Report - ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access

Report Overview

Submitted URL
ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp
IP
52.74.144.107
ASN
#16509 AMAZON-02
Submitted
2022-09-15 17:03:11
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing website detected

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	865 B	143.204.42.88
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	65 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.4 kB	93.184.220.29
ntulearn.ntu.edu.sg	555966	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	11 kB	52.74.144.107
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.35.244
loginfs.ntu.edu.sg	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	229 kB	155.69.19.64
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	329 B	2023-03-07	2024-04-19
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-19 02:52:19 Times Seen915 Hash 097a19f95cd08ecbbc661052b26f0b8a 377a038d746b67f20117196b67c4790250a1d86e 88b0507affd47707dd2caad2efb8829a6db41697e4f98674f0870227d43a1dc3 Loading...

	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	4.5 kB	2023-03-07	2024-04-19
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-19 02:52:19 Times Seen880 Hash eadb1c57f47e53a98b694a385f79f620 e91698d36f629f7a08ce11962a6e32306239e942 7e76f95325cbc84d2b81876f84c0f296f149c093c28694f28dfe94ad95b57593 Loading...

	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	279 B	2023-03-07	2024-04-19
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-19 02:52:19 Times Seen560 Hash f72c5c2c97ec721cc1d373ad35d6895d 96681997b700168a435fdcfd4cd19ad1760915cd f33c0d856ba8c8cc39c22d79b90cae7efd7d697b430842834676f0bd33c84c5d Loading...

	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	1.5 kB	2023-03-07	2024-04-19
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-19 02:52:19 Times Seen972 Hash 2468778aab7f738efe448e7286a89810 8e22d446ddabbc604fc639c8b39e11d150e1513f d0d79904eae708f6ab256d015cd7cea6de4dc38089e11b4a34639aea19855d5b Loading...

	ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp	238 B	2023-03-07	2023-03-07
Pretty URL ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp IP 52.74.144.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:54 Last Seen2023-03-07 17:04:04 Times Seen1 Hash 813339fb003657826b29fff0a5f56887 c39c0e6298cd9af0950a866110b64f415b9b0016 46f54796764c41c935a8bfffafa0159ddb0319384c97c017d03ce43eab1d8937 Loading...

	ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp	189 B	2023-03-07	2023-03-07
Pretty URL ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp IP 52.74.144.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:04:04 Last Seen2023-03-07 17:04:04 Times Seen1 Hash 54da432bed1691930517f8b9f50e4f0f bfce9df5657849b74660a74c35aaa076cc1ed120 4688e4d3aed88a6e1d9d9d8998a7c7a0a1c353460711339c24d18b29c17a9138 Loading...

	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	74 B	2023-03-07	2024-04-19
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:03 Last Seen2024-04-19 02:52:19 Times Seen1171 Hash f45acdd570674b3cbfb341f472b50b79 54234db194e495f33df75c256c355be3ea927885 a0609519e75507a912342dfccd41b2775f8065ffa3a93662b7cec09e963dd824 Loading...

	loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D	9.8 kB	2023-03-07	2023-03-11
Pretty URL loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D IP 155.69.19.64 ASN #9419 Nanyang Technological University Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:28 Last Seen2023-03-11 09:23:24 Times Seen1 Hash a40698574b49fd44197e312cdf84fe42 70048634d27c5d65aabc304fd8117aa47f99dc36 8e8954bd5323910cd3c109adcd999a30bc7b1fec0d31dfe95448236e70b5b708 Loading...

	ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp	10 kB	2023-03-07	2023-03-07
Pretty URL ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp IP 52.74.144.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:04:04 Last Seen2023-03-07 17:04:48 Times Seen1 Hash f47a17defd51995ad5a9a130f0acdc53 a5dcc7aa09dd94557e688b3059185b4ce43e7faa 85d53f6861a9093de1fb907bfbc8ebf131f5e8d89e62c4121853bede3d5b0061 Loading...

	ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp	328 B	2023-03-07	2023-03-07
Pretty URL ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp IP 52.74.144.107 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:04:04 Last Seen2023-03-07 17:04:48 Times Seen1 Hash b548c9d3dc96b395ca193cef504aadd9 7f010014bfa26f68d2384fa649f971b7e78a7b6e fdc538188a4203f945cfbf46b2c49624a86dfa0d7b7045ca4a10bb9b4622c7a3 Loading...

HTTP Transactions (28)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2331
Expires: Thu, 15 Sep 2022 17:41:50 GMT
Date: Thu, 15 Sep 2022 17:02:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 16:10:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AGLrX7nPlGjHpwdBt-TBNk5cVUvsys5tApFChuGnvwPJzI3k8IJB6g==
Age: 3151

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8rqst5RQxNcNkjMYPsQJmv3J3ufEsLtNVeQXOAi6upLamdVzZVwfTg==
age: 44864
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 17:02:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 16:03:22 GMT
Expires: Thu, 15 Sep 2022 16:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qy36PL0lzoBMhh069yJZEl1wmvRH8nG8HPLSLuDMx5gpC1mDENQUqQ==
Age: 3578

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 17:03:00 GMT
Last-Modified: Thu, 15 Sep 2022 15:21:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp

52.74.144.107

301 Moved Permanently

175 B

URL HTTP/1.1
ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp
IP
52.74.144.107:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
175 B (175 bytes)
Hash
27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198

HTTP Headers

GET /webapps/blackboard/content/content_access_denied.jsp HTTP/1.1
Host: ntulearn.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Cache-control: no-cache="set-cookie"
Content-Type: text/html
Date: Thu, 15 Sep 2022 17:03:00 GMT
Location: https://ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp
Server: openresty/1.19.9.1
Set-Cookie: AWSELB=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358B84C544C88F6A24EE8FC664BFB9128D3FECADE3E2089CF22CA1E6702475F956ACDA1F2A5E5FBB642D3CB491CEEAA969E;PATH=/;MAX-AGE=900
Content-Length: 175
Connection: keep-alive

push.services.mozilla.com/

35.162.35.244

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.35.244:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eQY07x+n+KvpFhA+JRZcLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wia/iA2WZwOYHAPubtv8WMQs6GE=

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
89e9864a7c95b570f116ef8fc2acc953
91bc6f3df03bfd1bc6fecca61a3187d0d1e55e95
1d2b8f8e69239f6ae4ae9c9f3a8111bd43a574fc29c3f219dbfb366db353af1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 17:03:01 GMT
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xSwVEf0s-BoF7JG07oV6EyIcl-QtqHngP8S8rzO8rXDbjQxUyKufXA==

ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp

52.74.144.107

200

645 B

URL HTTP/1.1
ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp
IP
52.74.144.107:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
645 B (645 bytes)
Hash
632eac090d4169c65acd7c51a76a017a
012f46f675c0e65aa9a2b5b4dc4f422965c04204
99a5debf694737655ed969bd4e8f13771477e71105294e52feeba0158974cfbc

HTTP Headers

GET /webapps/blackboard/content/content_access_denied.jsp HTTP/1.1
Host: ntulearn.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 
Access-Control-Allow-Origin: https://ntulearn.ntu.edu.sg
Cache-Control: private, max-age=0, no-store, must-revalidate, no-cache="set-cookie"
Content-Encoding: gzip
Content-Language: en-US
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 15 Sep 2022 17:03:01 GMT
Expires: Wed, 15 Sep 2021 17:03:01 GMT
Last-Modified: Sun, 15 Sep 2002 17:03:01 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Server: openresty/1.19.9.1
Set-Cookie: JSESSIONID=74FCC252974610CACD17B24088BCEAD0; Path=/webapps/blackboard; Secure
AWSELB=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239;PATH=/;MAX-AGE=900
AWSELBCORS=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding, Origin
X-Blackboard-appserver: ip-10-144-230-241.ap-southeast-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.48.0-rel.16+b5a91c8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 645
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 17:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 17:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 17:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14211
Expires: Thu, 15 Sep 2022 20:59:53 GMT
Date: Thu, 15 Sep 2022 17:03:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9071 bytes)
Hash
1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:28 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 67054
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6770 bytes)
Hash
2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:04 GMT
age: 69658
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8447 bytes)
Hash
5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 6a307dbf-af18-4b40-a2c4-cda4a6e302d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLe84HUzIAMFkUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631adeb8-166dc8b954f4e5b50a0843de;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:35:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qQaQeJRgo5OcpjqbzgyZQCl-pYpvj6P_aoB07WGfV0YXyZqv4AQNCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:17 GMT
age: 69645
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9922 bytes)
Hash
3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: g4LYoK2-sx5QTvWPxwsh8yhHjOswmtzMB6d4N9YAvQOvspuvSFbJOA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:17:07 GMT
age: 67555
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9400 bytes)
Hash
4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0nTpbTo79RT78Sin1pTWaq4pRKWZyqnBkZCT2p66wWoW-A1OScJmIg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:09 GMT
age: 74513
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5078 bytes)
Hash
f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vlo8vCUrKDtvhAGHSYKMmPk-wVNgx9OlU3ZVrpgG0tgk8ZBllAtXNQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:58 GMT
age: 74464
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp

52.74.144.107

200

4.7 kB

URL HTTP/1.1
ntulearn.ntu.edu.sg/webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp
IP
52.74.144.107:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10216)
Size
4.7 kB (4740 bytes)
Hash
eeb86eb3da358a262aac8dacbf6ce52b
51c199743af51bad708f944dceb7ce548e95c9ba
ad43cfc8aede6e0d89367ca012e5792bb026150670913dad6b5a0e4485b011fb

HTTP Headers

GET /webapps/login/?new_loc=%2Fwebapps%2Fblackboard%2Fcontent%2Fcontent_access_denied.jsp HTTP/1.1
Host: ntulearn.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntulearn.ntu.edu.sg/webapps/blackboard/content/content_access_denied.jsp
Cookie: AWSELB=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239; AWSELBCORS=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Access-Control-Allow-Origin: https://ntulearn.ntu.edu.sg
Cache-Control: private, max-age=0, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 15 Sep 2022 17:03:01 GMT
Expires: Wed, 15 Sep 2021 17:03:01 GMT
Last-Modified: Sun, 15 Sep 2002 17:03:01 GMT
P3P: CP="CAO PSA OUR"
Pragma: private
Server: openresty/1.19.9.1
Set-Cookie: JSESSIONID=2B2DE298229F06AE71F37D1C885EDF96; Path=/webapps/login; Secure
BbRouter=expires:1663272181,id:2940D3CD1A4453AFDA42CC0F49919D45,signature:c0dc3022aa09fe096a28e820d06745d3cde6e28b504d77172290c86057384982,site:5ecaf6aa-60ca-4431-89e7-6ed4c720440d,v:2,xsrf:0bf2c8d3-09f0-4024-bca7-7bdd2405e343; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding, Origin
X-Blackboard-appserver: ip-10-144-230-241.ap-southeast-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.48.0-rel.16+b5a91c8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Length: 4740
Connection: keep-alive

ntulearn.ntu.edu.sg/auth-saml/saml/login?apId=_140_1&redirectUrl=https%3A%2F%2Fntulearn.ntu.edu.sg%2Fultra

52.74.144.107

302

0 B

URL HTTP/1.1
ntulearn.ntu.edu.sg/auth-saml/saml/login?apId=_140_1&redirectUrl=https%3A%2F%2Fntulearn.ntu.edu.sg%2Fultra
IP
52.74.144.107:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auth-saml/saml/login?apId=_140_1&redirectUrl=https%3A%2F%2Fntulearn.ntu.edu.sg%2Fultra HTTP/1.1
Host: ntulearn.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSELB=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239; AWSELBCORS=AF353DD51ACAD6EA1EB2E82BA1A40BB4F397A26358EEFBEDBA7C9236D4551269E0D28B34DE3857074CC82A9AAE54A3CD9B421B082970C5C00DE2142B655EF2F588EE7F5239; BbRouter=expires:1663272181,id:2940D3CD1A4453AFDA42CC0F49919D45,signature:c0dc3022aa09fe096a28e820d06745d3cde6e28b504d77172290c86057384982,site:5ecaf6aa-60ca-4431-89e7-6ed4c720440d,v:2,xsrf:0bf2c8d3-09f0-4024-bca7-7bdd2405e343
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 
Access-Control-Allow-Origin: https://ntulearn.ntu.edu.sg
Cache-Control: no-cache, no-store
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/octet-stream;charset=UTF-8
Date: Thu, 15 Sep 2022 17:03:02 GMT
Expires: Wed, 15 Sep 2021 17:03:02 GMT
Last-Modified: Sun, 15 Sep 2002 17:03:02 GMT
Location: https://loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Server: openresty/1.19.9.1
Set-Cookie: JSESSIONID=D892AD7BD33B7DBF4A27237B483D1B76; Path=/auth-saml/; Secure; SameSite=None
BbRouter=expires:1663263182,id:2940D3CD1A4453AFDA42CC0F49919D45,signature:4ae41cf46546964d403a6ec62df1b2b5ed6c1acb57c386326519c3362a5b4343,site:5ecaf6aa-60ca-4431-89e7-6ed4c720440d,v:2,xsrf:0bf2c8d3-09f0-4024-bca7-7bdd2405e343; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
X-Blackboard-appserver: ip-10-144-230-241.ap-southeast-1.compute.internal
X-Blackboard-product: Blackboard Learn &#8482; 3900.48.0-rel.16+b5a91c8
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1
Content-Length: 0
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1e3f5d22866800595d0d45a9a8ef6c03
57c37990ab2497330d0a862611d4928c03e344d4
213aae67dccb7b2c25d0032a36505e8f1d6e3ba50e365bc2523ef1cd96692f3a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 17:03:03 GMT
Server: ECS (amb/6B7E)
Content-Length: 471

loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D

155.69.19.64

200 OK

24 kB

URL HTTP/1.1
loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D
IP
155.69.19.64:0
ASN
#9419 Nanyang Technological University

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (1165), with CRLF line terminators
Size
24 kB (24171 bytes)
Hash
0dc6e93212be4c6aa61f44ab20d07337
56db9ca05dc4f8d18df7a950d8e8fbe019b2418e
82ab054ae58944196966989b5518da037ce3af9583d605c00fb76c3a39720656

Detections

Analyzer	Verdict	Alert
urlquery		Phishing website detected
urlquery		Phishing website detected

HTTP Headers

GET /adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D HTTP/1.1
Host: loginfs.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 24171
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Date: Thu, 15 Sep 2022 17:03:03 GMT

loginfs.ntu.edu.sg/adfs/portal/css/style.css?id=C79626372A57D1C2DC152305CEF983605F1D8B181D2BDF5667FE96AE50EBB6FD

155.69.19.64

200 OK

8.3 kB

URL HTTP/1.1
loginfs.ntu.edu.sg/adfs/portal/css/style.css?id=C79626372A57D1C2DC152305CEF983605F1D8B181D2BDF5667FE96AE50EBB6FD
IP
155.69.19.64:0
ASN
#9419 Nanyang Technological University

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
8.3 kB (8293 bytes)
Hash
a1709931f5b222ddf33cdf02876cf253
06cb64b71208e943b7df8fc27d2af35799198d79
c79626372a57d1c2dc152305cef983605f1d8b181d2bdf5667fe96ae50ebb6fd

HTTP Headers

GET /adfs/portal/css/style.css?id=C79626372A57D1C2DC152305CEF983605F1D8B181D2BDF5667FE96AE50EBB6FD HTTP/1.1
Host: loginfs.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 8293
Content-Type: text/css
Expires: Sat, 15 Oct 2022 17:03:04 GMT
ETag: C79626372A57D1C2DC152305CEF983605F1D8B181D2BDF5667FE96AE50EBB6FD
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 17:03:03 GMT

loginfs.ntu.edu.sg/favicon.ico

155.69.19.64

404 Not Found

315 B

URL HTTP/1.1
loginfs.ntu.edu.sg/favicon.ico
IP
155.69.19.64:0
ASN
#9419 Nanyang Technological University

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
315 B (315 bytes)
Hash
67932d4b695e1d6b19dfc2e3610761ff
a66898b36c94c53766e66c1a7aaeb149447ec083
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: loginfs.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 15 Sep 2022 17:03:03 GMT
Connection: close
Content-Length: 315

loginfs.ntu.edu.sg/adfs/portal/illustration/illustration.jpg?id=B7C8903CD3C14E0F2A647A3EA70A8B48D0C9E5DECDDE0C70355E750E86E510D0

155.69.19.64

200 OK

195 kB

URL HTTP/1.1
loginfs.ntu.edu.sg/adfs/portal/illustration/illustration.jpg?id=B7C8903CD3C14E0F2A647A3EA70A8B48D0C9E5DECDDE0C70355E750E86E510D0
IP
155.69.19.64:0
ASN
#9419 Nanyang Technological University

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1420x1080, components 3\012- data
Size
195 kB (195321 bytes)
Hash
9967c2412d306b359b83e984903583d5
ea97a4022d182a792cc61dc3f69cd30b10e854d8
b7c8903cd3c14e0f2a647a3ea70a8b48d0c9e5decdde0c70355e750e86e510d0

HTTP Headers

GET /adfs/portal/illustration/illustration.jpg?id=B7C8903CD3C14E0F2A647A3EA70A8B48D0C9E5DECDDE0C70355E750E86E510D0 HTTP/1.1
Host: loginfs.ntu.edu.sg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginfs.ntu.edu.sg/adfs/ls/?SAMLRequest=lVLRboIwFP2V5r4DBeKURjBuxszERSO4h70VKFIDrestZp8%2Fhpq5F5O9NG16zj33nnOns6%2B2IWdhUGoVg%2B9SIEIVupTqEMM%2BWzoTmCVT5G0TnNi8s7Xaic9OoCU9USG7%2FMTQGcU0R4lM8VYgswVL529rFriUnYy2utANkDmiMLaXetEKu1aYVJizLMR%2Bt46htvaEzPOU7RrBjXL7iyvKzsWDx3tl50fLG4403QBZ9F1Ixe3Q%2BY3c6INUFf7hlhV6DXpAltoUYhgihoo3KICsFjHwsMhlfhwXclQ%2BRX4dhBNZlZRGeVUfJ2EPwi1HlGfxS0PsxEqh5crGENAgcGjk%2BKPMHzMaMhq44Sj6ALK9jv4s1cXSRz7lFxCy1yzbOttNmgF5v0XTA%2BAaBBvUzX0Cjwvzm%2B2Q%2FM%2FkqXcvmFyffxch%2BQY%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=dtR3TGI1bkJC2qY%2FZ2M0%2F1JY4oJ4zqP8nWZL4E5y5Oo%2ByJr9WdL0rqlmlcKXx8VL1d8DXqd%2Bj5qxUEYpHm3V8tCWa6tdECbjctDIijIUOuDcN4QoDGhkeBrUzpwB4R9UrjNP2qmPzppzWE7evuVR%2BIS1PgQGqDG%2BRDWOO9mvCCbx7ds4CuvaN6kCT9d5yh0q%2BjpTz7yXnMnT2wCfZBuajImyaWGp9o1E2sVBJNahRs5X56do6l9GSWNPMvlr%2B2fqkAwsmtrriB%2FVaLnuGwRNjgIO%2F4bDiYi3GuffC2z2Hk7h0oyJEfUCnkXcF6Neb6E9wxwPytaH5VL%2BdHXC%2FWTAfA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 195321
Content-Type: image/jpg
Expires: Sat, 15 Oct 2022 17:03:04 GMT
ETag: B7C8903CD3C14E0F2A647A3EA70A8B48D0C9E5DECDDE0C70355E750E86E510D0
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 17:03:04 GMT

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
a05eafb022d09a0c88432fe018f2c325
b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rM-kSnE6-SpiiNFAEsMmAUgxlgMDYun5zKMwTqvnM1BQcryism74gA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:18 GMT
age: 69650
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations