Report - earal.qsu.edu.ph/login/forgot

Report Overview

Submitted URL
earal.qsu.edu.ph/login/forgot_password.php
IP
103.131.95.175
ASN
#17448 Web.com.ph Inc.
Submitted
2022-10-24 14:14:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
earal.qsu.edu.ph	unknown	2020-05-16T01:25:30Z	2022-12-21T22:11:15Z	18 kB	1.9 MB	103.131.95.175
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	329 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	34.215.107.141
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.3 kB	4.9 kB	142.250.74.35
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	1.2 kB	3.0 kB	142.250.74.10
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.1 kB	21 kB	142.250.74.174
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	61 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	1.5 kB	46 kB	216.58.207.195
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	758 B	2.8 kB	143.204.55.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-24	medium	earal.qsu.edu.ph/login/forgot_password.php	Malware
2022-10-24	medium	earal.qsu.edu.ph/login/forgot_password.php	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/requirejs.php/1643437361/theme_boost/loader.js	Malware
2022-10-24	medium	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js	6.5 kB	2023-03-07	2024-04-04
Pretty URL earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:52 Last Seen2024-04-04 13:55:12 Times Seen93 Hash 3917fb5f510c30f4a43c8d9652372d08 7b8f1f9f46d8b57644cf1e04d609c6a4abed4924 7d54882ec2e47c8a561f969a92d4694b9756c95bc2d02f8c1a03de8ea31fe3d8 Loading...

	earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js	280 kB	2023-03-07	2024-04-18
Pretty URL earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:49 Last Seen2024-04-18 12:28:14 Times Seen1430 Hash 11c05eb286ed576526bf4543760785b9 7faa15a054093f3b5d674e63b6567c835a6fa217 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55 Loading...

	earal.qsu.edu.ph/login/forgot_password.php	1.3 kB	2023-03-07	2024-04-06
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:43:49 Last Seen2024-04-06 10:47:23 Times Seen62 Hash e407f2118a844a4e7a8ceafdbec4530c c8054ef96c89b6d0ed2ea73fa2c7a7d4b8e173a6 24ae3334f4cd41ffdd2125db0357e6556a6a475b5698e1a63cc3b7400ba6d8da Loading...

	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-04-08
Pretty URL earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:43:49 Last Seen2024-04-08 13:09:10 Times Seen422 Hash bebd549d68e85f6f38a6807a693d018d 1b79ede0b4d00d9142b2ce3cb9f98201e59b58cb 76033adbf3f2858078c77c078677aa57ae48e98fd2de3ebb71baf646a110909e Loading...

	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js	18 kB	2023-03-07	2024-04-08
Pretty URL earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-08 13:09:10 Times Seen501 Hash 901890f127a81c136912ceb57c131305 ef4bd0e1c5d2dcb97265830feff005f682020a5d 244ff779cc4a0d32d8a21e1dceece94080b39c4b2c77ab5c0a772f333db71216 Loading...

	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js	13 kB	2023-03-07	2024-04-12
Pretty URL earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:00 Last Seen2024-04-12 15:41:26 Times Seen229 Hash 248f37358dd94120dc84da2938445449 d32ab818e0f97d3b0c80f5631fc23d8a0cb52795 c0d8568fe6f9d837f664000f1973f22009d776aabb49bd6daf692912825f6e28 Loading...

	earal.qsu.edu.ph/login/forgot_password.php	60 B	2023-03-07	2024-04-17
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-17 03:43:16 Times Seen1127 Hash dba70bf9335863dea2696ca9da069b01 adfc079c12684d419766c7732c35da693517a7f8 05f515ab150c8852191afb40be55373b5b5337d89d513e48b802293123361798 Loading...

	earal.qsu.edu.ph/login/forgot_password.php	1.1 kB	2023-03-10	2023-03-12
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2023-03-12 11:22:31 Times Seen1 Hash 27fc71297159e78181cd2dcf5f714f06 2b1c9ac65a49b2f29fdd21ce329d65a8bebfc77c 4a8779e619418245d603a6316cbd8803fdb4808590340bec034e6ac0099abab7 Loading...

	earal.qsu.edu.ph/login/forgot_password.php	8.1 kB	2023-03-10	2023-03-10
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2023-03-10 14:23:31 Times Seen1 Hash 5207a189f8ec96fcb3c503959b0e66b1 6b00c0c2399763b8c5bf5da5e223d292d6845abd f624e821b32cc22c6e56272c123b005a6bb233af7882140d3031204cbe29a03f Loading...

	earal.qsu.edu.ph/login/forgot_password.php	596 B	2023-03-09	2023-03-12
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:36:51 Last Seen2023-03-12 11:22:31 Times Seen1 Hash 9824c52323a4cf55e36c1c90c8998263 876908487cec9f6893e65c03e2e23bebe1ba0723 71800a30ffb0dfe854c1168c23a6b1e491a0a0c2576d1c52f3fc1da4c2d80060 Loading...

	earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js	8.8 kB	2023-03-08	2024-04-06
Pretty URL earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:44:25 Last Seen2024-04-06 13:34:59 Times Seen83 Hash bdfc704f9e02d95ef914c349c00a2bbf 154cc79139e5bfa638e03152d3bb05af0057d6c3 8b144241a7cda1841963daf5472aca7ee57ec3d0eda5531530b80d4255863aaf Loading...

	earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js	1.3 MB	2023-03-10	2023-03-12
Pretty URL earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2023-03-12 11:22:31 Times Seen1 Hash b6ad7c5dbafb39e0d519ed1e0f110110 d085c2e5c5b6d17275c46d0ddf56b23cb048f11e 05878e4fba54965feaf16be9afac2bfcbdf99303be6a7c2af4fa269232bed3b6 Loading...

	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js	18 kB	2023-03-07	2024-04-17
Pretty URL earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-17 03:43:17 Times Seen1594 Hash 1f53ac504f7e69a6df96140eed2d4df2 da00136dd3fd0ccab626d7555ccb5fdf1c096fad 9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2 Loading...

	earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js	1.3 MB	2023-03-07	2024-04-06
Pretty URL earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:52 Last Seen2024-04-06 13:34:59 Times Seen145 Hash f88b9753190e8ad76ec376f8ae5e171b ec024191a3b3a18d7526b2a6ea6386f18624dab9 11e41b878cb1c39486d94957eb80b2091c5ff2e2d92ac6561269575e568c19cb Loading...

	earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js	68 kB	2023-03-07	2024-04-06
Pretty URL earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:52 Last Seen2024-04-06 13:34:59 Times Seen164 Hash 407c52e64f57585b649f5b6253ce4066 957c027fdb09756be43dbb6b0a1e7da333411d4d 256bec25b9af2d719477bdceb5e24291a3e928e19970e7f639843323f9a8729c Loading...

	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js	4.7 kB	2023-03-07	2024-04-04
Pretty URL earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:52 Last Seen2024-04-04 13:55:12 Times Seen95 Hash 8bb968c520cf7c8187a56bbd3d40e4b9 f606ca9fb1ccd9db0118378e028e67627d7fc221 87d3c5e03355bf60f1603a860425b44d849425708463613a57c354a2b18405c1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-18 18:02:16 Times Seen1511 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js	99 kB	2023-03-07	2024-04-08
Pretty URL earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-08 13:09:10 Times Seen649 Hash 36842211132011a28a3ad07a62a629b1 624790be7f03f203771237170bfdf62e0186ae0f d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66 Loading...

	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js	22 kB	2023-03-07	2024-04-18
Pretty URL earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-04-18 19:01:09 Times Seen434 Hash 9fca67811a782b543e9e58f6f99e7b4c 1995c4362af7a8833ad206d9cfad88f9f9033b93 af44c83f737c501b3862145a4a30d18f780168a429f94c9a6ef90b71f464c858 Loading...

	earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js	2.8 kB	2023-03-07	2024-04-12
Pretty URL earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:52 Last Seen2024-04-12 15:41:26 Times Seen117 Hash 95606ec4ebfe3ce39a0570f531edd2ef e4b9b3b3cce5147123bcad93d697b921a50650f5 4716cba143c796ec52cb2a097d569aef24d42df2b959f9dde09379664846ad5c Loading...

	earal.qsu.edu.ph/login/forgot_password.php	670 B	2023-03-10	2023-03-10
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2023-03-10 14:23:31 Times Seen1 Hash 30caac7ad9f58e0bd74906f6e9138554 c05fff27bb8cc46f1bf05597c01685e926772897 787dda7ebca9d075fc44885ac817d3b3ac96c56e3cf17dbbf391cf9f041d590e Loading...

	earal.qsu.edu.ph/login/forgot_password.php	38 B	2023-03-08	2024-03-27
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:18:13 Last Seen2024-03-27 12:36:15 Times Seen20 Hash 2e2bb454e9c34be1d452d5b6a10aa181 78045d5348b6b0c465c1a4f6e8a49e153034b6b1 c9745ea167977e7a3cf3d78be0fcf13286f664ef96a82798bc36a03fbd27224f Loading...

	earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js	9.2 kB	2023-03-10	2024-03-17
Pretty URL earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2024-03-17 10:13:38 Times Seen31 Hash e0add48a4c36e9c563bb252adc284479 bfcae34f75976d26eb6b653990da20e1074be4ea d5945b8e3d41c63281a6af96b07bb7cacf913d444179400bc2aa7345f2d68c85 Loading...

	earal.qsu.edu.ph/login/forgot_password.php	13 kB	2023-03-10	2023-03-10
Pretty URL earal.qsu.edu.ph/login/forgot_password.php IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:23:31 Last Seen2023-03-10 14:23:31 Times Seen1 Hash 517c46814b50a7cc3b4660781a0583be 6422d1796991009a59b4b21744cdb1423fff5717 3c62acef022d76c6ee97afe669efbd1ee1a1d13d6c754fb7741bae9a3ae218be Loading...

	earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js	21 kB	2023-03-07	2024-04-08
Pretty URL earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js IP 103.131.95.175 ASN #17448 Web.com.ph Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-04-08 13:09:10 Times Seen939 Hash ac7f47cc5271b4115ac489f7a0d70737 bb091a4de18f4ffce0ba80668ed0427ae03001d0 ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f Loading...

HTTP Transactions (62)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 13:23:33 GMT
Expires: Mon, 24 Oct 2022 14:06:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zXOHMLhGsmlolqI7_D9oJe9f1cDUbUcAXPq6p_srBFuZ8fJKe0oF5w==
Age: 3071

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6208
Expires: Mon, 24 Oct 2022 15:58:12 GMT
Date: Mon, 24 Oct 2022 14:14:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Mon, 24 Oct 2022 16:50:57 GMT
Date: Mon, 24 Oct 2022 14:14:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: iHx439wm1bR83MpwcOpdVRva2LFPzy2eUWNpcolZEgV8R7Zne6H++TTI5VOoulgyiiaBwNLrArCeXTiL66iSpg==
x-amz-request-id: E8FYNTSMJVX5M162
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 14:08:33 GMT
age: 371
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 14:14:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 13:33:32 GMT
Expires: Mon, 24 Oct 2022 13:57:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PXv7Qi6UIVAuwlSvrhIOip70DEHQm04tTOqYIs8qLhEaH_8Mno-8rA==
Age: 2472

earal.qsu.edu.ph/login/forgot_password.php

103.131.95.175

301 Moved Permanently

258 B

URL HTTP/1.1
earal.qsu.edu.ph/login/forgot_password.php
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
258 B (258 bytes)
Hash
aa3e076c2545440a6903899243b3792d
82b7add6f18f4cd82e8a2cbb6f4d47cc96cbb92b
bd66af5843ff92758bcd66ec0217c7aaf752910b1fdf977b59070363db5b7969

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /login/forgot_password.php HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 14:14:45 GMT
Server: Apache
Location: https://earal.qsu.edu.ph/login/forgot_password.php
Content-Length: 258
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3193
Cache-Control: max-age=153913
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:45 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 08:59:58 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.215.107.141

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.107.141:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /q4sSl9uClV4iHIxb0r21g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YTtfofGrngraXed/23yFpyBdC3Y=

earal.qsu.edu.ph/login/forgot_password.php

103.131.95.175

200 OK

9.9 kB

URL HTTP/1.1
earal.qsu.edu.ph/login/forgot_password.php
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12138), with CRLF, LF line terminators
Size
9.9 kB (9903 bytes)
Hash
c123c79b2ced3f7b5c6a44bcc305df87
34fb5fed75b9c11015371bbeae0a55c840029b6c
e340a92f1d95b31497b9d527ebdf8b8d223036134ea9bcf6dd0300884b5c2042

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /login/forgot_password.php HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Language: en
Content-Script-Type: text/javascript
Content-Style-Type: text/css
X-UA-Compatible: IE=edge
Cache-Control: private, pre-check=0, post-check=0, max-age=0, no-transform
Pragma: no-cache
Expires: 
Accept-Ranges: none
X-Frame-Options: sameorigin
Set-Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9903
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U1Xa3qCT8SgSakuW_ts-fzukr1EsY1OWLxLOJbfqsuq7tCD13n7BPg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:49:47 GMT
age: 59099
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10639 bytes)
Hash
f1a2e95e4cdae92b60d0fde61c6c8312
fa110a433705597d1384e6d5dd0e757090dbe366
bfa8bc3faf60272c250c0b7d220c90bcf9f01267907dd81465ed0a6a4fda8fdc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e44a0c5-308b-4a3c-a704-fed082e5c701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10639
x-amzn-requestid: 983ddbdb-f97d-44dc-b502-6a555f50217f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDaEkBoAMFcRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b548-351c26ae42c01c94616d04b4;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J-VZLP51uG6onthE4ymBDhlNk5KtxsfX_sF-J_pjUHsr5mFrORdvwQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 58932
etag: "fa110a433705597d1384e6d5dd0e757090dbe366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F888df8db-5e36-4530-9f02-09268aefe1af.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12770 bytes)
Hash
9896b15d25725efe19642f3e70ec9103
9f030fdc38125b6b523b0d12571d666907a83f4d
88a74f5fd7e694aa473ff0b1a2cc7f2328738dc9acf5c61f2501877dc72ec9bb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F888df8db-5e36-4530-9f02-09268aefe1af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12770
x-amzn-requestid: c40e1251-15f4-486c-8744-af05d80ff14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelkxERXoAMFdvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b61e-1bb648e9150a5cb95d69b3c5;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:46:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FS_whBKHlTourjDSpHj_fRbNs3r1zsTU97BpxqWyKHL4XLoc7IWGgw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:52:34 GMT
age: 58932
etag: "9f030fdc38125b6b523b0d12571d666907a83f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4434 bytes)
Hash
f12f21779aa94b557db8037ceefd15b2
1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86
0d33ee5a721c2f940ff1e7d5fae9abba3781f6d37e458a36285718466ecdcd10

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: 41e95a27-2955-4224-8d2c-f12d1254cda7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0EQboAMFmMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-5cb99b700c84c99c2d9e52d7;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 49FYzrcMWfgHbe4smL20px9dbIcXIGCujJ6djuVRT3bEwCkBvgz7Iw==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:57 GMT
age: 59269
etag: "1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6843
Expires: Mon, 24 Oct 2022 16:08:49 GMT
Date: Mon, 24 Oct 2022 14:14:46 GMT
Connection: keep-alive

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f0cea17-2f8e-4f01-bdfc-54051ca7d7dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9549 bytes)
Hash
b3a1ed5537b0d648ce6e0ecb427a3230
2f85566b25b22ee703ba5348bce25434c83c69de
d35b1e39b8c6f1adc029eea8f3ffc911426aa49a87261fdb33a770e21ced69ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f0cea17-2f8e-4f01-bdfc-54051ca7d7dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9549
x-amzn-requestid: e1054150-7691-4446-bc6e-91a4fdccbdc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIvfRH0oIAMFkJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cf92e-41bd300b1693ad1b18368e22;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 06:41:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X42MkFQC36cQuD150QxORdiO3npJVwAJm8v56o6S4JULV3ttHsZ-1A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 16:21:20 GMT
age: 78806
etag: "2f85566b25b22ee703ba5348bce25434c83c69de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10072 bytes)
Hash
af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 57866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Audiowide:400,400i&subset=greek

142.250.74.10

200 OK

807 B

URL HTTP/2
fonts.googleapis.com/css?family=Audiowide:400,400i&subset=greek
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
807 B (807 bytes)
Hash
a16f563e582acd227a32f60db96397e1
8be5538bb310a697abda16c8dfc2d050157147a8
bcffdf38ee85684e71f0da26c14300caeee8d08220ecdd387544201208c926dc

HTTP Headers

GET /css?family=Audiowide:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css

103.131.95.175

200 OK

1.0 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (1965)
Size
1.0 kB (1031 bytes)
Hash
954717f56656e687295097c986703269
eacac549df0a6f873918b09c167f67683363484f
3736a081935aebfecde262efb24be923f7019e02c8719e12e8867bb581a84ebe

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.css HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:46 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "9b9cbb79c1192e9cb56160269e7434e0ac649341"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8

earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js

103.131.95.175

200 OK

5.1 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/polyfills/polyfill.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (17500), with no line terminators
Size
5.1 kB (5131 bytes)
Hash
d189e9a405ceb1d114e9be6cf80bfd1c
932d4caaa5cb6160f30e78e22537933432344541
fb1125608532bdcec008620a829b61cf55d91fd92f7135d97b6093635ddcf959

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/javascript.php/1643437361/lib/polyfills/polyfill.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "04e3a14024d9450bd232a6d0b1bf59aca55e2d35"
Last-Modified: Mon, 13 Jun 2022 01:48:28 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js

103.131.95.175

200 OK

34 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
Unicode text, UTF-8 text, with very long lines (34750), with NEL line terminators
Size
34 kB (34221 bytes)
Hash
a8da4866c35fec35e4ead0c273e5d8fe
cb422b31f1e5248f9eb4ac49355ddc2498a8fe08
f5a3a7a1a5fad47d3ba52273cee1e55ca7afd8c0cfed14d884571c347c41fbec

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/javascript.php/1643437361/lib/babel-polyfill/polyfill.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "94e42ac739a0c289442fcfbada99bbc606665c25"
Last-Modified: Mon, 13 Jun 2022 01:48:28 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js

103.131.95.175

200 OK

4.3 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/pace-min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (12534)
Size
4.3 kB (4344 bytes)
Hash
6f7aec4fb4ea1dd6a182f831c88372f5
0b8a5aef14209bf1fda07a931bb7047a4887c075
edc6854a29e9517f47d3bedcd7009f5d983a007b2fa24035c98f4a4b2b273103

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/theme_adaptable/pace-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="pace-min.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "b52ad9332333af2698a90f6e3999e87c9d27d576"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js

103.131.95.175

200 OK

1.4 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/tickerme.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
HTML document, ASCII text, with very long lines (557)
Size
1.4 kB (1354 bytes)
Hash
b40fa6389f385e59551fbd9e2184d202
e7950c03fdb67275b930eb7685159d94abc0e73f
db6bf5505216adbb474bac165423c9f9f532aee8ec67b1de8cb87acb3e279bc9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/theme_adaptable/tickerme.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="tickerme.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "8f8d99be88d3e220aa67f5e71da5d8f0bccb5144"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js

103.131.95.175

200 OK

6.3 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-flexslider-min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (21722)
Size
6.3 kB (6300 bytes)
Hash
e392d53e76bc53ed6997f5d9c2fe068f
4fb73b9e368ac600f70392dc835be58157850b00
ca7ec204cd062635abacc121b51d166650b8740e3d00dc738d071d04766dc9a1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/theme_adaptable/jquery-flexslider-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-flexslider-min.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "18070466d1401e18467178c0347e096121d50db1"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all

103.131.95.175

200 OK

141 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
141 kB (140767 bytes)
Hash
1be81fd95104c3caa2b125ae51493f12
ce74794787aedae2368b83fe69ed706952db090f
cd1e6de966b18295a1b6e12d49104e68b2783ed870fdaff174292ca24f351aba

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/styles.php/adaptable/1643437361_1/all HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:46 GMT
Server: Apache
Content-Disposition: inline; filename="styles.php"
Expires: Sun, 22 Jan 2023 14:14:46 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "c5f2cf0d4925a29a7a911cafe258baa806c7b149"
Last-Modified: Tue, 02 Aug 2022 02:26:47 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 18:53:39 GMT
expires: Tue, 17 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 588069
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js

103.131.95.175

200 OK

984 B

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/jquery-easing-min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (2532)
Size
984 B (984 bytes)
Hash
c21479b67e9cb6eb9931d30673ce0d2c
32299e2edc4b1f7c54f335f5df5f0c9bb6a7e456
640b20c17c935184a84773beac98c15822e9c8a472d933bb16b0c06be1e7bebb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/theme_adaptable/jquery-easing-min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-easing-min.js"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "1fb08b85c37798e624626a818c9a443abda410b8"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js

103.131.95.175

200 OK

2.4 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (309)
Size
2.4 kB (2365 bytes)
Hash
d000f5ef585e178609be905f518774c7
0eb892b5698a53810e2a5d1ad567f4cf86e48c88
e24e613a858deb6729c5915c026ad904e678cd6df4922f8cd51256d9789afde6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/theme_adaptable/adaptable_v2_1_1_2.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="adaptable_v2_1_1_2.js"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "96d19946611c228351f8f068cc546dfea2de8452"
Last-Modified: Fri, 15 Oct 2021 13:29:07 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js

103.131.95.175

200 OK

6.8 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/javascript-static.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
HTML document, ASCII text, with very long lines (1875)
Size
6.8 kB (6777 bytes)
Hash
9a4c20372f0c53bc61ac3c90d203776a
05879d8f0e082b0663c76e1c81ff2e368d8a09ae
b64e57b396514a45e7680e661271d0d86d880765c8faaf5655c6a19940bae6d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/javascript.php/1643437361/lib/javascript-static.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "126992c86a9e359fbfa3323365133928a2e98c49"
Last-Modified: Mon, 13 Jun 2022 01:48:30 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js

103.131.95.175

200 OK

6.7 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/requirejs/require.min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (17535)
Size
6.7 kB (6662 bytes)
Hash
d52d474e00d80d4373cf714f60707c21
74b5d832a55bf81a1b2fd875f83f022c5ffc7c3b
4f1792c3aac9ca2058376a43582f0d1fad13e602a5aeec4a1a6fb1803719ba99

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/javascript.php/1643437361/lib/requirejs/require.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:48 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "97fe90b45990bd4e2754f72bc3134bfbb6cd3455"
Last-Modified: Mon, 13 Jun 2022 01:48:30 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js

103.131.95.175

200 OK

83 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/jquery.php/core/jquery-3.4.1.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text
Size
83 kB (83282 bytes)
Hash
887e7aa43b9a5ad68077980977e33cb5
4ce78ac7e666a5476dc1679b47fef09e05c9f7e9
65a47a99884d21a84db009e89dc65f24724f722fc437034c74130c4732a6f776

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/jquery.php/core/jquery-3.4.1.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="jquery-3.4.1.js"
Expires: Sun, 22 Jan 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "9c10cf1ebb869206b52840ee8ae0a38a61dd7756"
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js

103.131.95.175

200 OK

289 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
HTML document, ASCII text
Size
289 kB (288720 bytes)
Hash
c8181f03171c4047651484fc206f8b4a
67369e1b7821d80094ad6e9e62ccd5e1fa85ef89
1d7d3f01e0909dce2ae3ec3659f0f5bf180d71fd60762e6198dca69a9667eddb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:47 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:47 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "8e0bc3eb6d64ef742569cc05b107bdc7fea200c4"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12608, version 1.0\012- data
Size
13 kB (12608 bytes)
Hash
b2d90c9a5d17242bc107ee6fb2bb0c65
d14417ba18f48c28d74c6788837a59f4b7967427
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc

HTTP Headers

GET /s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 16:05:03 GMT
expires: Sat, 21 Oct 2023 16:05:03 GMT
cache-control: public, max-age=31536000
age: 252586
last-modified: Mon, 11 Jul 2022 19:15:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14132, version 1.0\012- data
Size
14 kB (14132 bytes)
Hash
fa3af39df2341c8485dcffbd652140d1
46fe628036c4566d4fdd9d440195116718ae020e
e21fd195dd9dcdafc5a0f162a8fc252703f3683179861afb057cd58f9d27dbe5

HTTP Headers

GET /s/audiowide/v16/l7gdbjpo0cum0ckerWCdlg_O.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 01:26:06 GMT
expires: Thu, 19 Oct 2023 01:26:06 GMT
cache-control: public, max-age=31536000
age: 478123
last-modified: Tue, 19 Apr 2022 18:13:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js

103.131.95.175

200 OK

2.8 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text
Size
2.8 kB (2827 bytes)
Hash
241dbe55902ab21afd141026a201f6f8
7969d51307fdd8d059b63cbbde094c723a5b6f98
ba8938a2d70faeaff6c28593d8c576ce1cc05cb69d2295bbbdb1db13a4a0d599

HTTP Headers

GET /theme/yui_combo.php?m/1643437361/core/event/event-debug.js&m/1643437361/filter_mathjaxloader/loader/loader-debug.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:49 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "ec2cd27e7412dfd8abf5a1e6fca10ec1e8c1c182"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js

103.131.95.175

200 OK

2.6 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text
Size
2.6 kB (2615 bytes)
Hash
098df96c5741e88c5537cbc93713957b
340a49e91a43b51f3c4a6b38e05d5a3f64c56012
106c9ab859b9857213152a5bdfefe972b0b6c7d16246a0069849fa2e17b8556f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /theme/yui_combo.php?m/1643437361/core/formchangechecker/formchangechecker-debug.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:49 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "e79ec33ec1af310501917d742274d20b86d553d8"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg

103.131.95.175

200 OK

63 kB

URL HTTP/1.1
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 741x570, components 3\012- data
Size
63 kB (62666 bytes)
Hash
725ff07b7cd0a60e93215440adf95579
2c40cec7bd2ee48090b578c13def72361e1aeb87
38f86a7abbd85e9d8d87c2e58d991e6740499eb609cc5dc683da62e98d1c2497

HTTP Headers

GET /pluginfile.php/1/theme_adaptable/headerbgimage/1643437361/headerBG.jpg HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="headerBG.jpg"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:49 GMT
Pragma: 
Accept-Ranges: bytes
Etag: "2c40cec7bd2ee48090b578c13def72361e1aeb87"
Last-Modified: Sun, 09 Aug 2020 07:02:23 GMT
Content-Length: 62666
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

earal.qsu.edu.ph/theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0

103.131.95.175

200 OK

77 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /theme/font.php/adaptable/core/1643437361/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="fontawesome-webfont.woff2"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Etag: "6dced6b9ce4e1c73e07148c1fce85957c8b3c221"
Last-Modified: Mon, 13 Jun 2022 01:48:32 GMT
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/font-woff2

earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png

103.131.95.175

200 OK

176 kB

URL HTTP/1.1
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
PNG image data, 2152 x 1528, 8-bit colormap, non-interlaced\012- data
Size
176 kB (176491 bytes)
Hash
0fd5e9e022410326acffb848f22db39d
fe7043726c9d9c7f492a402ad5d02a1758a2514e
17932e0855c5e7fa71b49d2ec1ca6c710ba93ab1dea617b4419db0bb51e0b00a

HTTP Headers

GET /pluginfile.php/1/theme_adaptable/homebk/1643437361/bgvec1.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/theme/styles.php/adaptable/1643437361_1/all
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="bgvec1.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:49 GMT
Pragma: 
Accept-Ranges: bytes
Etag: "fe7043726c9d9c7f492a402ad5d02a1758a2514e"
Last-Modified: Wed, 14 Apr 2021 10:18:53 GMT
Content-Length: 176491
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png

103.131.95.175

200 OK

365 kB

URL HTTP/1.1
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
PNG image data, 900 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
365 kB (365379 bytes)
Hash
34adb72b7a7c6201e4dbe31d924203a8
9a8b5b3fa5da3decadcb237f8e2a8862c873fe28
539dd331a11c8d113c3cdca30b01131f0801c42a83b23bf510b9c6689dd5eb60

HTTP Headers

GET /pluginfile.php/1/theme_adaptable/logo/1643437361/logo%20with%20name1.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:48 GMT
Server: Apache
Content-Disposition: inline; filename="logo with name1.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:48 GMT
Pragma: 
Accept-Ranges: bytes
Etag: "9a8b5b3fa5da3decadcb237f8e2a8862c873fe28"
Last-Modified: Sun, 03 Oct 2021 13:21:24 GMT
Content-Length: 365379
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 24 Oct 2022 12:41:09 GMT
expires: Mon, 24 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5622
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 14:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j98&a=988738631&t=pageview&_s=1&dl=https%3A%2F%2Fearal.qsu.edu.ph%2Flogin%2Fforgot_password.php&ul=en-us&de=UTF-8&dt=Forgotten%20password&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=829956541&gjid=311246221&cid=1650662404.1666620890&tid=analyticstext1&_gid=6865361.1666620890&_r=1&_slc=1&z=1735903788 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://earal.qsu.edu.ph
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://earal.qsu.edu.ph
date: Mon, 24 Oct 2022 14:14:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js

103.131.95.175

200 OK

300 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/requirejs.php/1643437361/core/first.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (12050)
Size
300 kB (299667 bytes)
Hash
3eeee7a6745f482075864da47c5b7449
aba2541ec327f884623a57a0232f2c75c95ca513
9713dcdba300d975685abb749b96bd18a8b7b4981b62af2ffd85016e50282c84

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/requirejs.php/1643437361/core/first.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="requirejs.php"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "f3b46d9901c66810ac3d45d4f81537b7f27cee66"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png

103.131.95.175

200 OK

5.5 kB

URL HTTP/1.1
earal.qsu.edu.ph/pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
PNG image data, 462 x 478, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5506 bytes)
Hash
e28ec64530bd823c3fdef81edb9e2614
030d581cb057244dcd9e927546efa01949ad8351
6fd963beee64180092290e0861e1dc3d843e717ff39d160097afd1a176d89538

HTTP Headers

GET /pluginfile.php/1/theme_adaptable/favicon/1643437361/earal.png HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:51 GMT
Server: Apache
Content-Disposition: inline; filename="earal.png"
Cache-Control: public, max-age=5184000, no-transform
Expires: Fri, 23 Dec 2022 14:14:51 GMT
Pragma: 
Accept-Ranges: bytes
Etag: "030d581cb057244dcd9e927546efa01949ad8351"
Last-Modified: Fri, 15 Oct 2021 15:05:40 GMT
Content-Length: 5506
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

earal.qsu.edu.ph/lib/requirejs.php/1643437361/theme_boost/loader.js

103.131.95.175

200 OK

300 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/requirejs.php/1643437361/theme_boost/loader.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (12050)
Size
300 kB (299667 bytes)
Hash
3eeee7a6745f482075864da47c5b7449
aba2541ec327f884623a57a0232f2c75c95ca513
9713dcdba300d975685abb749b96bd18a8b7b4981b62af2ffd85016e50282c84

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/requirejs.php/1643437361/theme_boost/loader.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:49 GMT
Server: Apache
Content-Disposition: inline; filename="requirejs.php"
Expires: Sun, 22 Jan 2023 14:14:49 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "f3b46d9901c66810ac3d45d4f81537b7f27cee66"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js

103.131.95.175

200 OK

31 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (65451)
Size
31 kB (30681 bytes)
Hash
f93e3ed042f71e5f7fe68859936b38ef
69461b9374414ecdaa736061a4b302e81f0c7c89
24b2b2bb2c54222c3db2276e9989b6a027fa0d0469993b4b9332c68ce5c3e469

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /lib/javascript.php/1643437361/lib/jquery/jquery-3.4.1.min.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:51 GMT
Server: Apache
Content-Disposition: inline; filename="javascript.php"
Expires: Sun, 22 Jan 2023 14:14:51 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Etag: "c66a2dff61559ebc1f5513ad3b91a5a053a0dedb"
Last-Modified: Mon, 13 Jun 2022 01:48:05 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js

103.131.95.175

200 OK

15 kB

URL HTTP/1.1
earal.qsu.edu.ph/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
ASCII text, with very long lines (437)
Size
15 kB (14987 bytes)
Hash
968eef4e2bfe69b5bc52caa8093f624e
6b5916393ef4dec25be5533835ca64136183c411
8b242bd66a81b1ffbbd99008ad2a728e32675385f535b6d9c76498e15eb6b9d5

HTTP Headers

GET /theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel.js&3.17.2/event-resize/event-resize.js&3.17.2/event-hover/event-hover.js&3.17.2/event-touch/event-touch.js&3.17.2/event-move/event-move.js&3.17.2/event-flick/event-flick.js&3.17.2/event-valuechange/event-valuechange.js&3.17.2/event-tap/event-tap.js HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Content-Disposition: inline; filename="combo"
Expires: Thu, 19 Oct 2023 14:14:52 GMT
Pragma: 
Cache-Control: public, max-age=31104000, immutable
Accept-Ranges: none
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Last-Modified: Sun, 12 Jul 2020 10:13:02 GMT
Etag: "46d5bb3a7d68f80774585d734433ff833fade78e"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D

103.131.95.175

200 OK

104 B

URL HTTP/1.1
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
JSON data\012- , ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
bcc9eb8744878c89c4cda76a9d0ef9dd
c58d2c027bcf628a89f6a0e41f446ce24ebaf9ec
c279b9d541daa943ad84f72ff61fcc06cb0f0fe018d369b3149cf4a144a89396

HTTP Headers

GET /lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1650523249&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 104
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8

earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D

103.131.95.175

200 OK

945 B

URL HTTP/1.1
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
JSON data\012- , ASCII text, with very long lines (7959), with no line terminators
Size
945 B (945 bytes)
Hash
3bbc60ee24914ab217e3003abd813c44
88ec48b2222c6eb821b3169f54aef4939ba27441
8fac3640921e099ecea25379005c7f427d64af095f6b5c3461d322341a6e3dc9

HTTP Headers

GET /lib/ajax/service-nologin.php?info=7-method-calls&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_save_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_cancel%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22local%2Fmodal%2Falert%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A6%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22adaptable%22%2C%22lang%22%3A%22en%22%7D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 945
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8

earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D

103.131.95.175

200 OK

4.5 kB

URL HTTP/1.1
earal.qsu.edu.ph/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D
IP
103.131.95.175:0
ASN
#17448 Web.com.ph Inc.

File type
JSON data\012- , ASCII text, with very long lines (28317), with no line terminators
Size
4.5 kB (4464 bytes)
Hash
627cefb16ff15eae7e65f7261909fa75
e6ee10de8b7d230c448d7f21daa06e3351ae9edd
a40ac3c917161b0641dfe37951c1ae6127b0735a0bf72044c4845ee33ed8b106

HTTP Headers

GET /lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_map&cachekey=1643437361&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_map%22%2C%22args%22%3A%5B%5D%7D%5D HTTP/1.1
Host: earal.qsu.edu.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/login/forgot_password.php
Cookie: MoodleSession=b19ca28c041f67aad9a7109c233d7fca; _ga=GA1.3.1650662404.1666620890; _gid=GA1.3.6865361.1666620890; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 14:14:52 GMT
Server: Apache
Expires: Sun, 22 Jan 2023 14:14:52 GMT
Pragma: 
Cache-Control: public, max-age=7776000, immutable
Accept-Ranges: none
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4464
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8

fonts.googleapis.com/css?family=Open+Sans:400,400i&subset=greek

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400i&subset=greek
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab:400,400i&subset=greek

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab:400,400i&subset=greek
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto+Slab:400,400i&subset=greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earal.qsu.edu.ph/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 14:14:46 GMT
date: Mon, 24 Oct 2022 14:14:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations