Report - uog.ac.rw/login.php

Report Overview

Submitted URL
uog.ac.rw/login.php
IP
197.243.0.61
ASN
#37228 Olleh-Rwanda-Networks
Submitted
2023-01-26 08:46:31
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
use.edgefonts.net	57983	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	570 B	2.5 kB	54.230.111.34
badges.instagram.com	59600	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	6.3 kB	31.13.72.53
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.50.16
uog.ac.rw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	578 kB	197.243.0.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	uog.ac.rw/login.php	Malware
2023-01-26	medium	uog.ac.rw/js/bootstrap.min.js	Malware
2023-01-26	medium	uog.ac.rw/js/isp_js.js	Malware
2023-01-26	medium	uog.ac.rw/js/datepickr.min.js	Malware
2023-01-26	medium	uog.ac.rw/js/jquery.blueimp-gallery.min.js	Malware
2023-01-26	medium	uog.ac.rw/js/jquery-2.1.4.min.js	Malware
2023-01-26	medium	uog.ac.rw/slick/slick.min.js	Malware
2023-01-26	medium	uog.ac.rw/fonts/glyphicons-halflings-regular.woff2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 08:39:22 Times Seen37035248 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	uog.ac.rw/js/bootstrap-image-gallery.min.js	2.9 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/js/bootstrap-image-gallery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash 55f4c31b56381ca8ee4b911df0903095 3ae757db228eb15d6df328b55e14b47bbf0014ab 0e8d9fce959be94dd29b9f99d36daad3db12d00784f92b59d668544670f5cae4 Loading...

	uog.ac.rw/slick/slick.min.js	42 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/slick/slick.min.js IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash b4e510d0cdea0b79892c2bf7613ed193 a6b60a3c67e3b2e6b127d9b2c0cf37e0b88235d7 364890c36b1711f359d2cfe64108d92b727a3c776113cbd8d1a28ab40d659ada Loading...

	uog.ac.rw/login.php	42 B	2023-03-09	2024-02-07
Pretty URL uog.ac.rw/login.php IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:11:21 Last Seen2024-02-07 09:45:23 Times Seen47 Hash 9d03bdbb294308ee8e988c65481941b2 f0d1045a9722f843ccb91a520aca8d09582b4218 1bc412fb30081a816f6efea038aac897edf58f9acbe45ef4334ead2dae11fa82 Loading...

	uog.ac.rw/js/bootstrap.min.js	39 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/js/bootstrap.min.js IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash f9987ea9abec01a146151a7bd6f3b66f 440373e28c11e1a3836578e0c193ee5213de0341 d45d519a4c4ba8fc55ecf6fa661c3f196f3e41af6feb520235808c487fbf3108 Loading...

	uog.ac.rw/js/isp_js.js	90 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/js/isp_js.js IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash abe142b11b9815cc627aeeff506fece8 3a302b47effc5d72c83f821999c3c438d640f00c 3fc447844e7feee85e174347f6bfbbbd7c8d3f5b177d5eae7742674a99ecb86c Loading...

	uog.ac.rw/js/datepickr.min.js	8.1 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/js/datepickr.min.js IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash 5ed1831a1e8025bbb81543653435fef3 e7713dfbadd867d85e9b7fa92f3c78fc8127ae7b bb787261f6718d4c6650b982e9e432a12ef92beb8b289c3da591b63f6b6a2f80 Loading...

	uog.ac.rw/js/jquery.blueimp-gallery.min.js	34 kB	2023-03-12	2023-03-13
Pretty URL uog.ac.rw/js/jquery.blueimp-gallery.min.js IP 197.243.0.61 ASN #37228 Olleh-Rwanda-Networks Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:25:44 Last Seen2023-03-13 07:24:05 Times Seen1 Hash 0813a046473db8b58de5b676937141d9 6486c7d38b519ff8242fcb5fb2a40a9fb8fe4075 2ae228893fc52821704a182e72768057da14173b9097ee1bea81b2e3cf9fe5fa Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 26 Jan 2023 11:04:47 GMT
Date: Thu, 26 Jan 2023 08:46:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9116
Expires: Thu, 26 Jan 2023 11:18:16 GMT
Date: Thu, 26 Jan 2023 08:46:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 08:35:16 GMT
content-type: application/json
age: 664
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Thu, 26 Jan 2023 10:17:58 GMT
Date: Thu, 26 Jan 2023 08:46:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f2pDbi+Q+QgaCYSqBqpFadxtn97kamM4NEKntlnMBPOQ9EtNDghdc+VxUBKgWtOGZ7WcGKo+gEI=
x-amz-request-id: GPA26QSGW4H2K6Z5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 07:48:53 GMT
age: 3447
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:46:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 07:49:01 GMT
age: 3439
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8471
Expires: Thu, 26 Jan 2023 11:07:32 GMT
Date: Thu, 26 Jan 2023 08:46:21 GMT
Connection: keep-alive

push.services.mozilla.com/

35.162.50.16

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.50.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AbPWHwhAK/L6spHuWRL9qg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hjJc/mpvyzFAV1YVCzlHHvEC0Rw=

uog.ac.rw/login.php

197.243.0.61

200 OK

5.0 kB

URL HTTP/1.1
uog.ac.rw/login.php
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Size
5.0 kB (4982 bytes)
Hash
32beabb1c072c211318f13f4e4e89e4a
955d302e5a49dee87e990fbe60f9d8e27ebc4684
ff4b37f3d09e719aa397256147f4ec62ef4588824b869553c524366c7e9215e6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /login.php HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1; path=/
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4982
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

use.edgefonts.net/allura:n4:default.js

54.230.111.34

403 Forbidden

915 B

URL HTTP/1.1
use.edgefonts.net/allura:n4:default.js
IP
54.230.111.34:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
915 B (915 bytes)
Hash
833144e011efec3c4db21569380f65b0
b0b41efcb35165ada678104cfa934a6f61fd8612
e234948a7b5d26d09ad2af522e92d19f32d74afeb4ce2b71b2e7f76bc78fc8b2

HTTP Headers

GET /allura:n4:default.js HTTP/1.1
Host: use.edgefonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/

HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Thu, 26 Jan 2023 08:46:21 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VBEetpVuVsLQv5SaqBfMCAed5HxawBESy1fKEerYDsUk3IdF0KUNIw==

uog.ac.rw/js/bootstrap.min.js

197.243.0.61

200 OK

11 kB

URL HTTP/1.1
uog.ac.rw/js/bootstrap.min.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (32034)
Size
11 kB (10693 bytes)
Hash
4fcd57315984a24a3f4cbf474bd54dae
8861e684b355da1b3725bad63618bd95accbbb2e
1fbf678ae0a7b5898441804811f20b029a3d054c2044fcb58a7baf1715649e45

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:21 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:21 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10693
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: application/javascript

uog.ac.rw/js/isp_js.js

197.243.0.61

200 OK

13 kB

URL HTTP/1.1
uog.ac.rw/js/isp_js.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with CRLF line terminators
Size
13 kB (12637 bytes)
Hash
f83a7c2d086c20707e8d6deae690244b
1c97294e0410e4ff7bb152e43ba937ae43f35766
54e3659b5cba063a87c4d1c7c1310c43acf3af2974c430086f1728fb395e29f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/isp_js.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:21 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 18 Oct 2022 11:11:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:21 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12637
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: application/javascript

uog.ac.rw/js/datepickr.min.js

197.243.0.61

200 OK

3.1 kB

URL HTTP/1.1
uog.ac.rw/js/datepickr.min.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (2039)
Size
3.1 kB (3129 bytes)
Hash
5d72892266996a7aa2663b9ab27eb1b2
9f36fdfd47ae043e90b689dd5e22a7d5e754a446
8210441983ea96b5dd31c714ae7c71b9dfd3c4f37a927d3735c525c7a8f67309

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/datepickr.min.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:14 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3129
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: application/javascript

uog.ac.rw/js/jquery.blueimp-gallery.min.js

197.243.0.61

200 OK

9.3 kB

URL HTTP/1.1
uog.ac.rw/js/jquery.blueimp-gallery.min.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (33575), with no line terminators
Size
9.3 kB (9268 bytes)
Hash
f0fd3c4fddb17c0163f8e1a0e571b2a9
df6e427e2a0f0b00a5d907a045e43f1e8a643cf9
f829b6cfcfe4ea3b56be4d5c50b02f253c55bff609c11f5ff66d62f9b51fa979

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery.blueimp-gallery.min.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:14 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9268
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: application/javascript

uog.ac.rw/js/jquery-2.1.4.min.js

197.243.0.61

200 OK

30 kB

URL HTTP/1.1
uog.ac.rw/js/jquery-2.1.4.min.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (32025)
Size
30 kB (30461 bytes)
Hash
2ca9231dcf45b3a31c33b52385d2a108
aa62aca64e1a3f0df05cbaaefa97cf2731078e36
fc15f63259eda6f3081019bfe590fd7352b7fcb5216c82131d55cd67fca5354a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery-2.1.4.min.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:21 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:21 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30461
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: application/javascript

uog.ac.rw/_css/ispg_main.css

197.243.0.61

200 OK

3.2 kB

URL HTTP/1.1
uog.ac.rw/_css/ispg_main.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
assembler source, ASCII text, with CRLF line terminators
Size
3.2 kB (3219 bytes)
Hash
19f568d5f46435d578111746e61dc9f5
db8a9cca25caa9b0da05310edc897c86268bc98c
f6fbeed05ceefa518a1f7649bc8fdd9d45d4b11b4e2e54b5ef5e0fc738667040

HTTP Headers

GET /_css/ispg_main.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Tue, 27 Sep 2022 12:20:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3219
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/_css/datepickr.min.css

197.243.0.61

200 OK

841 B

URL HTTP/1.1
uog.ac.rw/_css/datepickr.min.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (1390)
Size
841 B (841 bytes)
Hash
0594b5ed410109026b3e67d9b620dd24
44757196f55cfaee366d49b835b14d78ec7d4cab
f01a17d9830a510a2da77c6003a45c21cc62c58a3a57568b04116d5a758870bc

HTTP Headers

GET /_css/datepickr.min.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 841
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/_css/blueimp-gallery.min.css

197.243.0.61

200 OK

1.5 kB

URL HTTP/1.1
uog.ac.rw/_css/blueimp-gallery.min.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (6815), with no line terminators
Size
1.5 kB (1471 bytes)
Hash
7ee0db1f8fb081b226c8e6b2cf2dccbf
8f7ae1c0ffe28232270287087e402210be79ed5c
edf9fb871b104cfa28e7582f9fbfeb95a497d95633d8ebc23c5f108c98c3b21a

HTTP Headers

GET /_css/blueimp-gallery.min.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1471
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/_css/bootstrap-image-gallery.min.css

197.243.0.61

200 OK

523 B

URL HTTP/1.1
uog.ac.rw/_css/bootstrap-image-gallery.min.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (1472), with no line terminators
Size
523 B (523 bytes)
Hash
14644fe2a863c9a4ada3281ca22c566f
72a275d3244ad851ba9bf4a345d17178b5690dbe
a206acc9b41c27c8fc12a82ca5d31a774f2dc0b7e573af8a0f039aaae34b0ed3

HTTP Headers

GET /_css/bootstrap-image-gallery.min.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 523
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/slick/slick.css

197.243.0.61

200 OK

564 B

URL HTTP/1.1
uog.ac.rw/slick/slick.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text
Size
564 B (564 bytes)
Hash
df9ddc169558ee29da096e1e04f0429e
b124ae7fc80661c4e5ad6b11c6d1223e3f34b152
c7a3a8e516a3b9a8116c35771f33605a85d709596f052f1957d1d1d61579f572

HTTP Headers

GET /slick/slick.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sun, 07 Feb 2016 15:43:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 564
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/slick/slick-theme.css

197.243.0.61

200 OK

887 B

URL HTTP/1.1
uog.ac.rw/slick/slick-theme.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
Unicode text, UTF-8 text
Size
887 B (887 bytes)
Hash
f91fea3ef4e9f8f983b5af1aa719a482
7c693da05f3f157b8816b06c23a73a7d97262349
2cfd5015c990b8bb35c05be40fd75b878f35adc6f582af05d0ede57f9fac66c7

HTTP Headers

GET /slick/slick-theme.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sun, 07 Feb 2016 15:43:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 887
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: text/css

uog.ac.rw/_css/bootstrap.css

197.243.0.61

200 OK

22 kB

URL HTTP/1.1
uog.ac.rw/_css/bootstrap.css
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (540)
Size
22 kB (21572 bytes)
Hash
c3b721d9a6243381cf47ba5fbe0cb51c
b3870319301c1e9567039e4dc90205ea8257970f
f30e1f0a976381cde0fdbd2fc914d6486ba8d363db02c52b3b2ed9e92536ea78

HTTP Headers

GET /_css/bootstrap.css HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:14 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21572
Keep-Alive: timeout=5, max=10000
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17383
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 08:46:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17383
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 08:46:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17383
Expires: Thu, 26 Jan 2023 13:36:05 GMT
Date: Thu, 26 Jan 2023 08:46:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 39460
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6609 bytes)
Hash
b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hUp-Y119Uly8FlGe1Wr8b-_pNoyg_iV-KaNaC7Fo44iN_sDU3BnCbA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:35:29 GMT
age: 4253
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7426 bytes)
Hash
c331b0423afe4c6888533296b5f275bc
766aba1f8bb596a068f4e611161fa54616f506ed
0551882e8ba5962ca2c3a8634574e75f11321d46f9c901430614a9c73eaeae12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 1c0f08ae-9b11-4c41-a6e9-819343332f34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF-fElWIAMFg8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf838f-6cf92e9d28ec0c9727e7419a;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A9cyJReV84QegjGfuOcBlZ-T6uefiGXXKnIBXIcn3a1x0kRYQ6XI3A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:13:57 GMT
age: 5545
etag: "766aba1f8bb596a068f4e611161fa54616f506ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 4343
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8822 bytes)
Hash
13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n2ULSpeRMRZ9CDjmrwd56ti_gPYh9ApC521naXURI2Bh1eiKwjyHZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 39296
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22ec7be-6a69-4dd9-9340-9be6624c7434.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4513 bytes)
Hash
3ed67ca9bce75476cc13c83abe463bc7
242e26653f691852678a2a32fd17d58fb4747126
a54b909a228e7ac3c6a98e553445905cac7664a2a9208af9abba149f11881d1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22ec7be-6a69-4dd9-9340-9be6624c7434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4513
x-amzn-requestid: 4caaaf23-4e35-4a1e-983a-5c556d009ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOi2OG15IAMFxKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4b5a-643a67517111200131d532f6;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1yx2ngTkDe6jX4jwmNVfOxDR6CXmw0fF_wgsM5E-kdMw21u25v0g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 04:13:19 GMT
age: 16383
etag: "242e26653f691852678a2a32fd17d58fb4747126"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

uog.ac.rw/slick/slick.min.js

197.243.0.61

200 OK

11 kB

URL HTTP/1.1
uog.ac.rw/slick/slick.min.js
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
ASCII text, with very long lines (32012)
Size
11 kB (10683 bytes)
Hash
9b2505df7c7d0dcc08b82dca4e58f4d6
7307775ce3a23dbf21951d2a8e282135f4cd3983
d1e3f743a74897462c60b03f44ca4a9fd52464a1bca9079e9c4e19ba60c0d7be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /slick/slick.min.js HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:22 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sun, 07 Feb 2016 15:43:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 25 Feb 2023 08:46:22 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10683
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: application/javascript

badges.instagram.com/static/images/ig-badge-view-24.png

31.13.72.53

301 Moved Permanently

0 B

URL HTTP/1.1
badges.instagram.com/static/images/ig-badge-view-24.png
IP
31.13.72.53:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/images/ig-badge-view-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/

HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-view-24.png
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 26 Jan 2023 08:46:25 GMT
Connection: keep-alive
Content-Length: 0

use.edgefonts.net/allura:n4:default.js

54.230.111.34

403 Forbidden

915 B

URL HTTP/1.1
use.edgefonts.net/allura:n4:default.js
IP
54.230.111.34:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
915 B (915 bytes)
Hash
786148729440875ff0fceee32f79d8d0
b42e096e91e7875ed71c1ca56806398aae97faeb
6bb09cb2bd1cb050ca4fa07b3486d0e0998a0d3dbbb9e68127c5a3e664342f3e

HTTP Headers

GET /allura:n4:default.js HTTP/1.1
Host: use.edgefonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/

HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Thu, 26 Jan 2023 08:46:25 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UQN-nl_qEokEdFWi4MzIyz5Fa4DYewQRT4-NzH7I4Sb3q_XZ61MPEw==

badges.instagram.com/static/images/ig-badge-view-sprite-24.png

31.13.72.53

301 Moved Permanently

0 B

URL HTTP/1.1
badges.instagram.com/static/images/ig-badge-view-sprite-24.png
IP
31.13.72.53:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/images/ig-badge-view-sprite-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/

HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-view-sprite-24.png
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 26 Jan 2023 08:46:25 GMT
Connection: keep-alive
Content-Length: 0

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
22d9811898264d1f4357663a4561316c
56766d6d0d51570a5b727d484be9b98884d2c611
8576f275f87d85b6472ae7d7adfdd904ff799002d09a53a2461cf7324afbce96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6428
Cache-Control: max-age=93338
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:46:25 GMT
Etag: "63d0ee5f-1d7"
Expires: Fri, 27 Jan 2023 10:42:03 GMT
Last-Modified: Wed, 25 Jan 2023 08:54:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
22d9811898264d1f4357663a4561316c
56766d6d0d51570a5b727d484be9b98884d2c611
8576f275f87d85b6472ae7d7adfdd904ff799002d09a53a2461cf7324afbce96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6229
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:46:25 GMT
Last-Modified: Thu, 26 Jan 2023 07:02:36 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
22d9811898264d1f4357663a4561316c
56766d6d0d51570a5b727d484be9b98884d2c611
8576f275f87d85b6472ae7d7adfdd904ff799002d09a53a2461cf7324afbce96

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6429
Cache-Control: max-age=93338
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:46:26 GMT
Etag: "63d0ee5f-1d7"
Expires: Fri, 27 Jan 2023 10:42:04 GMT
Last-Modified: Wed, 25 Jan 2023 08:54:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

uog.ac.rw/favicon.ico

197.243.0.61

404 Not Found

4.8 kB

URL HTTP/1.1
uog.ac.rw/favicon.ico
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (334)
Size
4.8 kB (4809 bytes)
Hash
9db9709cce2899971d69becde492d24a
6c6860dca423ecda6071dd16badef422d7162fa4
89b21ab48edb73807f54341b9c55c710b009d6d6526f96370f0308c042845d76

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 404 Not Found
Date: Thu, 26 Jan 2023 08:46:25 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4809
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

uog.ac.rw/_img/nursingsc.jpg

197.243.0.61

200 OK

191 kB

URL HTTP/1.1
uog.ac.rw/_img/nursingsc.jpg
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x768, components 3\012- data
Size
191 kB (191297 bytes)
Hash
672d6c4b3655e7d2a3ca55ef60bc9444
d3a711abbbb0d980e82a369dc0455f2f656d1516
98ab9f618ebb62bc7b4a445e7435116ff5c94a865fff5fa3afb1fbbfca630478

HTTP Headers

GET /_img/nursingsc.jpg HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:25 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sun, 07 Feb 2016 15:45:21 GMT
Accept-Ranges: bytes
Content-Length: 191297
Cache-Control: max-age=31536000
Expires: Fri, 26 Jan 2024 08:46:25 GMT
Keep-Alive: timeout=5, max=9999
Connection: Keep-Alive
Content-Type: image/jpeg

uog.ac.rw/_img/uglogo.png

197.243.0.61

200 OK

229 kB

URL HTTP/1.1
uog.ac.rw/_img/uglogo.png
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
PNG image data, 708 x 708, 8-bit/color RGBA, non-interlaced\012- data
Size
229 kB (228694 bytes)
Hash
7753fe1f7896df144a963809951ba2b8
d3d92e30b9c16c1d755a00ca26ea3fedc9e30a0c
3b1b8b81282e9324c59d233918b4c8be04f410b9530c3b140d1a79c77efb73ba

HTTP Headers

GET /_img/uglogo.png HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:25 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:15 GMT
Accept-Ranges: bytes
Content-Length: 228694
Cache-Control: max-age=31536000
Expires: Fri, 26 Jan 2024 08:46:25 GMT
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: image/png

uog.ac.rw/fonts/glyphicons-halflings-regular.woff2

197.243.0.61

200 OK

18 kB

URL HTTP/1.1
uog.ac.rw/fonts/glyphicons-halflings-regular.woff2
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://uog.ac.rw/_css/bootstrap.css
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:26 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Thu, 07 Nov 2019 09:46:14 GMT
Accept-Ranges: bytes
Content-Length: 18028
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: font/woff2

uog.ac.rw/_img/social_sprite.png

197.243.0.61

200 OK

13 kB

URL HTTP/1.1
uog.ac.rw/_img/social_sprite.png
IP
197.243.0.61:0
ASN
#37228 Olleh-Rwanda-Networks

File type
PNG image data, 180 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12765 bytes)
Hash
0b62c4943262b2f1434c7439feda3fee
3b37abd4a58ec6fc55a1f30567f17dfbcf79d0ce
97dee64f8cc3066b9367038bd67bb2e8851b084d3333c73922569ffc2deb2ed9

HTTP Headers

GET /_img/social_sprite.png HTTP/1.1
Host: uog.ac.rw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uog.ac.rw/login.php
Cookie: PHPSESSID=mhd46sfpv1090gf201glnrnem1

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:46:27 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self'
Last-Modified: Sun, 07 Feb 2016 15:45:21 GMT
Accept-Ranges: bytes
Content-Length: 12765
Cache-Control: max-age=31536000
Expires: Fri, 26 Jan 2024 08:46:27 GMT
Keep-Alive: timeout=5, max=9997
Connection: Keep-Alive
Content-Type: image/png

badges.instagram.com/static/images/ig-badge-view-sprite-24.png

31.13.72.53

404 Not Found

0 B

URL HTTP/2
badges.instagram.com/static/images/ig-badge-view-sprite-24.png
IP
31.13.72.53:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/images/ig-badge-view-sprite-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uog.ac.rw/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Thu, 26 Jan 2023 08:46:25 GMT
vary: Accept-Language
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 75
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 22
x-ig-peak-time: 1
content-length: 20955
x-ig-origin-region: rva
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

badges.instagram.com/static/images/ig-badge-view-24.png

31.13.72.53

404 Not Found

0 B

URL HTTP/2
badges.instagram.com/static/images/ig-badge-view-24.png
IP
31.13.72.53:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/images/ig-badge-view-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uog.ac.rw/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Thu, 26 Jan 2023 08:46:25 GMT
vary: Accept-Language
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 75
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 36
x-ig-peak-time: 1
content-length: 20955
x-ig-origin-region: rva
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (46)