b970d8
Sha1:   279b0322353cbdae660ef5367c2a587d0f3174bd
Sha256: 0f89debf508d957312456bd777d9c7d15880cbc30749af82c89b0b6a1a00a29d
                                        
                                            GET /lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1662049511&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1 
Host: training.daystar.ac.ke
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://training.daystar.ac.ke/login/forgot_password.php
Cookie: MoodleSession=9rmtj2s707jj0jksjk3s351prf; _pk_id.4.1ea5=db6a34dcefdb49d7.1663426600.; _pk_ses.4.1ea5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         41.89.16.6
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Date: Sat, 17 Sep 2022 14:56:59 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.0.15 mod_perl/2.0.11 Perl/v5.32.1
X-Powered-By: PHP/8.0.15
Expires: Fri, 16 Dec 2022 14:56:59 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Length: 2366
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2366), with no line terminators
Size:   2366
Md5:    277cbffc8b01633c828dc3c8745240ae
Sha1:   67c5c5c693b256710fe2c8d51a9ac72541dc3a57
Sha256: 09604128b770c0e743538b387c387056ab0eb8108d7b700e98affe9d18d55a52