Report - menuco.com/

Report Overview

Submitted URL
menuco.com/
IP
64.187.239.229
ASN
#46261 QUICKPACKET
Submitted
2023-01-18 21:44:11
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	17 kB	104.17.24.14
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	17 kB	216.58.207.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.241.77
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
menuco.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	774 kB	64.187.239.229
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.8 kB	142.250.74.106
play.videoo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	362 B	67.219.148.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-18	medium	menuco.com/	Phishing
2023-01-18	medium	menuco.com/assets/js/base64.js	Phishing
2023-01-18	medium	menuco.com/assets/js/numbers2words.min.js	Phishing
2023-01-18	medium	menuco.com/assets/vendor/scrollreveal/scrollreveal.min.js	Phishing
2023-01-18	medium	menuco.com/assets/js/vendor/bootstrap/js/bootstrap.min.js	Phishing
2023-01-18	medium	menuco.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js	Phishing
2023-01-18	medium	menuco.com/assets/js/vendor/jquery.js	Phishing
2023-01-18	medium	menuco.com/assets/fonts/fontawesome-webfont.woff?v=4.2.0	Phishing
2023-01-18	medium	menuco.com/assets/images/bg/background.jpeg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	menuco.com/assets/js/base64.js	3.4 kB	2023-03-08	2024-01-27
Pretty URL menuco.com/assets/js/base64.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen37 Hash 0e08f39e85c80c407a60444bebeb82ce 68a52fb8d724589ccca05d8d670556d4b87d4a9e 7ed71baa47a20efe97a93699e3a6cff9ab3084422979e9017928c316f72a85c7 Loading...

	menuco.com/	39 B	2023-03-13	2023-03-13
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:33:32 Last Seen2023-03-13 02:33:32 Times Seen1 Hash 01fb9edab82f7862fa6d37713a62b2e8 a6e69d11f214b4e3cc26dc21e2c5327d320a495c 4b096fb9e3fac3025f08506eec412c55f3a5c3b2e7df4553098957b1af68efef Loading...

	menuco.com/	9.8 kB	2023-03-13	2023-03-13
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:33:32 Last Seen2023-03-13 02:33:32 Times Seen1 Hash 36f19f01b8f5cfacc780036f261c6469 f59fbc68b1640fb38e43356428f5bae196db523f 5d4110eb7cde3b554c803176c5b69388a90494dd10a19ca0a06a85d57fcbd504 Loading...

	menuco.com/assets/js/vendor/bootstrap/js/bootstrap.min.js	29 kB	2023-03-08	2024-01-27
Pretty URL menuco.com/assets/js/vendor/bootstrap/js/bootstrap.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen37 Hash c6e17711c76af125c14a958f1ea615b6 5bab8533f7cbfd72c9584d82cea927f237942205 56b8046a6dc65542cb3cdbc4a8da4268c64e33f25afd4ba8cb3bb76f55db910e Loading...

	menuco.com/assets/vendor/scrollreveal/scrollreveal.min.js	9.1 kB	2023-03-07	2024-01-31
Pretty URL menuco.com/assets/vendor/scrollreveal/scrollreveal.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:30 Last Seen2024-01-31 18:40:38 Times Seen182 Hash 5deb4348d63c0bfbce81c338d35db100 e7d5811bb79a7f27ebd7f4abb3213df9796a3361 4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417 Loading...

	menuco.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js	5.6 kB	2023-03-07	2024-04-19
Pretty URL menuco.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-19 11:36:08 Times Seen2660 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	menuco.com/assets/js/vendor/jquery.js	84 kB	2023-03-07	2024-04-15
Pretty URL menuco.com/assets/js/vendor/jquery.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-15 17:21:31 Times Seen1789 Hash 6631a779321bc03f4a5281d3ff526254 5be8bf17be5085d803dfcbe59f8d6e584b516679 797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js	5.0 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:29 Last Seen2024-04-18 04:29:25 Times Seen5237 Hash c8f50397e0560719c62a35318f413e16 a643db87287e6e940fbabe6d8cfee5a8775692d8 a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655 Loading...

	menuco.com/	294 B	2023-03-08	2024-01-27
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen19 Hash c9a21509d91075508a99647eb06cb7e9 f3ba0f0a310ed1b3dafb9c48aba34e1be17d6a52 06d4bd54f938961e1fb130de57cc439a901c476a8186b4c436ee3e892454f674 Loading...

	menuco.com/	387 B	2023-03-08	2024-01-27
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen19 Hash 8a6e87132adc9b640d2a405d0750264e 25fda769c2b375f2f445a0e74651b7971330fc6b 4096acee7611940c7a5ded3476ee762faea9a0f3489a47df1f7e3c4447ee8336 Loading...

	menuco.com/	933 B	2023-03-08	2024-01-27
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen20 Hash 02f97a0f2e5a38065ef10393f0e1153b 5e5f6e53e4dcc636305d5f74bd3de36a718d1d39 92356c4923d99a097cbe0ce9be0bfa57ecd0e3776b934c535de24408b31b5ed1 Loading...

	menuco.com/assets/js/numbers2words.min.js	21 kB	2023-03-08	2024-01-27
Pretty URL menuco.com/assets/js/numbers2words.min.js IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:14:35 Last Seen2024-01-27 10:22:35 Times Seen36 Hash a3706cd911e65ca964a60508942d2614 ef6f850f0790fab3b4acbef4a0782d60726788f3 11f05ca2184e34e772401d6f4b9ad7e4d4914bb66c775f0188c3632f62095434 Loading...

	menuco.com/	139 B	2023-03-08	2024-01-27
Pretty URL menuco.com/ IP 64.187.239.229 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:27:13 Last Seen2024-01-27 10:22:35 Times Seen20 Hash 63c55c1aae738f2e7533da310a0838ba 227454100e3bde28616aeb90f037d6dead0776da 0b685e2e5c5309137a70cae954118a2ce164a5bb4c2afe9e29aa8a1bf8969f6d Loading...

HTTP Transactions (48)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12698
Expires: Thu, 19 Jan 2023 01:15:37 GMT
Date: Wed, 18 Jan 2023 21:43:59 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11561
Expires: Thu, 19 Jan 2023 00:56:40 GMT
Date: Wed, 18 Jan 2023 21:43:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 21:34:28 GMT
content-type: application/json
age: 571
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11614
Expires: Thu, 19 Jan 2023 00:57:33 GMT
Date: Wed, 18 Jan 2023 21:43:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: g2tOB3yJ5KX16tru8LxRPuKIeb+rdH2/g8z2f5lcBpfStULQl3gJ+/5/Ul7oldr8llE7eHrJTS1/m17RLFTAfg==
x-amz-request-id: Y7618J92E9KXRZWF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 20:45:34 GMT
age: 3505
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 21:43:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

menuco.com/

64.187.239.229

200 OK

81 kB

URL HTTP/1.1
menuco.com/
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41239)
Size
81 kB (80889 bytes)
Hash
ff6c06c473277805d3fa124baa9ed315
2df48043a80858135d4ef6c0b0c6d0dd77abc3d2
c97817ef018a2c04ce9a889014a34cb34633d9618dd3b9c3d82898018b28fa71

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/7.4.19
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; expires=Wed, 18-Jan-2023 23:43:59 GMT; Max-Age=7200; path=/
webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D; expires=Wed, 18-Jan-2023 23:43:59 GMT; Max-Age=7200; path=/; httponly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://menuco.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 18 Jan 2023 21:43:59 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1041059
expires: Mon, 08 Jan 2024 21:43:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8ojC6z%2BNdM7UTtFAfTdSPR%2BxBoWl7VfEGOTHoFxjuX8MBlSt0rUPCA99e2A2jV61DppOdIGelnhX2Bftxb3KN3mHgqKt6mY%2BQ2lJQvNf%2F4uGRyW5afi7TIddmyvjql4TM%2F6tCUh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ba82660ebbb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,500,600

142.250.74.106

200 OK

592 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto:400,500,600
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
592 B (592 bytes)
Hash
4c9f004142907abfcb78fa28f3e305dc
d6a444ef9bef4047cf8cb4a78496ada194f133e9
4a3086509161796f66c5ebaba8065e74b2ec642697e8f461646f2609570bae85

HTTP Headers

GET /css?family=Roboto:400,500,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 18 Jan 2023 21:43:59 GMT
Date: Wed, 18 Jan 2023 21:43:59 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.24.14

200 OK

4.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://menuco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 18 Jan 2023 21:43:59 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2305289
expires: Mon, 08 Jan 2024 21:43:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l83I1OACaFJZBR5OyAq4alvzAiv%2FQhsQFWJy2OaLyOhfO6%2FhBEF1untcFOQY6Tipits7HhEWGfBr71GmOXF4%2F%2BoClIucwEHU4ubefYYDdtLK6IyBdfM9%2BQWhApYFG1602xosaefW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ba82661e11b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

104.17.24.14

200 OK

1.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (4862)
Size
1.4 kB (1399 bytes)
Hash
a08c3702f999b6cbd18c635f8e88421f
2938a9a742af0e1e7de5b58ad293c61d2838014b
3b512cbaa646370f0897e5e1e7cbab220a2382de70f24e994e88ef4f5121a39c

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://menuco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Jan 2023 21:43:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1399
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1359"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1138351
expires: Mon, 08 Jan 2024 21:43:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4SWeQWDBHYbRfgcRMEfLEzW9TMHZ%2Fj7C6TuiykAMp8GFo03gjy83VbZ9E32EtXI4Ue%2FaBnzjIC91fBWlwAPyjTMZQq3dm%2FSAslPZUCNeHG78mBwdwNq8PLq9a5NdWBOfoqDUfIi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ba82662e23b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

104.17.24.14

200 OK

1.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3201), with no line terminators
Size
1.5 kB (1541 bytes)
Hash
8e09ceb5490863a66cd2e83ca3d7e524
35e3d074516ec70c508d748f7ae01827bc0c28ba
cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9

HTTP Headers

GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://menuco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Jan 2023 21:43:59 GMT
content-type: text/css; charset=utf-8
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4124340
expires: Mon, 08 Jan 2024 21:43:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4P6H0%2B8azPAunOmlS4ORBuTOBe6szxql0qjbYEU3vg9yXa6gWyDSzyN%2BRmrbWYeGwgazJFMkCglOE%2BbU0LAfrw6ZNNbSjRSWTB4u11sygpB9ND5w7yWGclT7ptdvBhxFn0zQeEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ba82662e28b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 21:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

menuco.com/assets/css/search.css?v=2

64.187.239.229

200 OK

500 B

URL HTTP/1.1
menuco.com/assets/css/search.css?v=2
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
assembler source, ASCII text
Size
500 B (500 bytes)
Hash
57f56f905358037e78efb996652c806d
436f5f3ceb97ed2fe73aa7ef3069ae444138de2e
b6260924099ca1d94b7bf9f22b26225652719a1ea5d174511c6ea0d429375b11

HTTP Headers

GET /assets/css/search.css?v=2 HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Fri, 14 Jan 2022 19:28:29 GMT
ETag: "1f4-5d58fcebbb140"
Accept-Ranges: bytes
Content-Length: 500
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 21:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

menuco.com/assets/js/base64.js

64.187.239.229

200 OK

3.4 kB

URL HTTP/1.1
menuco.com/assets/js/base64.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text
Size
3.4 kB (3439 bytes)
Hash
0e08f39e85c80c407a60444bebeb82ce
68a52fb8d724589ccca05d8d670556d4b87d4a9e
7ed71baa47a20efe97a93699e3a6cff9ab3084422979e9017928c316f72a85c7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/base64.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Tue, 26 Apr 2022 16:02:53 GMT
ETag: "d6f-5dd90d3445feb"
Accept-Ranges: bytes
Content-Length: 3439
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/js/numbers2words.min.js

64.187.239.229

200 OK

21 kB

URL HTTP/1.1
menuco.com/assets/js/numbers2words.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Unicode text, UTF-8 text, with very long lines (20352)
Size
21 kB (20651 bytes)
Hash
a3706cd911e65ca964a60508942d2614
ef6f850f0790fab3b4acbef4a0782d60726788f3
11f05ca2184e34e772401d6f4b9ad7e4d4914bb66c775f0188c3632f62095434

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/numbers2words.min.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 24 Jul 2021 00:06:34 GMT
ETag: "50ab-5c7d34b064d99"
Accept-Ranges: bytes
Content-Length: 20651
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/vendor/scrollreveal/scrollreveal.min.js

64.187.239.229

200 OK

9.1 kB

URL HTTP/1.1
menuco.com/assets/vendor/scrollreveal/scrollreveal.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (9053), with no line terminators
Size
9.1 kB (9053 bytes)
Hash
5deb4348d63c0bfbce81c338d35db100
e7d5811bb79a7f27ebd7f4abb3213df9796a3361
4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/vendor/scrollreveal/scrollreveal.min.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 10 Sep 2017 23:38:15 GMT
ETag: "235d-558de4dcfc7c0"
Accept-Ranges: bytes
Content-Length: 9053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2

64.187.239.229

200 OK

61 kB

URL HTTP/1.1
menuco.com/assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (60003)
Size
61 kB (61166 bytes)
Hash
fdc62d3a74546b5b4cf660a8e8f7e1f7
25f47ced16bf81a472fce840daca479f2011228e
a5e92aae4cf3ce2638e69b043836402f38b9ef77905b2522bbee24cccf8eaebb

HTTP Headers

GET /assets/js/vendor/bootstrap/css/bootstrap.min.css?v=2 HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 12 Sep 2020 17:17:43 GMT
ETag: "eeee-5af20faadd169"
Accept-Ranges: bytes
Content-Length: 61166
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

menuco.com/assets/js/vendor/bootstrap/js/bootstrap.min.js

64.187.239.229

200 OK

29 kB

URL HTTP/1.1
menuco.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (28544)
Size
29 kB (28931 bytes)
Hash
c6e17711c76af125c14a958f1ea615b6
5bab8533f7cbfd72c9584d82cea927f237942205
56b8046a6dc65542cb3cdbc4a8da4268c64e33f25afd4ba8cb3bb76f55db910e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sat, 30 Apr 2016 00:40:06 GMT
ETag: "7103-531a900310580"
Accept-Ranges: bytes
Content-Length: 28931
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js

64.187.239.229

200 OK

5.6 kB

URL HTTP/1.1
menuco.com/assets/vendor/jquery-easing/1.3/jquery.easing.min.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
5.6 kB (5555 bytes)
Hash
3eac3c72434a0945b92dd4a01f7b6b4e
7767b356530e39cd76ec259320b0b2774b4097a8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/vendor/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Fri, 06 Oct 2017 22:27:54 GMT
ETag: "15b3-55ae85a182e80"
Accept-Ranges: bytes
Content-Length: 5555
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/js/vendor/jquery.js

64.187.239.229

200 OK

84 kB

URL HTTP/1.1
menuco.com/assets/js/vendor/jquery.js
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (32061)
Size
84 kB (84244 bytes)
Hash
6631a779321bc03f4a5281d3ff526254
5be8bf17be5085d803dfcbe59f8d6e584b516679
797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/jquery.js HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:43:59 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:32 GMT
ETag: "14914-530a5524bf500"
Accept-Ranges: bytes
Content-Length: 84244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

menuco.com/assets/css/fs2.css?v=1

64.187.239.229

200 OK

6.4 kB

URL HTTP/1.1
menuco.com/assets/css/fs2.css?v=1
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text
Size
6.4 kB (6385 bytes)
Hash
3f462268720c97f1fe3af283f0abaa69
75dbc429835d0a25c3c8b3634c0dbedd572bc2ec
1fbd0d474f222ea612627fe59ebae5fff908a8a26a49ff17decf419edecc2e93

HTTP Headers

GET /assets/css/fs2.css?v=1 HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 08 Nov 2021 23:54:41 GMT
ETag: "18f1-5d04fb76a2a2e"
Accept-Ranges: bytes
Content-Length: 6385
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 21:17:25 GMT
age: 1595
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oxygen:400,300,700

142.250.74.106

200 OK

390 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Oxygen:400,300,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
390 B (390 bytes)
Hash
606a38c3a9da6758a6b91ff97648c0bc
d79a479e1889893a57b4e980cdfcd150d227ade5
a6507cd38f0de1dca381d3431fdaf9920a572e614265f2fe19bd9fb60244c17c

HTTP Headers

GET /css?family=Oxygen:400,300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 18 Jan 2023 21:44:00 GMT
Date: Wed, 18 Jan 2023 21:44:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

menuco.com/assets/css/font-awesome.min.css

64.187.239.229

200 OK

22 kB

URL HTTP/1.1
menuco.com/assets/css/font-awesome.min.css
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with very long lines (21822)
Size
22 kB (21984 bytes)
Hash
feda974a77ea5783b8be673f142b7c88
b71d1c7c315b67c614563382d1c2a868ac14d729
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

HTTP Headers

GET /assets/css/font-awesome.min.css HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:26 GMT
ETag: "55e0-530a551f06780"
Accept-Ranges: bytes
Content-Length: 21984
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5966
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 21:44:00 GMT
Last-Modified: Wed, 18 Jan 2023 20:04:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16172, version 1.0\012- data
Size
16 kB (16172 bytes)
Hash
891cacadb2d3449b6f342f571dc743ae
e35ea255304a2981b27f6c2822eb4fd8eaa984d5
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

HTTP Headers

GET /s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://menuco.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16172
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 18 Jan 2023 02:36:42 GMT
Expires: Thu, 18 Jan 2024 02:36:42 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:30:51 GMT
Content-Type: font/woff2
Age: 68838

push.services.mozilla.com/

52.89.241.77

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.241.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g1q9/InZDOlsV5yb+VloDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LwT/HJamJh2aZL1uydOqeYp6jI8=

menuco.com/assets/images/whatsapp2.png

64.187.239.229

200 OK

64 kB

URL HTTP/1.1
menuco.com/assets/images/whatsapp2.png
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
PNG image data, 1447 x 522, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64316 bytes)
Hash
1ebbc3ecb77046b6565d7c5acf79b591
e848c7b8cd99fe5b4e0ccad23c807d547941da52
bfb43eed68d9909a3fc38c3af6db60a8cd5f393aa0228f8d867eab8a5f488a55

HTTP Headers

GET /assets/images/whatsapp2.png HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 22 Aug 2021 08:18:09 GMT
ETag: "fb3c-5ca218a71d240"
Accept-Ranges: bytes
Content-Length: 64316
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

menuco.com/assets/fonts/fontawesome-webfont.woff?v=4.2.0

64.187.239.229

200 OK

66 kB

URL HTTP/1.1
menuco.com/assets/fonts/fontawesome-webfont.woff?v=4.2.0
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Size
66 kB (65452 bytes)
Hash
d95d6f5d5ab7cfefd09651800b69bd54
7d65e0227d0d7cdc1718119cd2a7dce0638f151c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://menuco.com/assets/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Sun, 17 Apr 2016 02:51:28 GMT
ETag: "ffac-530a5520eec00"
Accept-Ranges: bytes
Content-Length: 65452
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff

menuco.com/assets/images/bg/background.jpeg

64.187.239.229

200 OK

89 kB

URL HTTP/1.1
menuco.com/assets/images/bg/background.jpeg
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1260x709, components 3\012- data
Size
89 kB (89054 bytes)
Hash
b5b478a49d1b4f9c9bcfb627b2461e72
2fd192ac33ed368a9f288bc20af4deb0c3a24559
69c184ce5536f053a088e8f8d251e8d71056a6c1ce9275d5ca2154d000aafa3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/images/bg/background.jpeg HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/assets/css/fs2.css?v=1
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Thu, 10 Sep 2020 20:10:41 GMT
ETag: "15bde-5aefb29a04c38"
Accept-Ranges: bytes
Content-Length: 89054
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

menuco.com/assets/images/Dave4.jpg

64.187.239.229

200 OK

225 kB

URL HTTP/1.1
menuco.com/assets/images/Dave4.jpg
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x1600, components 3\012- data
Size
225 kB (224849 bytes)
Hash
7e9db8f6a2f33f8cc065cdfc80ff8af7
80f2b64a30cfba32a3de8f53a9becbd71db80da3
e5fc193e6ad585007fd1d664e96042436a4a450c2310daf92c87aa1b316ebdcb

HTTP Headers

GET /assets/images/Dave4.jpg HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Tue, 17 Jan 2023 08:03:09 GMT
ETag: "36e51-5f271216d0f49"
Accept-Ranges: bytes
Content-Length: 224849
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

menuco.com/favicon.ico

64.187.239.229

200 OK

1.6 kB

URL HTTP/1.1
menuco.com/favicon.ico
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type
PNG image data, 20 x 18, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1634 bytes)
Hash
5e816413fff7b9f7b61fa2fe6f969849
782f0bf1f7d143b29b62e40d4fa42784d72c2b25
40be4fe03d735beb6cf5cde6e5cba64e2915d4314939cd4a107c5344af720fc6

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:01 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 07 Feb 2022 09:56:30 GMT
ETag: "662-5d76a9d6025ab"
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Thu, 19 Jan 2023 02:04:25 GMT
Date: Wed, 18 Jan 2023 21:44:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Thu, 19 Jan 2023 02:04:25 GMT
Date: Wed, 18 Jan 2023 21:44:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Thu, 19 Jan 2023 02:04:25 GMT
Date: Wed, 18 Jan 2023 21:44:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Thu, 19 Jan 2023 02:04:25 GMT
Date: Wed, 18 Jan 2023 21:44:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15624
Expires: Thu, 19 Jan 2023 02:04:25 GMT
Date: Wed, 18 Jan 2023 21:44:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5663 bytes)
Hash
4ec6c49f056e786896d54fe22c242391
cc6b64ff3f09853843b62e555456a1ad9f0909fb
42f0571efba18630c8deee17e98c6939a7050b04f613ad10515caf503e496b4d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5663
x-amzn-requestid: 9a1c75a4-1c8d-4bd2-b6ca-7fccb8b43c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gF5goAMFveA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-1d274e8074771db651e80979;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAxuQECVKx0dfc2UM_E_70nKN8za1SBN4opMWr_74gT5ScurgZGVLw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:46:36 GMT
age: 86245
etag: "cc6b64ff3f09853843b62e555456a1ad9f0909fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7741 bytes)
Hash
f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:17:05 GMT
age: 84416
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13111 bytes)
Hash
d134f7ac9a5ca8ab7a9461bd20706bb7
aa47af3e7517390d10e89f0f18237cfdcc63cbed
3431c8027f09bb284fe48ef8e4458fd43d8cc961250601b3028b83a7ba19f6ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13111
x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0MStGBBIAMFXag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:46 GMT
age: 63795
etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8889 bytes)
Hash
816accd72419764cabc1d038af58446c
ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08
d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8889
x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1eHMCoAMF4kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vPjapwQ2XBhjwPeNVzi3NQ0YSMyseKuyavdCo2CTFoxrRkiKXVu7lw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 85373
etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8853 bytes)
Hash
3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:29 GMT
age: 63812
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6454 bytes)
Hash
9200e43ca808b9ecec74828e03853d4c
3070340147ced46e5fdf73408272aa39391976fb
abdaedfc2da45180c463607686b20afd82113b78cfa78b0f28ab169b9858469b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d4770a8-c74a-4d56-b999-a0f191af3bf2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 79329eb3-8d89-423f-8626-32c5e2e2831a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gHpeoAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-5e859dc121cd322c6b684eee;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKl5JNASQseZsuX_yJtVaUT2TCY5lKIxjJ8QvhDIXDAkC8GwIRilYg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 85373
etag: "3070340147ced46e5fdf73408272aa39391976fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

play.videoo.com/VCall.webm

67.219.148.18

206 Partial Content

0 B

URL HTTP/1.1
play.videoo.com/VCall.webm
IP
67.219.148.18:0
ASN
#54455 MADEIT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /VCall.webm HTTP/1.1
Host: play.videoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://menuco.com/

HTTP/1.1 206 Partial Content
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (AlmaLinux) OpenSSL/1.1.1k
Last-Modified: Wed, 21 Dec 2022 22:29:20 GMT
ETag: "3bcba1-5f05e1572e8ae"
Accept-Ranges: bytes
Content-Length: 3918753
Content-Range: bytes 0-3918752/3918753
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: video/webm

fonts.googleapis.com/css2?family=Stardos+Stencil:wght@700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Stardos+Stencil:wght@700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Stardos+Stencil:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://menuco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 21:43:59 GMT
date: Wed, 18 Jan 2023 21:43:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

menuco.com/assets/images/animi_wp.gif

64.187.239.229

200 OK

0 B

URL HTTP/1.1
menuco.com/assets/images/animi_wp.gif
IP
64.187.239.229:0
ASN
#46261 QUICKPACKET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/images/animi_wp.gif HTTP/1.1
Host: menuco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://menuco.com/
Cookie: XSRF-TOKEN=eyJpdiI6IlFYOUVpd0VyTUc0TjBHVzc0d2pzSnc9PSIsInZhbHVlIjoiM2dsdmJHZWJQUnpcL2RmR3dMaTdBVEpmT3lWNTByQjFMTTliSndzamdIazJqaEthNmdDTXZFa0Zjak9PSmZ5MUkiLCJtYWMiOiIyZTJiYzQyODRkOWI3OTEwZjY1ZTg3MDIyYzcwNTYzY2Q5MmMwZjZhODdjZGJkM2VmZGQ1ZTA1YzBkOTRhZGFlIn0%3D; webflex_session=eyJpdiI6IlZnNlJwN1VUQm5ROEU2azJxMHBiTEE9PSIsInZhbHVlIjoidXFxUFdzTzMyTzlzRUlPNUx1aW5zTXQ3QkxUSHlnVldKeG5OYnZydUozVE8waVU3OXNNZjFkbEVUTWV2MDRlZiIsIm1hYyI6IjhjYTZjOGYwZDc0MzZlMWU2NTBkYmIxZmNhNDY0NTMyMjI4ZWU4MjE5YzBkYmU3NDhmODE1YmJmMTM1MmEzNWIifQ%3D%3D

HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 21:44:00 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Last-Modified: Mon, 02 May 2022 12:10:50 GMT
ETag: "8c410c-5de06487c14ba"
Accept-Ranges: bytes
Content-Length: 9191692
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML