firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 13:23:33 GMT
Expires: Mon, 24 Oct 2022 14:06:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zXOHMLhGsmlolqI7_D9oJe9f1cDUbUcAXPq6p_srBFuZ8fJKe0oF5w==
Age: 3071
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6208
Expires: Mon, 24 Oct 2022 15:58:12 GMT
Date: Mon, 24 Oct 2022 14:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Mon, 24 Oct 2022 16:50:57 GMT
Date: Mon, 24 Oct 2022 14:14:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iHx439wm1bR83MpwcOpdVRva2LFPzy2eUWNpcolZEgV8R7Zne6H++TTI5VOoulgyiiaBwNLrArCeXTiL66iSpg==
x-amz-request-id: E8FYNTSMJVX5M162
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 14:08:33 GMT
age: 371
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:14:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 13:33:32 GMT
Expires: Mon, 24 Oct 2022 13:57:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PXv7Qi6UIVAuwlSvrhIOip70DEHQm04tTOqYIs8qLhEaH_8Mno-8rA==
Age: 2472
earal.qsu.edu.ph/login/forgot_password.php
103.131.95.175301 Moved Permanently 258 B URL HTTP/1.1 earal.qsu.edu.ph/login/forgot_password.php
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aa3e076c2545440a6903899243b3792d
82b7add6f18f4cd82e8a2cbb6f4d47cc96cbb92b
bd66af5843ff92758bcd66ec0217c7aaf752910b1fdf977b59070363db5b7969
Analyzer Verdict Alert fortinet Malware
GET /login/forgot_password.php HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 14:14:45 GMT
Server: Apache
Location: https://earal.qsu.edu.ph/login/forgot_password.php
Content-Length: 258
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3193
Cache-Control: max-age=153913
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:45 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 08:59:58 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.107.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.107.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /q4sSl9uClV4iHIxb0r21g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YTtfofGrngraXed/23yFpyBdC3Y=
earal.qsu.edu.ph/login/forgot_password.php
103.131.95.175200 OK 9.9 kB URL HTTP/1.1 earal.qsu.edu.ph/login/forgot_password.php
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12138), with CRLF, LF line terminators
Hash c123c79b2ced3f7b5c6a44bcc305df87
34fb5fed75b9c11015371bbeae0a55c840029b6c
e340a92f1d95b31497b9d527ebdf8b8d223036134ea9bcf6dd0300884b5c2042
Analyzer Verdict Alert fortinet Malware
GET /login/forgot_password.php HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires:
Accept-Ranges: none
X-Frame-Options: sameorigin
Set-Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9903
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U1Xa3qCT8SgSakuW_ts-fzukr1EsY1OWLxLOJbfqsuq7tCD13n7BPg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:49:47 GMT
age: 59099
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1a2e95e4cdae92b60d0fde61c6c8312
fa110a433705597d1384e6d5dd0e757090dbe366
bfa8bc3faf60272c250c0b7d220c90bcf9f01267907dd81465ed0a6a4fda8fdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10639
x-amzn-requestid: 983ddbdb-f97d-44dc-b502-6a555f50217f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDaEkBoAMFcRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b548-351c26ae42c01c94616d04b4;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J-VZLP51uG6onthE4ymBDhlNk5KtxsfX_sF-J_pjUHsr5mFrORdvwQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 58932
etag: "fa110a433705597d1384e6d5dd0e757090dbe366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F888df8db-5e36-4530-9f02-09268aefe1af.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F888df8db-5e36-4530-9f02-09268aefe1af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9896b15d25725efe19642f3e70ec9103
9f030fdc38125b6b523b0d12571d666907a83f4d
88a74f5fd7e694aa473ff0b1a2cc7f2328738dc9acf5c61f2501877dc72ec9bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F888df8db-5e36-4530-9f02-09268aefe1af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12770
x-amzn-requestid: c40e1251-15f4-486c-8744-af05d80ff14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelkxERXoAMFdvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b61e-1bb648e9150a5cb95d69b3c5;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:46:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FS_whBKHlTourjDSpHj_fRbNs3r1zsTU97BpxqWyKHL4XLoc7IWGgw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 58932
etag: "9f030fdc38125b6b523b0d12571d666907a83f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f12f21779aa94b557db8037ceefd15b2
1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86
0d33ee5a721c2f940ff1e7d5fae9abba3781f6d37e458a36285718466ecdcd10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: 41e95a27-2955-4224-8d2c-f12d1254cda7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0EQboAMFmMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-5cb99b700c84c99c2d9e52d7;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 49FYzrcMWfgHbe4smL20px9dbIcXIGCujJ6djuVRT3bEwCkBvgz7Iw==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:57 GMT
age: 59269
etag: "1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f0cea17-2f8e-4f01-bdfc-54051ca7d7dd.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f0cea17-2f8e-4f01-bdfc-54051ca7d7dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3a1ed5537b0d648ce6e0ecb427a3230
2f85566b25b22ee703ba5348bce25434c83c69de
d35b1e39b8c6f1adc029eea8f3ffc911426aa49a87261fdb33a770e21ced69ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f0cea17-2f8e-4f01-bdfc-54051ca7d7dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9549
x-amzn-requestid: e1054150-7691-4446-bc6e-91a4fdccbdc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIvfRH0oIAMFkJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cf92e-41bd300b1693ad1b18368e22;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 06:41:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X42MkFQC36cQuD150QxORdiO3npJVwAJm8v56o6S4JULV3ttHsZ-1A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 16:21:20 GMT
age: 78806
etag: "2f85566b25b22ee703ba5348bce25434c83c69de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 57866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Audiowide:400,400i&subset=greek
142.250.74.10200 OK 807 B URL HTTP/2 fonts.googleapis.com/css?family=Audiowide:400,400i&subset=greek
IP 142.250.74.10:0
Hash a16f563e582acd227a32f60db96397e1
8be5538bb310a697abda16c8dfc2d050157147a8
bcffdf38ee85684e71f0da26c14300caeee8d08220ecdd387544201208c926dc
GET /css?family=Audiowide:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css
103.131.95.175200 OK 1.0 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (1965)
Hash 954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:46 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "9b9cbb79c1192e9cb56160269e7434e0ac649341"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js
103.131.95.175200 OK 5.1 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (17500), with no line terminators
Hash d189e9a405ceb1d114e9be6cf80bfd1c
932d4caaa5cb6160f30e78e22537933432344541
fb1125608532bdcec008620a829b61cf55d91fd92f7135d97b6093635ddcf959
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1643437361/lib/polyfills/polyfill.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "04e3a14024d9450bd232a6d0b1bf59aca55e2d35"
Last-Modified: Mon, 13 Jun 2022 01:48:28 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js
103.131.95.175200 OK 34 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Hash a8da4866c35fec35e4ead0c273e5d8fe
cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "94e42ac739a0c289442fcfbada99bbc606665c25"
Last-Modified: Mon, 13 Jun 2022 01:48:28 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js
103.131.95.175200 OK 4.3 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (12534)
Hash 6f7aec4fb4ea1dd6a182f831c88372f5
0b8a5aef14209bf1fda07a931bb7047a4887c075
edc6854a29e9517f47d3bedcd7009f5d983a007b2fa24035c98f4a4b2b273103
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/theme_adaptable/pace-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="pace-min.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "b52ad9332333af2698a90f6e3999e87c9d27d576"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js
103.131.95.175200 OK 1.4 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type HTML document, ASCII text, with very long lines (557)
Hash b40fa6389f385e59551fbd9e2184d202
e7950c03fdb67275b930eb7685159d94abc0e73f
db6bf5505216adbb474bac165423c9f9f532aee8ec67b1de8cb87acb3e279bc9
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/theme_adaptable/tickerme.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="tickerme.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "8f8d99be88d3e220aa67f5e71da5d8f0bccb5144"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js
103.131.95.175200 OK 6.3 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (21722)
Hash e392d53e76bc53ed6997f5d9c2fe068f
4fb73b9e368ac600f70392dc835be58157850b00
ca7ec204cd062635abacc121b51d166650b8740e3d00dc738d071d04766dc9a1
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/theme_adaptable/jquery-flexslider-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-flexslider-min.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "18070466d1401e18467178c0347e096121d50db1"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
103.131.95.175200 OK 141 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 141 kB (140767 bytes)
Hash 1be81fd95104c3caa2b125ae51493f12
ce74794787aedae2368b83fe69ed706952db090f
cd1e6de966b18295a1b6e12d49104e68b2783ed870fdaff174292ca24f351aba
Analyzer Verdict Alert fortinet Malware
GET /theme/styles.php/adaptable/1643437361_1/all HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Disposition: inline; filename="styles.php"
Expires: Sun, 22 Jan 2023 14:14:46 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "c5f2cf0d4925a29a7a911cafe258baa806c7b149"
Last-Modified: Tue, 02 Aug 2022 02:26:47 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 18:53:39 GMT
expires: Tue, 17 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 588069
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js
103.131.95.175200 OK 984 B URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (2532)
Hash c21479b67e9cb6eb9931d30673ce0d2c
32299e2edc4b1f7c54f335f5df5f0c9bb6a7e456
640b20c17c935184a84773beac98c15822e9c8a472d933bb16b0c06be1e7bebb
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/theme_adaptable/jquery-easing-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-easing-min.js"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "1fb08b85c37798e624626a818c9a443abda410b8"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js
103.131.95.175200 OK 2.4 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (309)
Hash d000f5ef585e178609be905f518774c7
0eb892b5698a53810e2a5d1ad567f4cf86e48c88
e24e613a858deb6729c5915c026ad904e678cd6df4922f8cd51256d9789afde6
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="adaptable_v2_1_1_2.js"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "96d19946611c228351f8f068cc546dfea2de8452"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js
103.131.95.175200 OK 6.8 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type HTML document, ASCII text, with very long lines (1875)
Hash 9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1643437361/lib/javascript-static.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "126992c86a9e359fbfa3323365133928a2e98c49"
Last-Modified: Mon, 13 Jun 2022 01:48:30 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js
103.131.95.175200 OK 6.7 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (17535)
Hash d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1643437361/lib/requirejs/require.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "97fe90b45990bd4e2754f72bc3134bfbb6cd3455"
Last-Modified: Mon, 13 Jun 2022 01:48:30 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js
103.131.95.175200 OK 83 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
Hash 887e7aa43b9a5ad68077980977e33cb5
4ce78ac7e666a5476dc1679b47fef09e05c9f7e9
65a47a99884d21a84db009e89dc65f24724f722fc437034c74130c4732a6f776
Analyzer Verdict Alert fortinet Malware
GET /theme/jquery.php/core/jquery-3.4.1.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-3.4.1.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "9c10cf1ebb869206b52840ee8ae0a38a61dd7756"
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js
103.131.95.175200 OK 289 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type HTML document, ASCII text
Size 289 kB (288720 bytes)
Hash c8181f03171c4047651484fc206f8b4a
67369e1b7821d80094ad6e9e62ccd5e1fa85ef89
1d7d3f01e0909dce2ae3ec3659f0f5bf180d71fd60762e6198dca69a9667eddb
Analyzer Verdict Alert fortinet Malware
GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:47 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "8e0bc3eb6d64ef742569cc05b107bdc7fea200c4"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12608, version 1.0\012- data
Hash b2d90c9a5d17242bc107ee6fb2bb0c65
d14417ba18f48c28d74c6788837a59f4b7967427
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
GET /s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 16:05:03 GMT
expires: Sat, 21 Oct 2023 16:05:03 GMT
cache-control: public, max-age=31536000
age: 252586
last-modified: Mon, 11 Jul 2022 19:15:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 14132, version 1.0\012- data
Hash fa3af39df2341c8485dcffbd652140d1
46fe628036c4566d4fdd9d440195116718ae020e
e21fd195dd9dcdafc5a0f162a8fc252703f3683179861afb057cd58f9d27dbe5
GET /s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 01:26:06 GMT
expires: Thu, 19 Oct 2023 01:26:06 GMT
cache-control: public, max-age=31536000
age: 478123
last-modified: Tue, 19 Apr 2022 18:13:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js
103.131.95.175200 OK 2.8 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
Hash 241dbe55902ab21afd141026a201f6f8
7969d51307fdd8d059b63cbbde094c723a5b6f98
ba8938a2d70faeaff6c28593d8c576ce1cc05cb69d2295bbbdb1db13a4a0d599
GET /theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:49 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "ec2cd27e7412dfd8abf5a1e6fca10ec1e8c1c182"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js
103.131.95.175200 OK 2.6 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
Hash 098df96c5741e88c5537cbc93713957b
340a49e91a43b51f3c4a6b38e05d5a3f64c56012
106c9ab859b9857213152a5bdfefe972b0b6c7d16246a0069849fa2e17b8556f
Analyzer Verdict Alert fortinet Malware
GET /theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:49 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "e79ec33ec1af310501917d742274d20b86d553d8"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg
103.131.95.175200 OK 63 kB URL HTTP/1.1 earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 741x570, components 3\012- data
Hash 725ff07b7cd0a60e93215440adf95579
2c40cec7bd2ee48090b578c13def72361e1aeb87
38f86a7abbd85e9d8d87c2e58d991e6740499eb609cc5dc683da62e98d1c2497
GET /pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="headerBG.jpg"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:49 GMT
Pragma:
Accept-Ranges: bytes
Etag: "2c40cec7bd2ee48090b578c13def72361e1aeb87"
Last-Modified: Sun, 09 Aug 2020 07:02:23 GMT
Content-Length: 62666
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
earal.qsu.edu.ph/theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0
103.131.95.175200 OK 77 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Etag: "6dced6b9ce4e1c73e07148c1fce85957c8b3c221"
Last-Modified: Mon, 13 Jun 2022 01:48:32 GMT
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/font-woff2
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png
103.131.95.175200 OK 176 kB URL HTTP/1.1 earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type PNG image data, 2152 x 1528, 8-bit colormap, non-interlaced\012- data
Size 176 kB (176491 bytes)
Hash 0fd5e9e022410326acffb848f22db39d
fe7043726c9d9c7f492a402ad5d02a1758a2514e
17932e0855c5e7fa71b49d2ec1ca6c710ba93ab1dea617b4419db0bb51e0b00a
GET /pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="bgvec1.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:49 GMT
Pragma:
Accept-Ranges: bytes
Etag: "fe7043726c9d9c7f492a402ad5d02a1758a2514e"
Last-Modified: Wed, 14 Apr 2021 10:18:53 GMT
Content-Length: 176491
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png
103.131.95.175200 OK 365 kB URL HTTP/1.1 earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type PNG image data, 900 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 365 kB (365379 bytes)
Hash 34adb72b7a7c6201e4dbe31d924203a8
9a8b5b3fa5da3decadcb237f8e2a8862c873fe28
539dd331a11c8d113c3cdca30b01131f0801c42a83b23bf510b9c6689dd5eb60
GET /pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="logo with name1.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:48 GMT
Pragma:
Accept-Ranges: bytes
Etag: "9a8b5b3fa5da3decadcb237f8e2a8862c873fe28"
Last-Modified: Sun, 03 Oct 2021 13:21:24 GMT
Content-Length: 365379
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 24 Oct 2022 12:41:09 GMT
expires: Mon, 24 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5622
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://earal.qsu.edu.ph
date: Mon, 24 Oct 2022 14:14:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js
103.131.95.175200 OK 300 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (12050)
Size 300 kB (299667 bytes)
Hash 3eeee7a6745f482075864da47c5b7449
aba2541ec327f884623a57a0232f2c75c95ca513
9713dcdba300d975685abb749b96bd18a8b7b4981b62af2ffd85016e50282c84
Analyzer Verdict Alert fortinet Malware
GET /lib/requirejs.php/1643437361/core/first.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="requirejs.php"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "f3b46d9901c66810ac3d45d4f81537b7f27cee66"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png
103.131.95.175200 OK 5.5 kB URL HTTP/1.1 earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type PNG image data, 462 x 478, 8-bit/color RGBA, non-interlaced\012- data
Hash e28ec64530bd823c3fdef81edb9e2614
030d581cb057244dcd9e927546efa01949ad8351
6fd963beee64180092290e0861e1dc3d843e717ff39d160097afd1a176d89538
GET /pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:51 GMT
Server: Apache
Content-Disposition: inline; filename="earal.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:51 GMT
Pragma:
Accept-Ranges: bytes
Etag: "030d581cb057244dcd9e927546efa01949ad8351"
Last-Modified: Fri, 15 Oct 2021 15:05:40 GMT
Content-Length: 5506
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
earal.qsu.edu.ph/lib/requirejs.php/1643437361/theme_boost/loader.js
103.131.95.175200 OK 300 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/requirejs.php/1643437361/theme_boost/loader.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (12050)
Size 300 kB (299667 bytes)
Hash 3eeee7a6745f482075864da47c5b7449
aba2541ec327f884623a57a0232f2c75c95ca513
9713dcdba300d975685abb749b96bd18a8b7b4981b62af2ffd85016e50282c84
Analyzer Verdict Alert fortinet Malware
GET /lib/requirejs.php/1643437361/theme_boost/loader.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="requirejs.php"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "f3b46d9901c66810ac3d45d4f81537b7f27cee66"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js
103.131.95.175200 OK 31 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (65451)
Hash f93e3ed042f71e5f7fe68859936b38ef
69461b9374414ecdaa736061a4b302e81f0c7c89
24b2b2bb2c54222c3db2276e9989b6a027fa0d0469993b4b9332c68ce5c3e469
Analyzer Verdict Alert fortinet Malware
GET /lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:51 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:51 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "c66a2dff61559ebc1f5513ad3b91a5a053a0dedb"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js
103.131.95.175200 OK 15 kB URL HTTP/1.1 earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type ASCII text, with very long lines (437)
Hash 968eef4e2bfe69b5bc52caa8093f624e
6b5916393ef4dec25be5533835ca64136183c411
8b242bd66a81b1ffbbd99008ad2a728e32675385f535b6d9c76498e15eb6b9d5
GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:52 GMT
Pragma:
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "46d5bb3a7d68f80774585d734433ff833fade78e"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
103.131.95.175200 OK 104 B URL HTTP/1.1 earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type JSON data\012- , ASCII text, with no line terminators
Hash bcc9eb8744878c89c4cda76a9d0ef9dd
c58d2c027bcf628a89f6a0e41f446ce24ebaf9ec
c279b9d541daa943ad84f72ff61fcc06cb0f0fe018d369b3149cf4a144a89396
GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 104
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D
103.131.95.175200 OK 945 B URL HTTP/1.1 earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type JSON data\012- , ASCII text, with very long lines (7959), with no line terminators
Hash 3bbc60ee24914ab217e3003abd813c44
88ec48b2222c6eb821b3169f54aef4939ba27441
8fac3640921e099ecea25379005c7f427d64af095f6b5c3461d322341a6e3dc9
GET /lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 945
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D
103.131.95.175200 OK 4.5 kB URL HTTP/1.1 earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D
IP 103.131.95.175:0
ASN #17448 Web.com.ph Inc.
File type JSON data\012- , ASCII text, with very long lines (28317), with no line terminators
Hash 627cefb16ff15eae7e65f7261909fa75
e6ee10de8b7d230c448d7f21daa06e3351ae9edd
a40ac3c917161b0641dfe37951c1ae6127b0735a0bf72044c4845ee33ed8b106
GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma:
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4464
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
fonts.googleapis.com/css?family=Open+Sans:400,400i&subset=greek
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i&subset=greek
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Slab:400,400i&subset=greek
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Slab:400,400i&subset=greek
IP 142.250.74.10:0
GET /css?family=Roboto+Slab:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2