Report - moodle.vample.com/login/forgot

Report Overview

Submitted URL
moodle.vample.com/login/forgot_password.php
IP
3.0.6.6
ASN
#16509 AMAZON-02
Submitted
2022-10-22 12:32:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
moodle.vample.com	unknown			12 kB	931 kB	3.0.6.6
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.164.183.116
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	60 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	18.244.155.28
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.3 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-22	medium	moodle.vample.com/login/forgot_password.php	Phishing
2022-10-22	medium	moodle.vample.com/login/forgot_password.php	Phishing
2022-10-22	medium	moodle.vample.com/lib/javascript.php/1664177096/lib/javascript-static.js	Phishing
2022-10-22	medium	moodle.vample.com/lib/javascript.php/1664177096/lib/requirejs/require.min.js	Phishing
2022-10-22	medium	moodle.vample.com/theme/styles.php/classic/1664177095_1/all	Phishing
2022-10-22	medium	moodle.vample.com/lib/javascript.php/1664177096/lib/polyfills/polyfill.js	Phishing
2022-10-22	medium	moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js	Phishing
2022-10-22	medium	moodle.vample.com/theme/font.php/classic/core/1664177095/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-10-22	medium	moodle.vample.com/theme/image.php/classic/theme/1664177095/favicon	Phishing
2022-10-22	medium	moodle.vample.com/lib/requirejs.php/1664177096/core/first.js	Phishing
2022-10-22	medium	moodle.vample.com/lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js	Phishing
2022-10-22	medium	moodle.vample.com/lib/requirejs.php/1664177096/core_form/events.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	moodle.vample.com/login/forgot_password.php	13 kB	2023-03-10	2023-03-10
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:08:34 Last Seen2023-03-10 13:08:34 Times Seen1 Hash 85c3fd63d99f75c4cbb9c5057bdd5631 5b23c627653be792fe786878f0eba06f0c15acd1 c197887a4b298235431c5a1a7d992bd459eb7a10a476175cf1421cca892e784e Loading...

	moodle.vample.com/login/forgot_password.php	1.9 kB	2023-03-10	2023-03-10
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:08:34 Last Seen2023-03-10 13:08:34 Times Seen1 Hash 383a2db66466b1d2d944b8445771ed3f 2df04a0aab3a990ab4304531c946e11fee1bd625 6a7c372bfcc35ac767d5fb5f02b8d8a22004b870eae235ecb68dc671a86aec38 Loading...

	moodle.vample.com/login/forgot_password.php	522 B	2023-03-10	2023-03-10
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:08:34 Last Seen2023-03-10 13:08:34 Times Seen1 Hash 301cb1b309546ac7cb2eef13092a2a38 5b19b4a03ee4ec54134504937b69ea18a2d33d03 a73a12fd418ca16553a79f43cfedd98818b1de5dcef66e1b3ca5ee4670b30a9d Loading...

	moodle.vample.com/lib/javascript.php/1664177096/lib/requirejs/require.min.js	18 kB	2023-03-07	2024-04-26
Pretty URL moodle.vample.com/lib/javascript.php/1664177096/lib/requirejs/require.min.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-26 21:40:08 Times Seen1598 Hash 1f53ac504f7e69a6df96140eed2d4df2 da00136dd3fd0ccab626d7555ccb5fdf1c096fad 9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2 Loading...

	moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js	283 kB	2023-03-07	2024-04-26
Pretty URL moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-26 21:40:08 Times Seen1566 Hash 8039fd714b58260199b364107c92bff6 3776c202a78a99e5eeaafbdc7d8ad61acee3af1d 13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf Loading...

	moodle.vample.com/login/forgot_password.php	60 B	2023-03-07	2024-04-26
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-26 21:40:07 Times Seen1132 Hash dba70bf9335863dea2696ca9da069b01 adfc079c12684d419766c7732c35da693517a7f8 05f515ab150c8852191afb40be55373b5b5337d89d513e48b802293123361798 Loading...

	moodle.vample.com/login/forgot_password.php	1.1 kB	2023-03-10	2023-03-10
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:08:34 Last Seen2023-03-10 13:08:34 Times Seen1 Hash 0d8503e33bd801e9511476670b01c8b0 8665b87b543016e5de891ecd99ff0b45487c283a bcb0392c1fd1f9f71dbb37268567db6adc5732fd3d404255799568c4a48f85f5 Loading...

	moodle.vample.com/login/forgot_password.php	1.2 kB	2023-03-07	2024-04-26
Pretty URL moodle.vample.com/login/forgot_password.php IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:37 Last Seen2024-04-26 10:45:10 Times Seen204 Hash 209ab152a1bbfc96a1a450b31a830d91 968f6710bda41c07c913c0156b4016d869755218 9944f25929b77ebdee4c64c05b1b148f4bf1992e901546a38637c5578e8ce570 Loading...

	moodle.vample.com/theme/yui_combo.php?m/1664177096/core/event/event-min.js&m/1664177096/filter_mathjaxloader/loader/loader-min.js	2.6 kB	2023-03-07	2024-04-17
Pretty URL moodle.vample.com/theme/yui_combo.php?m/1664177096/core/event/event-min.js&m/1664177096/filter_mathjaxloader/loader/loader-min.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:37 Last Seen2024-04-17 03:43:16 Times Seen441 Hash 76617687325f67884815a9b2b0d4e2be 2f7b8734ca64306dad757d2a89fbd2dbb3cdb2fa 01e644698fc787a38c18a7312893aaf9081b994f57f059ba3274361f7b09b206 Loading...

	moodle.vample.com/lib/requirejs.php/1664177096/core_form/events.js	2.3 MB	2023-03-10	2023-03-10
Pretty URL moodle.vample.com/lib/requirejs.php/1664177096/core_form/events.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:08:34 Last Seen2023-03-10 13:08:34 Times Seen1 Hash 5ba96db62a2773c1fe35b5d7f552dd90 34684f876209d8191aaefa1049d7cd5fb00873f2 3d4d0beaff55743c7421814bede8f1373b05b5e46fa993758aa373db275cc219 Loading...

	moodle.vample.com/lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-21
Pretty URL moodle.vample.com/lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2024-04-21 05:36:08 Times Seen288 Hash 54e404edcb6b8902433c6a8123e018a7 fb2f413ac31fd0607b3048426e37d81658cb0ecd 37da17e676b0298cd88c1835b00618318df670f9ed4c199274546d4555248dab Loading...

	moodle.vample.com/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js	15 kB	2023-03-07	2024-04-26
Pretty URL moodle.vample.com/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-26 10:45:15 Times Seen1549 Hash 0151b48e61660bed14bf6acd5bb77210 e096360d7d8819dbbf42e7137ed9e37cdd286700 26d1a45d173703f01ca9bb8be4335bae6005c3bc0a5f78b380ad18fb152b8835 Loading...

	moodle.vample.com/lib/javascript.php/1664177096/lib/javascript-static.js	21 kB	2023-03-07	2024-04-17
Pretty URL moodle.vample.com/lib/javascript.php/1664177096/lib/javascript-static.js IP 3.0.6.6 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:37 Last Seen2024-04-17 03:43:17 Times Seen515 Hash 3e48d7afbba30532379f260739ca39a5 0512338a4efebe9b646a882a1fc09055a8a3eb5a 111b6329693bb290516569c49cd2f5b578d4310138d7fb36fef8fd4a8288a38d Loading...

HTTP Transactions (38)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

18.244.155.28

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.244.155.28:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 12:26:12 GMT
Expires: Sat, 22 Oct 2022 13:24:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 30ef06f785f68fc7da8b2baef8948156.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: ZWWRUKD6VLf-EK5MLvZNkS6ogYYr7J2Rzg1ReE1BI67VMBX8rbJrVw==
Age: 360

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10034
Expires: Sat, 22 Oct 2022 15:19:26 GMT
Date: Sat, 22 Oct 2022 12:32:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10025
Expires: Sat, 22 Oct 2022 15:19:17 GMT
Date: Sat, 22 Oct 2022 12:32:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: yi580ZXo453N/TJv5FT7ggVeAAWRU42Vai7DxdvCvwWjkRfwmNohX5jpot5tjpLA0yHilHdl5CQ=
x-amz-request-id: 237AH8EQKKNYFB2E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 11:37:33 GMT
age: 3279
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 12:32:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

moodle.vample.com/login/forgot_password.php

3.0.6.6

301 Moved Permanently

178 B

URL HTTP/1.1
moodle.vample.com/login/forgot_password.php
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/forgot_password.php HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://moodle.vample.com/login/forgot_password.php

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.244.155.28

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.244.155.28:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 12:03:53 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 12:06:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 56ac4d409ea3c91f84bc0c30648a1434.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: ZYz2J6rNdSNKQOsNmhdt0F4XRT-AU6xRMH-4SVCHL3aqW07_j7v7eA==
Age: 1702

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4858
Cache-Control: max-age=161731
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 12:32:12 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:27:43 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N965wp2ZuTkW02zdYJxLZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 15IzyjsmkmAffQ3CjiO78eDRwns=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32360cc551014133beb0e01e16ec735e
e8256d1865702d278a2189aef41f31c7d305f887
9b73ba45ad4f30fd8684c7c44d9560534dab1ef974da23ed80a43ac75404d51d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B73BA45AD4F30FD8684C7C44D9560534DAB1EF974DA23ED80A43AC75404D51D"
Last-Modified: Fri, 21 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 18:32:13 GMT
Date: Sat, 22 Oct 2022 12:32:13 GMT
Connection: keep-alive

moodle.vample.com/login/forgot_password.php

3.0.6.6

200 OK

7.4 kB

URL HTTP/1.1
moodle.vample.com/login/forgot_password.php
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11782), with CRLF, LF line terminators
Size
7.4 kB (7436 bytes)
Hash
4469508e556e278e0321b0132db1ddbb
e41726e06675e675f17048fbd1ec76eefccbc3dc
441d1dae41e532273ae2a1089431c3e228749576a2c2cfbd5ff2df9046a42b55

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login/forgot_password.php HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j; path=/; secure
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires: 
X-Frame-Options: sameorigin
Content-Encoding: gzip

moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css

3.0.6.6

200 OK

1.0 kB

URL HTTP/1.1
moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1965)
Size
1.0 kB (1031 bytes)
Hash
954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:13 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 02 Sep 2022 04:49:16 GMT
Expires: Tue, 17 Oct 2023 12:32:13 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Content-Encoding: gzip
Vary: Accept-Encoding

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10165
Expires: Sat, 22 Oct 2022 15:21:39 GMT
Date: Sat, 22 Oct 2022 12:32:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10165
Expires: Sat, 22 Oct 2022 15:21:39 GMT
Date: Sat, 22 Oct 2022 12:32:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10165
Expires: Sat, 22 Oct 2022 15:21:39 GMT
Date: Sat, 22 Oct 2022 12:32:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10165
Expires: Sat, 22 Oct 2022 15:21:39 GMT
Date: Sat, 22 Oct 2022 12:32:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7372 bytes)
Hash
616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 52302
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8133 bytes)
Hash
139dcd1a5232524efac37c0f9e482cae
7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03
0d1d8e62b00d9f03f45cb1c59dcfd269b22ff4b54ea0bacdb88449ac2d4443dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8133
x-amzn-requestid: 39a5952e-d747-4cfd-99cf-316e92a82835
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-kPGFooAMFV_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353114e-167f08dd48e9934c48c196ff;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xscNSjVI89lq_YEKwifHp2h1rwMt9GeCUSAXna4FgFM1QT-qBwJtaw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:37 GMT
age: 51637
etag: "7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5517 bytes)
Hash
1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 52293
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe88fd32b-e32c-4e05-ba5d-ff09e2d25456.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11885 bytes)
Hash
a13890c0ba208ebf4d34e326985b04ed
3fb08432bde3f01162ba0ca8b83680ad5f9b3af0
a83d2360a7a62f466c373b4d848acbd257473ae24dd5deb6dadac1368973995b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe88fd32b-e32c-4e05-ba5d-ff09e2d25456.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11885
x-amzn-requestid: 7ea21866-c9b7-4e5e-897a-03bd6937e014
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqHBWIAMFfyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-4791bb044f3149e814c30161;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rSzRDw7IE4vOY43eAuWGOY7FaPjpXsi4SjAf9fKx41vxhxWX85zeCw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 10:34:12 GMT
age: 7082
etag: "3fb08432bde3f01162ba0ca8b83680ad5f9b3af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93090b5a-5307-421c-8902-654efd5f9769.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9337 bytes)
Hash
bb1054cc59fc865911630fd27da6be69
b9c69a4be7d6747f33e10ff8df22901baced3b3c
90d8f004bbecb20c3d6e0379202dc5d32fbfe0eb81e1da9a142f6e96582d6a5a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93090b5a-5307-421c-8902-654efd5f9769.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9337
x-amzn-requestid: b28a9696-dea4-411f-b5f9-48b2c4463913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pTEpdoAMFXeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-11c9f335631c64cf5ee3c582;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QOzuhpjNOprqxmVmRKv1xe8u68J4_NxMP7vx0ArbmY6HAxZ73rIoQg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:39 GMT
age: 52295
etag: "b9c69a4be7d6747f33e10ff8df22901baced3b3c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11151 bytes)
Hash
26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ib4A9F4pA6k1iYdefeQokFkEkmqlEASJ2d20BQ6gqRYj3teYDu8Cyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:20 GMT
age: 51474
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

moodle.vample.com/lib/javascript.php/1664177096/lib/javascript-static.js

3.0.6.6

200 OK

6.8 kB

URL HTTP/1.1
moodle.vample.com/lib/javascript.php/1664177096/lib/javascript-static.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (1875)
Size
6.8 kB (6812 bytes)
Hash
71c0986b7353ce9fa8abf6d0e4d3a1ab
a902f85fd0bc00eb63f19c201636ec2c52cc5e45
f13654681d02d6597b044b73eb021d54129833b20c2ca93138346fbfc13a5169

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/javascript.php/1664177096/lib/javascript-static.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0bfd19028c0c783b81b50124620c627d301a7c35"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 26 Sep 2022 07:24:58 GMT
Expires: Fri, 20 Jan 2023 12:32:14 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/lib/javascript.php/1664177096/lib/requirejs/require.min.js

3.0.6.6

200 OK

6.7 kB

URL HTTP/1.1
moodle.vample.com/lib/javascript.php/1664177096/lib/requirejs/require.min.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (17535)
Size
6.7 kB (6662 bytes)
Hash
d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/javascript.php/1664177096/lib/requirejs/require.min.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "eef8b7bf9f7a1f8ee7f925a2dd24915d53b28071"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 26 Sep 2022 07:24:59 GMT
Expires: Fri, 20 Jan 2023 12:32:14 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/theme/styles.php/classic/1664177095_1/all

3.0.6.6

200 OK

122 kB

URL HTTP/1.1
moodle.vample.com/theme/styles.php/classic/1664177095_1/all
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size
122 kB (121984 bytes)
Hash
8adb4a1bc0fc524a775723c99425e8fa
caa56056a43aa877226daeae7f70716f0cf83168
f25b64d69472d6250c7d240fcb31b5cd30cfe0584375d9784356414618b7d25e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /theme/styles.php/classic/1664177095_1/all HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:13 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "b4d0c886fb00b959ae516dc7c9584b3887b8fab5"
Content-Disposition: inline; filename="styles.php"
Last-Modified: Mon, 26 Sep 2022 07:25:00 GMT
Expires: Fri, 20 Jan 2023 12:32:13 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/lib/javascript.php/1664177096/lib/polyfills/polyfill.js

3.0.6.6

200 OK

60 kB

URL HTTP/1.1
moodle.vample.com/lib/javascript.php/1664177096/lib/polyfills/polyfill.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (36874)
Size
60 kB (60482 bytes)
Hash
ce9415d2c1929e4a1b7d898589fe26af
075322fe75631ff4465484d633c504b90502e761
1178b68f63a7c959c95d189d57c8688ea44ec623cddfc86b2abe8cf08e3b837c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/javascript.php/1664177096/lib/polyfills/polyfill.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "86ed062d0580090499211f5ac4eb70467962f48b"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 26 Sep 2022 07:24:59 GMT
Expires: Fri, 20 Jan 2023 12:32:14 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js

3.0.6.6

200 OK

84 kB

URL HTTP/1.1
moodle.vample.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (6010)
Size
84 kB (84392 bytes)
Hash
8bcb376a1000018ace15774394400419
2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 02 Sep 2022 04:49:16 GMT
Expires: Tue, 17 Oct 2023 12:32:14 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/theme/yui_combo.php?m/1664177096/core/event/event-min.js&m/1664177096/filter_mathjaxloader/loader/loader-min.js

3.0.6.6

200 OK

1.0 kB

URL HTTP/1.1
moodle.vample.com/theme/yui_combo.php?m/1664177096/core/event/event-min.js&m/1664177096/filter_mathjaxloader/loader/loader-min.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2627), with no line terminators
Size
1.0 kB (1047 bytes)
Hash
ed721a80e424f86e1ab0d36ddbb1b2d0
6401cd77a250b875c3af769f56d0afa81acf5af7
a1d7d3b73b7c5f5d7447c54b0c4c1b8058ad5ac9352f451cffc55db050df9112

HTTP Headers

GET /theme/yui_combo.php?m/1664177096/core/event/event-min.js&m/1664177096/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 02 Sep 2022 04:49:16 GMT
Expires: Tue, 17 Oct 2023 12:32:15 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "6bf1157e7421764f475724db738c8066641c1d9e"
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/theme/font.php/classic/core/1664177095/fontawesome-webfont.woff2?v=4.7.0

3.0.6.6

200 OK

77 kB

URL HTTP/1.1
moodle.vample.com/theme/font.php/classic/core/1664177095/fontawesome-webfont.woff2?v=4.7.0
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /theme/font.php/classic/core/1664177095/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://moodle.vample.com/theme/styles.php/classic/1664177095_1/all
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:15 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Etag: "5aae7837f79d4efc40dd23bd48f1eb69123688f5"
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Last-Modified: Mon, 26 Sep 2022 07:25:05 GMT
Expires: Fri, 20 Jan 2023 12:32:15 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none

moodle.vample.com/theme/image.php/classic/theme/1664177095/favicon

3.0.6.6

200 OK

1.2 kB

URL HTTP/1.1
moodle.vample.com/theme/image.php/classic/theme/1664177095/favicon
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
135aed33c0a7b8f44f0227a71b9ce345
120e10c8a17aebb31c74b6988f8bce9b05dd6606
7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /theme/image.php/classic/theme/1664177095/favicon HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:16 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Etag: "2706cfa82cfe0958f2e685b9aea73eca808ef613"
Content-Disposition: inline; filename="favicon.ico"
Last-Modified: Mon, 26 Sep 2022 07:25:03 GMT
Expires: Fri, 20 Jan 2023 12:32:16 GMT
Pragma: 
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none

moodle.vample.com/lib/requirejs.php/1664177096/core/first.js

3.0.6.6

200 OK

480 kB

URL HTTP/1.1
moodle.vample.com/lib/requirejs.php/1664177096/core/first.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (43348)
Size
480 kB (480405 bytes)
Hash
267672af01ec447cd110474db73780b3
492c15ff358bc5d55ab6b9b3d8c647d0c59d9b2e
d86fc3250890ecc2b5c6b27d491268225e1f774fff986d38ca6c4af28f25b338

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/requirejs.php/1664177096/core/first.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3cefab3134cecdbcc64032184b85deec49d7574f"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Mon, 26 Sep 2022 07:25:01 GMT
Expires: Fri, 20 Jan 2023 12:32:15 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js

3.0.6.6

200 OK

31 kB

URL HTTP/1.1
moodle.vample.com/lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65447)
Size
31 kB (30906 bytes)
Hash
b356459fdf4586cb17866ee79db1a740
c810ffed64e9eafe9f80b0609858ec77b1cf2ea7
b5cadc039eec1ec56b1e533d5910e0f9b6c12388339c93854025cc29644d6e74

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/javascript.php/1664177096/lib/jquery/jquery-3.6.0.min.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:17 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "f279fb56b42735d6b1d5772088b84ab32bb28285"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 26 Sep 2022 07:25:01 GMT
Expires: Fri, 20 Jan 2023 12:32:17 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/lib/requirejs.php/1664177096/core_form/events.js

3.0.6.6

200 OK

4.8 kB

URL HTTP/1.1
moodle.vample.com/lib/requirejs.php/1664177096/core_form/events.js
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3857)
Size
4.8 kB (4808 bytes)
Hash
713bb7fd594c64c3598edc178658783a
5cf119be436a34e733ca1fee6c41b3c8350cedaf
f5cfc9a7087a218ad9951e7e5d22bade76acb58ccac10f3ca1ec891299b6735e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/requirejs.php/1664177096/core_form/events.js HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3cefab3134cecdbcc64032184b85deec49d7574f"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Mon, 26 Sep 2022 07:25:01 GMT
Expires: Fri, 20 Jan 2023 12:32:16 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding

moodle.vample.com/lib/ajax/service.php?sesskey=9BeXwV62io&info=media_videojs_get_language

3.0.6.6

200 OK

4.5 kB

URL HTTP/1.1
moodle.vample.com/lib/ajax/service.php?sesskey=9BeXwV62io&info=media_videojs_get_language
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (4531), with no line terminators
Size
4.5 kB (4531 bytes)
Hash
1d55bc8fb15ace98616b30027310a057
1109dee50f7660eb75b2ec7dfc5889434d91351c
aaf9075c9b35ee27d05a21e89ec43d1b2013a8151360e59050c8977edd33d5b8

HTTP Headers

POST /lib/ajax/service.php?sesskey=9BeXwV62io&info=media_videojs_get_language HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: https://moodle.vample.com
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:17 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

moodle.vample.com/lib/ajax/service-nologin.php?info=core_get_string&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22changesmadereallygoaway%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22moodle%22%2C%22lang%22%3A%22en%22%7D%7D%5D

3.0.6.6

200 OK

111 B

URL HTTP/1.1
moodle.vample.com/lib/ajax/service-nologin.php?info=core_get_string&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22changesmadereallygoaway%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22moodle%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
aa4910d44753abc18bf53998693d909d
96a26d0478af621a4df6bde7cbc05a8176806903
28824dbe3abcada0b65643717944a5f84416d44cbb5b5e478cb25bbc56d4e7a0

HTTP Headers

GET /lib/ajax/service-nologin.php?info=core_get_string&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22changesmadereallygoaway%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22moodle%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:17 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jan 2023 12:32:17 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none

moodle.vample.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D

3.0.6.6

200 OK

211 B

URL HTTP/1.1
moodle.vample.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
211 B (211 bytes)
Hash
c135ebb8306e47146c197265b9c9022b
425c439b399cc4a29df884f4ac5aa75505944c2c
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be

HTTP Headers

GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:18 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jan 2023 12:32:18 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none

moodle.vample.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%5D

3.0.6.6

200 OK

2.4 kB

URL HTTP/1.1
moodle.vample.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (2366), with no line terminators
Size
2.4 kB (2366 bytes)
Hash
277cbffc8b01633c828dc3c8745240ae
67c5c5c693b256710fe2c8d51a9ac72541dc3a57
09604128b770c0e743538b387c387056ab0eb8108d7b700e98affe9d18d55a52

HTTP Headers

GET /lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1664177096&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22classic%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:18 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jan 2023 12:32:18 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none

moodle.vample.com/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664177095&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22classic%22%7D%7D%5D

3.0.6.6

200 OK

32 kB

URL HTTP/1.1
moodle.vample.com/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664177095&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22classic%22%7D%7D%5D
IP
3.0.6.6:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (31571), with no line terminators
Size
32 kB (31571 bytes)
Hash
df833a3af68f7af1eed8ebdd63849988
a270c7f6c57d1d59076479b534ade5fc46272c03
fbee23df614378fdbfaba378d90fe416e5c6fa4d4ba2951d28cf4e3cef0fd21b

HTTP Headers

GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1664177095&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22classic%22%7D%7D%5D HTTP/1.1
Host: moodle.vample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://moodle.vample.com/login/forgot_password.php
Cookie: MoodleSession=cjnc6pala8e3mfont5vq26364j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 22 Oct 2022 12:32:18 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jan 2023 12:32:18 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations