r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Sat, 21 Jan 2023 12:41:33 GMT
Date: Sat, 21 Jan 2023 10:40:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6351
Expires: Sat, 21 Jan 2023 12:26:27 GMT
Date: Sat, 21 Jan 2023 10:40:36 GMT
Connection: keep-alive
91.225.132.218/moodle/login/index.php
200 OK 7.6 kB URL HTTP/1.1 91.225.132.218/moodle/login/index.php
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12593)
Hash 300c527a0b03c64bd23c33f8ce444430
8fb682e9ada32f6defa0ac2d5d2c20080a2c5ea8
69ff0b1d9bc304da0eb4bb8e8314fdc1ba98f8e3b993ee7160bd960565ab66a4
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/login/index.php HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq; path=/moodle/
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires:
X-Frame-Options: sameorigin
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Sat, 21 Jan 2023 12:24:45 GMT
Date: Sat, 21 Jan 2023 10:40:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 09:49:38 GMT
content-type: application/json
age: 3058
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aO2AyV/Y2NLHYvyM/yYHnDjDB3+X4RsZy/JLihGY+FK7Lj9HAG4atCnkXRuR/WAIOw8PjvyuIxM=
x-amz-request-id: 7JEF660RG27ZR861
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 09:46:45 GMT
age: 3231
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 10:40:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
91.225.132.218/moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
200 OK 1.0 kB URL HTTP/1.1 91.225.132.218/moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (1979)
Hash e9af13e8b2f0629ef7870ec0739b34d7
aa847b31163541a887abc75b16b8eb3abcda07c5
3502516177349829f86389b536ce18da881d6573c7662f21913f0517508edfa5
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 22 Oct 2021 10:49:04 GMT
Expires: Tue, 16 Jan 2024 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b9bc567c469e2872cf3bbb14603342a72de2509b"
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/javascript.php/1646047007/lib/javascript-static.js
200 OK 6.8 kB URL HTTP/1.1 91.225.132.218/moodle/lib/javascript.php/1646047007/lib/javascript-static.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type HTML document, ASCII text, with very long lines (1875)
Hash 9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/javascript.php/1646047007/lib/javascript-static.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "21ca70caee6d3428bf703eebe515f94f9e7352a5"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 28 Feb 2022 11:17:25 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/javascript.php/1646047007/lib/requirejs/require.min.js
200 OK 6.7 kB URL HTTP/1.1 91.225.132.218/moodle/lib/javascript.php/1646047007/lib/requirejs/require.min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (17535)
Hash d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/javascript.php/1646047007/lib/requirejs/require.min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "c95bd815048831da599fe0f9ee964d2f4b5702e9"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 28 Feb 2022 11:16:50 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/javascript.php/1646047007/lib/polyfills/polyfill.js
200 OK 5.2 kB URL HTTP/1.1 91.225.132.218/moodle/lib/javascript.php/1646047007/lib/polyfills/polyfill.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (17856), with no line terminators
Hash b00bc2defa5b15d6ace9fbfbb21e497b
bbc448bdeaaf79a982ba1d192107f07aebe3e123
443e73663610cb7ccb8a7ae7da6f080ddde4a6414ea975e0914edddc6aabdefc
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/javascript.php/1646047007/lib/polyfills/polyfill.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "80291ac439e107bffee569f00d7edb636d243c85"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 28 Feb 2022 11:17:25 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/javascript.php/1646047007/lib/babel-polyfill/polyfill.min.js
200 OK 34 kB URL HTTP/1.1 91.225.132.218/moodle/lib/javascript.php/1646047007/lib/babel-polyfill/polyfill.min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Hash a8da4866c35fec35e4ead0c273e5d8fe
cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/javascript.php/1646047007/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "929c985648536197fbab6ce61bbbaea5c87064e2"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 28 Feb 2022 11:17:25 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
200 OK 84 kB URL HTTP/1.1 91.225.132.218/moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (6010)
Hash 8bcb376a1000018ace15774394400419
2f8e8e67c1c31bac12aca22f482c3ef33a28a7a7
ba65826c64be1db28f1d0549c4dcce3598464e4da1154b26b28e6d6c58db25af
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 22 Oct 2021 10:49:04 GMT
Expires: Tue, 16 Jan 2024 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Content-Encoding: gzip
Vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 10:17:29 GMT
age: 1388
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
91.225.132.218/moodle/theme/styles.php/boost/1646047007_1/all
200 OK 112 kB URL HTTP/1.1 91.225.132.218/moodle/theme/styles.php/boost/1646047007_1/all
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 112 kB (111527 bytes)
Hash 261a177ffb6f7bb0f67286aa08668923
469d41a1c9b248812870e529e447b0c9c095195f
a2ca2c36c756121e10c6ca31dffb91793bfe4057aadf9d7f323e5178acafb3ae
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/styles.php/boost/1646047007_1/all HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "cc66b9ad7402f55bfad65c3518b5f25907648797"
Content-Disposition: inline; filename="styles.php"
Last-Modified: Mon, 09 May 2022 22:47:28 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
ocsp.digicert.com/
200 OK 471 B IP
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 941
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 10:40:37 GMT
Last-Modified: Sat, 21 Jan 2023 10:24:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
91.225.132.218/moodle/theme/yui_combo.php?m/1646047007/core/event/event-min.js&m/1646047007/filter_mathjaxloader/loader/loader-min.js
200 OK 857 B URL HTTP/1.1 91.225.132.218/moodle/theme/yui_combo.php?m/1646047007/core/event/event-min.js&m/1646047007/filter_mathjaxloader/loader/loader-min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (2198), with no line terminators
Hash 260b3cd4413738b36a0f5701136e4b68
24f548756b34d4c67c80b44214d1cdd9ff65ea1c
949a6496f576e9171c6d9244bf7eeb8129fc1840f609b502e529851154ade6fc
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/yui_combo.php?m/1646047007/core/event/event-min.js&m/1646047007/filter_mathjaxloader/loader/loader-min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 22 Oct 2021 10:49:04 GMT
Expires: Tue, 16 Jan 2024 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "058a832e8e6d653198cd8c924591399c0c6ad482"
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/theme/font.php/boost/core/1646047007/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 91.225.132.218/moodle/theme/font.php/boost/core/1646047007/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/font.php/boost/core/1646047007/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://91.225.132.218/moodle/theme/styles.php/boost/1646047007_1/all
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
Etag: "29876e8565c26868891995520513ab22c53c2095"
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Last-Modified: Mon, 28 Feb 2022 11:17:25 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oNapljINy5Z1e0kgyYxQjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /q2nA8z6o+W6ES2h3b/vARNwJ3U=
91.225.132.218/moodle/theme/image.php/boost/theme/1646047007/favicon
200 OK 1.2 kB URL HTTP/1.1 91.225.132.218/moodle/theme/image.php/boost/theme/1646047007/favicon
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 135aed33c0a7b8f44f0227a71b9ce345
120e10c8a17aebb31c74b6988f8bce9b05dd6606
7afbabec7cddb87ab3b2c3f56509ca9c8f76925db0570372f1a6a366606be1b4
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/image.php/boost/theme/1646047007/favicon HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:38 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Etag: "1b45a5a3005eab0eaca14336de94b48c9e9c4d05"
Content-Disposition: inline; filename="favicon.ico"
Last-Modified: Mon, 28 Feb 2022 11:17:27 GMT
Expires: Fri, 21 Apr 2023 10:40:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, no-transform, immutable
Accept-Ranges: none
91.225.132.218/moodle/lib/requirejs.php/1646047007/core/first.js
200 OK 341 kB URL HTTP/1.1 91.225.132.218/moodle/lib/requirejs.php/1646047007/core/first.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type HTML document, ASCII text, with very long lines (19941)
Size 341 kB (341371 bytes)
Hash 801810b979bb44135c5063d77b670344
e34077178dd3fdcb15fcf4a8e62a165aa44c5387
ff10ae69e0dd8493429743b3e2b5f8184fce86e24b43208bb76c49ff847f78eb
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/requirejs.php/1646047007/core/first.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3ae7e0eb9681bf3941a1f56b5b516c3beccec2f2"
Content-Disposition: inline; filename="requirejs.php"
Last-Modified: Mon, 28 Feb 2022 11:17:11 GMT
Expires: Fri, 21 Apr 2023 10:40:37 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/javascript.php/1646047007/lib/jquery/jquery-3.5.1.min.js
200 OK 31 kB URL HTTP/1.1 91.225.132.218/moodle/lib/javascript.php/1646047007/lib/jquery/jquery-3.5.1.min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (65451)
Hash 9e20b290f3bf1923af08d826a5e82c86
fa97509e0967c34ea5393af9f7e1a79162404205
9af00f1990a36ea52fb3eee0118efc546fb6976d2fa8d6d048f5e9a896062cf0
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/javascript.php/1646047007/lib/jquery/jquery-3.5.1.min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "d947d5d9e21df1d6b6398d0a6fdab72e6fff4942"
Content-Disposition: inline; filename="javascript.php"
Last-Modified: Mon, 28 Feb 2022 11:17:13 GMT
Expires: Fri, 21 Apr 2023 10:40:38 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding
91.225.132.218/moodle/lib/ajax/service.php?sesskey=SX9NGbTJDW&info=media_videojs_get_language
200 OK 4.5 kB URL HTTP/1.1 91.225.132.218/moodle/lib/ajax/service.php?sesskey=SX9NGbTJDW&info=media_videojs_get_language
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type JSON data\012- , ASCII text, with very long lines (4530), with no line terminators
Hash 4d5523cbc76f44fe608854860b0a2569
b821723eb7ecf0b7e97c516fbbc88c3b85560229
2088fbe413aa7bc5fc811ec5778bd623becf7c1c149d2f12fc8c21ad7cd343d5
Analyzer Verdict Alert quad9 Sinkholed
POST /moodle/lib/ajax/service.php?sesskey=SX9NGbTJDW&info=media_videojs_get_language HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 76
Origin: http://91.225.132.218
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
91.225.132.218/moodle/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js
200 OK 4.8 kB URL HTTP/1.1 91.225.132.218/moodle/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type ASCII text, with very long lines (3857)
Hash 713bb7fd594c64c3598edc178658783a
5cf119be436a34e733ca1fee6c41b3c8350cedaf
f5cfc9a7087a218ad9951e7e5d22bade76acb58ccac10f3ca1ec891299b6735e
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline; filename="combo"
Last-Modified: Fri, 22 Oct 2021 10:49:04 GMT
Expires: Tue, 16 Jan 2024 10:40:39 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Etag: "b24ca831785ba367093f089618e840be511be85d"
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10430
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 10:40:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10430
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 10:40:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4b8e05930ca3ed03e20300b36819b1a
90645bb11f3788a9a03ad1756de541fea594fb15
0530c3fd68291836e997842e3e4b5bbef6086e89686f786dbda059143a5a8b5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b5b95d-798c-4d73-bd79-8e3c092be9b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5081
x-amzn-requestid: 56788104-29ed-4ff9-b9c5-58b83e53d169
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etktlF50oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b23-1dafe7e12dbeee0e3318ccdc;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 886cYViC-eBqAPpavmVYF0Jxqhsk8VQc8O1KPpTGM1yFpjrs-IxFVw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 11:59:42 GMT
age: 81657
etag: "90645bb11f3788a9a03ad1756de541fea594fb15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cxuHpm9vR0_DvHdEtR5p5eRRNAFgCrOTnak0RsH3OeCccehhurKhJA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 01:38:03 GMT
age: 32556
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa19e2681-f167-4577-b7db-9afc7bd1ccf2.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa19e2681-f167-4577-b7db-9afc7bd1ccf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3af2d51fb89ef0261ba025d76169261
9b3f4e3f63b64030624e02ad6ab8ef43a676dd66
c3d5a6f829dc59db8ed27a92fcfc6d387633bb43388e2c19d68b89356a13b1cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa19e2681-f167-4577-b7db-9afc7bd1ccf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13812
x-amzn-requestid: 7e3de1bc-a850-4a6e-891c-094996ee4a76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmw2HldoAMF-Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b805-5443ffce123461b44b9815b2;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:37:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EUm5z7VSHRCILWZmLR5u_EuVtfVDerCwgAO7R19fDJZqYmsPa6Vz3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:05:54 GMT
age: 45285
etag: "9b3f4e3f63b64030624e02ad6ab8ef43a676dd66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: reROJ7ha0LKGWpSMN0ioNVaIrIEhJUn_cfprHVZlfyY7jBoFyKh0rw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 13:48:55 GMT
age: 75104
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94079233f2d67e98580bfd64b2894ae4
89961b28d9aee3e387e4aaa57275c5dca1dca8f2
8161291ac6d3bd7f025a6d7528130576ddd4fac33c41a7b914a6b5b0ad139c28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9774
x-amzn-requestid: 8a16e99c-052a-4f25-8832-f7e04606e581
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAogLHHvIAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9bacd-10b727ae4904494371326a16;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:49:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xvgnwnHWo3YW8tYseOKI_Af1GZnLEuwIiapYgscmXKcjYiqkpbN6zQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:05:11 GMT
age: 45328
etag: "89961b28d9aee3e387e4aaa57275c5dca1dca8f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a43120101d55af4d7d2cb93aa3f81560
2c1443887c1e4a85ad794f463fc947a97486e091
055cd52ec7c883a67e521fba820e80cbbf8ecb59343f6d48ba5e5d9b22bfddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf32145-89e4-4f11-b8c1-0f5b832b325a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7895
x-amzn-requestid: 3ae300df-5e6c-4c70-a8ed-1475b7580b9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlxaEz2IAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21cd5-1b0ce13023f3ada1112870db;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:09:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ffjveHMubnwvTvS4AC0uHyf1hCYDHluCS3oxM25bE5U1sbjD65Gjcw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:49:35 GMT
age: 46264
etag: "2c1443887c1e4a85ad794f463fc947a97486e091"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
91.225.132.218/moodle/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
200 OK 211 B URL HTTP/1.1 91.225.132.218/moodle/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type JSON data\012- , ASCII text, with no line terminators
Hash c135ebb8306e47146c197265b9c9022b
425c439b399cc4a29df884f4ac5aa75505944c2c
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:40:39 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
91.225.132.218/moodle/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
200 OK 2.4 kB URL HTTP/1.1 91.225.132.218/moodle/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type JSON data\012- , ASCII text, with very long lines (2422), with no line terminators
Hash f2f5d195ae0262b5de27122ead127b83
021acaf9e14d4fd6992da17347faf26bd4697d65
380abdf554c0d04799270cb6d2effc74cde736b03adf4cc3b1e3aac6cadab2c1
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:40:39 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
91.225.132.218/moodle/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
200 OK 30 kB URL HTTP/1.1 91.225.132.218/moodle/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
IP
ASN #197572 Citynet Marcin Sobala - Piotr Misiuda
File type JSON data\012- , ASCII text, with very long lines (30479), with no line terminators
Hash 128bce910f5427e6ca028ddc3ff34933
1006c6a0e44931bc0f1ac8e85251ceddefd28afe
a4c5a3ff3cf21d7e1ed165aa5eec28ba01726a4e4bb477fd712c0234a843a28c
Analyzer Verdict Alert quad9 Sinkholed
GET /moodle/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1646047007&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D HTTP/1.1
Host: 91.225.132.218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://91.225.132.218/moodle/login/index.php
Cookie: MoodleSession=qd4q2due8g1u4qujp23n12i6cq
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 21 Jan 2023 10:40:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:40:39 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
91.225.132.218
34.160.144.191
93.184.220.29
23.36.76.226