Report - manqal.az/doc/login/

Report Overview

Submitted URL
manqal.az/doc/login/
IP
185.32.44.46
ASN
#200154 IZONE LLC
Submitted
2023-03-31 07:12:02
Access
public
Website Title
Final URL
Tags
microsoft
urlquery detections
Phishing - Microsoft

Detections

urlquery
12
Network Intrusion Detection
2
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
manqal.az	unknown	2022-07-07T18:51:54Z	2023-03-31T04:10:07Z	3.8 kB	501 kB	185.32.44.46
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-31T18:13:43Z	754 B	55 kB	69.16.175.10
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	1.0 kB	2.1 kB	142.250.74.131
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-31T18:17:08Z	836 B	16 kB	104.18.10.207
ka-f.fontawesome.com	3598	2019-12-17T07:36:13Z	2023-03-31T18:29:19Z	430 B	1.1 kB	172.64.169.22
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-31T20:45:08Z	390 B	917 B	104.18.10.207
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-31T18:42:09Z	416 B	7.2 kB	104.17.24.14
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.4 kB	6.2 kB	23.36.76.226
kit.fontawesome.com	1868	2019-12-16T20:51:31Z	2023-03-31T18:12:48Z	384 B	650 B	104.18.22.52
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-31T21:23:20Z	384 B	31 kB	142.250.74.42
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	35.163.49.154
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	61 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	401 B	630 B	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 07:11:51	medium	185.32.44.46	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
2023-03-31 07:11:51	medium	185.32.44.46	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-30	medium	manqal.az/doc/login/	Office365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	manqal.az/doc/login/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 11:00:50 Times Seen384602 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	manqal.az/doc/login/	12 kB	2023-03-07	2024-04-07
Pretty URL manqal.az/doc/login/ IP 185.32.44.46 ASN #200154 IZONE LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:48 Last Seen2024-04-07 08:08:42 Times Seen14 Hash b00c6f1893c889498a551cd83b4a9066 d4122d69b1feaba35806c4629d0a7485fd0e21ff 8ea26bd84e7be88694f98c10c9ffcd1dcb5787412adcfe093a9b03b9d21f885c Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 11:00:50 Times Seen263939 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 11:00:50 Times Seen106403 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 11:00:50 Times Seen111753 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-26
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 10:51:21 Times Seen244601 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 11:31:22 Times Seen137059 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	kit.fontawesome.com/585b051251.js	12 kB	2023-03-29	2023-05-30
Pretty URL kit.fontawesome.com/585b051251.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:25:47 Last Seen2023-05-30 17:52:02 Times Seen2010 Hash ea06eb8895068c285ad45d08b0cc340b acd969f9445f92ca352c703e4602442ae7b1853c bb735764ab1aefbec2633325db64f1a4cffbd7172524cdf29e8f4cbd897aff4d Loading...

HTTP Transactions (43)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5051
Expires: Fri, 31 Mar 2023 08:36:01 GMT
Date: Fri, 31 Mar 2023 07:11:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13608
Expires: Fri, 31 Mar 2023 10:58:38 GMT
Date: Fri, 31 Mar 2023 07:11:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 06:28:22 GMT
content-type: application/json
age: 2608
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11957
Expires: Fri, 31 Mar 2023 10:31:07 GMT
Date: Fri, 31 Mar 2023 07:11:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 3gw5KPmCH0JAIdDBNi9TWv1DrNkGnEjxZDJEAd2RaSeS/4H5XX7nLaq3chW7n+nuvA8VXIPXkD4=
x-amz-request-id: 9WYDP7ZB0DPMRCHB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 07:03:15 GMT
age: 515
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:11:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

manqal.az/doc/login/

185.32.44.46

200 OK

24 kB

URL HTTP/1.1
manqal.az/doc/login/
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
24 kB (23969 bytes)
Hash
4d8bab1664a6bd9a87653facf1beb9ba
6242fc071a6351b0e11c63a94f4d03aef098f840
020059c2840b2c7b5adcea72fe48fcb2a6a8a5ca172c19d3470082c0e81d282e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
openphish	Office365
fortinet	Malware

NIDS	Severity	Alert
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

HTTP Headers

GET /doc/login/ HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:50 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 17:51:12 GMT
Accept-Ranges: bytes
Content-Length: 23969
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

code.jquery.com/jquery-3.1.1.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680246711.dop068.sk1.t,1680246711.cds238.sk1.hn,1680246711.cds010.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

24 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://manqal.az
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680246711.dop222.sk1.t,1680246711.cds210.sk1.hn,1680246711.cds235.sk1.c
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://manqal.az
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12059254
expires: Wed, 20 Mar 2024 07:11:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc07%2BZr5i0HgYZoEmv1rw2KOvUptaXOPlZME6P%2BtYogNQxTNo95FmCFx%2ByENJccIyLnjHLcIDP5AgCOFos0wHn34mjQjn8aRILpHaURy2qVq0YXLfJWLvCwljr0nBRZU2Fjv1h0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b06c7d99c4e0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:11:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:11:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Mar 2023 09:53:30 GMT
expires: Fri, 29 Mar 2024 09:53:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 76701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

manqal.az/doc/login/css/hover.css

185.32.44.46

200 OK

115 kB

URL HTTP/1.1
manqal.az/doc/login/css/hover.css
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
ASCII text
Size
115 kB (114697 bytes)
Hash
fac4178c15e5a86139c662dafc809501
ef1481841399156a880ec31b07dda9cfaa1ace39
bb88454962767eb6f2ddb1aabaaf844d8a57de7e8f848d7f6928f81b54998452

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/css/hover.css HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Mon, 11 Jun 2018 19:44:34 GMT
Accept-Ranges: bytes
Content-Length: 114697
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:11:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

14 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48664)
Size
14 kB (14000 bytes)
Hash
ceec9ab322794ccb7d2578391558cefa
73a1fdee29f8436d56eebbd0f8f70e4627e9f5c8
243d2e56f4978cbe61762003f3670b9bf86b9334e9362caeffff17f3af8f6d9f

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://manqal.az
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c2cb1243b1f54d9125bd5f0a61a98976
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b06c7d96e38b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

manqal.az/doc/login/images/onedrive.png

185.32.44.46

200 OK

12 kB

URL HTTP/1.1
manqal.az/doc/login/images/onedrive.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 460 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11550 bytes)
Hash
56b5e8ef1616148572c8d7f6b1729550
292d09fb0a8be4163b49f8756b9af48b3f6fc2d2
eb30ccb0c4d8275620947780d68c61f93849c86c6085f100a7744b83328ac482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/onedrive.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 19:47:00 GMT
Accept-Ranges: bytes
Content-Length: 11550
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/yahoo1.png

185.32.44.46

200 OK

18 kB

URL HTTP/1.1
manqal.az/doc/login/images/yahoo1.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17931 bytes)
Hash
4458cd0a6df7deabdff0b99bd5905ec9
45a8b436d07d7ed7973b87a1c393d6973afe6fb5
aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/yahoo1.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 02:56:06 GMT
Accept-Ranges: bytes
Content-Length: 17931
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/aol1.png

185.32.44.46

200 OK

26 kB

URL HTTP/1.1
manqal.az/doc/login/images/aol1.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26456 bytes)
Hash
ec9cbc1048239b3927ad0276fc983019
17c27c038644bdb141381b606c7c94a177c07326
f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/aol1.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 02:45:40 GMT
Accept-Ranges: bytes
Content-Length: 26456
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/outlook1.png

185.32.44.46

200 OK

771 B

URL HTTP/1.1
manqal.az/doc/login/images/outlook1.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
771 B (771 bytes)
Hash
c3fc46c5799c76f9107504028f39190f
519096ad3f03410cf9ce3c9b9fcca6b439d97b23
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/outlook1.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 02:38:46 GMT
Accept-Ranges: bytes
Content-Length: 771
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/office3651.png

185.32.44.46

200 OK

18 kB

URL HTTP/1.1
manqal.az/doc/login/images/office3651.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18147 bytes)
Hash
a5cdadd60382e9ae6228121542eb1c2a
cec15f6470d0237569e931d7d11752b41ac5d8a3
71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/office3651.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 02:50:20 GMT
Accept-Ranges: bytes
Content-Length: 18147
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/gmail.png

185.32.44.46

200 OK

67 kB

URL HTTP/1.1
manqal.az/doc/login/images/gmail.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (66743 bytes)
Hash
dce2f2b0e50cb1dbb0246d152791cb46
d0a69c159304edc08db005163e7a0daf5a1e98a6
acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/gmail.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Tue, 14 Jan 2020 03:06:14 GMT
Accept-Ranges: bytes
Content-Length: 66743
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/other1.png

185.32.44.46

200 OK

22 kB

URL HTTP/1.1
manqal.az/doc/login/images/other1.png
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21882 bytes)
Hash
6843a244e12fab158aa189680b5e7049
0e1c691f87cc4fa35c88344974f2829c40176b70
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/other1.png HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 03:01:38 GMT
Accept-Ranges: bytes
Content-Length: 21882
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

manqal.az/doc/login/images/infoondrive.jpg

185.32.44.46

200 OK

62 kB

URL HTTP/1.1
manqal.az/doc/login/images/infoondrive.jpg
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 946x481, components 3\012- data
Size
62 kB (61990 bytes)
Hash
f9cde42e5567950935a44c6a4b103c40
e9c4a10389fbaa3cd4c25a5d00dfae6060549f58
d5a6b16241b54c1029551db26820dd95a660e029d8d7231f874152bebb0356ca

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/infoondrive.jpg HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 20:08:02 GMT
Accept-Ranges: bytes
Content-Length: 61990
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

manqal.az/doc/login/images/onedriveside2.jpg

185.32.44.46

200 OK

116 kB

URL HTTP/1.1
manqal.az/doc/login/images/onedriveside2.jpg
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
JPEG image data, baseline, precision 8, 1680x840, components 3\012- data
Size
116 kB (115788 bytes)
Hash
4687c98aff45fdffaeeaae07723169d2
507829cc920cdca1e70590af23b6caa12cc65ee6
a3198e1e49943e1ad5daa838136f81592427342d3e98001455f00cbf2f0f0d10

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /doc/login/images/onedriveside2.jpg HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Last-Modified: Wed, 21 Apr 2021 04:18:31 GMT
Accept-Ranges: bytes
Content-Length: 115788
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Backoff, Cache-Control, Last-Modified, Content-Length, Retry-After, Pragma, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 06:14:39 GMT
age: 3432
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5125
Expires: Fri, 31 Mar 2023 08:37:16 GMT
Date: Fri, 31 Mar 2023 07:11:51 GMT
Connection: keep-alive

push.services.mozilla.com/

35.163.49.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.49.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rQNQtz8mbJqQoyK/dR1e+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h/xg9Y69LT/y1t8uieht9PwKHSc=

manqal.az/favicon.ico

185.32.44.46

200 OK

18 kB

URL HTTP/1.1
manqal.az/favicon.ico
IP
185.32.44.46:0
ASN
#200154 IZONE LLC

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14572)
Size
18 kB (17783 bytes)
Hash
4a1b154cf6da2b6575a849aa3b2c4ff7
2126ee2d605f4526e06afc46531e6046c448d70d
f75871ac1179e8193220c31d9949a9fd64c5bfa26a7cdc990348b136ddcb7b4f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: manqal.az
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://manqal.az/doc/login/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:11:51 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19754
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 07:11:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19754
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 07:11:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19754
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 07:11:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 32087
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8358 bytes)
Hash
45a4bac8a91b725def9099fd6f720285
134ace682a567c7e385817c8f8af0d49acfde847
3d60e54132cbbba19ce8ad4bdf79a4b3b6ae74573f45bf4f080a283aa250b53c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8358
x-amzn-requestid: 8069495f-4ea5-4975-8369-fc4db9199774
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllH2fIAMFdlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-2e5418a132076d0569e30de6;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: z4Jd4oIn19s5lhDNYlrrh6RlxDz7mxCg1KJKUyFfJfqZsymvADn88g==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:02:05 GMT
age: 32988
etag: "134ace682a567c7e385817c8f8af0d49acfde847"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10706 bytes)
Hash
e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: cYDbU2yRL1y7tFVehv7XBDdywykpvl7kVurr1JvsGPTlYkmsOBwczg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:04:58 GMT
age: 32815
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9471 bytes)
Hash
809c8ac4f4ec3c118e43e401ff7f1570
5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29
5c8e37e45cabe2b53d654fb01f869846c282f53b36a8fdb3521992aedc96cf70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9471
x-amzn-requestid: 3882bb5f-32d0-451d-aeb2-ff6474747a14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVE_Gx_oAMFmsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6426021f-486afb1d6942e493158fe68a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:51 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0ovDSxobqvu97QXQme6M_kCrBD9Dyug4z5i6t1eyHFMuUc6H4pq5uw==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:05 GMT
age: 33948
etag: "5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 1636
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 32031
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://manqal.az/
Origin: http://manqal.az
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8a0d00c8697029a8a8411a2a06403ade.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
x-amz-cf-id: RuGihwtbgb8iKmjdh1meEOiMztVp5nwlBJgsyq_0TbYccK1DYCZZsw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvmcMkVJ7HNdSMb16ZYblxL6lo3LBKPCoIancSV1C61eFcbJZfavqzqjrFaK9ibl2%2F%2ByJdpx3kzorxTOtQHiqofrjJ64DgsKCNNBaGZW2NTGg4r1xeWQqvF82tXs7Y4NGSbCNxeSVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06c7db6a4a75d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 23290559
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b06c7d9ab1bb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://manqal.az
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0c98fd1b45f7663979e18499df2b0a9e
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b06c7d98e55b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/585b051251.js

104.18.22.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/585b051251.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://manqal.az
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:11:51 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F1Ezmnp0YG4eOs5N-1_h
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7b06c7d98c620b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Archivo+Narrow&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://manqal.az/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 07:11:51 GMT
date: Fri, 31 Mar 2023 07:11:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML