Report - 13.95.18.34/Menaitech/application/hrms/mename/index.php

Report Overview

Submitted URL
13.95.18.34/Menaitech/application/hrms/mename/index.php
IP
13.95.18.34
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-12-06 10:34:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	73 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	25 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
13.95.18.34	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	939 kB	13.95.18.34
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.201.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed
2022-12-06	medium	13.95.18.34	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	13.95.18.34/Menaitech/application/hrms/mename/index.php	16 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen2 Hash abe7da3f9e5fa59775944bd7b7e0b8f2 809adfc3d6730bf603ab8ecfbc92e77a559c7f42 210e8c58aa6234a91fdb2e91b9157aaa671cbfff0808e64fc0ed288f25cc5cdb Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	124 B	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen2 Hash 368adf28db54ccc79e1f9572932c4626 83d5b40fa3eeb15033ccbde79dfa3dc13052a4e1 06c547dc6fe44059cb4179a40d9b2746580cd3f7450c195332390e1516a582cc Loading...

	13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688	79 kB	2023-03-07	2024-02-24
Pretty URL 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688 IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:53 Last Seen2024-02-24 13:51:44 Times Seen279 Hash 276acf5f04c4c60aaf73e66177dc43f7 e6bd5cac40ac66e20b5bbfa15643a11e1ba44185 12bf6d2de985f66c8cb90817012821f448c3251235fd5fdd856211196caa7cd7 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	210 B	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen2 Hash aa52e10e99743bbb31382a2c4bd12728 4007d7ae2dbbbe2cc6c47e8ecb6194f6e8be056b 44a25f7080bc023af0939b55e75ac2bab4162cc5ef7f0974f387527411f867a3 Loading...

	13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js	36 kB	2023-03-08	2024-01-31
Pretty URL 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2024-01-31 00:45:22 Times Seen22 Hash 7b1a3aa59293a6a5224a0e9b08f8c8d3 9bfd326d27653f109311227c1d53da07a3d83dc2 6b1112dd8b8bb2b4ef53ea28fedfccbe114a56be16c70203ef5fd0dab8574d23 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	43 B	2023-03-08	2023-12-20
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-20 11:07:12 Times Seen7 Hash 676c7e763711994479cfc281be312cf2 895af5485bedb9ec17157560126bf5e6e920aa67 999388300a0ac27315407f652fd5a3ceb82d51b648d0dca908ebce9e5354604e Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	29 B	2023-03-08	2023-03-08
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-03-08 20:15:08 Times Seen1 Hash 2c1da848834f9d9113fbc35a7052240f eb69ca5743507099cbcf9ea2642e14854d4e2eb1 240fd06e09e12db0bb3dc0919ff8d34898eb683ee4285955cd499bc47fb7006d Loading...

	13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js	8.1 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen2 Hash 1780cea5fa29ff1bd7c60dd04d8fbf1c 59ef5ea903cd74f6f5f3162443cbb7c380acbc27 fcc9b1da329d3b82182fe6627b76962e9c5e236ce2e2323c33dd883b2105cc6b Loading...

	13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532	56 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532 IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen4 Hash 86ddb5445cff9800ab001fc5236083e6 82c70556b72c6492c2c74b6005830ff75eaaa593 77f387f2f8ca0eea2a8c874fcbc4ac6772ef2851e366932ab2930b929a3bebd9 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	95 B	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen4 Hash 1365198ba21110e937fec7bf7151bc49 4f3b5f1cebb19ff4aec0746aca5d66d0f9c74acb bae2d1b40eac1d4a297994762c7e0d295eda00b030635ecf93337ff0f0f061ae Loading...

	13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596	70 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596 IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen4 Hash ab407bc9f2e40938ac9df378382047ad fcc2b33bd9ee8e74155d84d237cd435cdddd7691 0cf44effe9b328952050ddb03293afc5c48a25460309b9043c4766be19a19c97 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	3.5 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen2 Hash 399eab13de78aa75b113a813cbb2b22b 5ea5a4aa3603e20dc2ff0c703160fdd04d70b76b ab522fa4525817dae8d3bf90242d399e57e99c15389749f2d58c8ca94d5b69bb Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	1.4 kB	2023-03-08	2023-03-08
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-03-08 20:15:08 Times Seen1 Hash 449699d5edba2c7f1cf2a4f673574de0 0c34513fff474955c0d7e63033fe9ca6bbe44298 1f29c54566911ff6f5698df76e42bfd84351f6d2b01ceea24733895ae0cefa5a Loading...

	13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js	3.6 kB	2023-03-08	2024-03-11
Pretty URL 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2024-03-11 16:49:23 Times Seen18 Hash 0e3a9d3a733977ba391fc316099927d9 25e4cec74365c56114512e30129c7aafb31c3912 32339fe2cb7c05655b96948cd17c263fb07b72da5ea27797b4c1e016b7607a96 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	5.4 kB	2023-03-08	2023-03-08
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-03-08 20:15:08 Times Seen1 Hash 3ddcc838be652398fd4f2fb59eadb460 00c62adefb9784f9827a03f739dc134912b4510d e2087603451179206370eeb01de12f0b159574a41398a59abc1b64803718b843 Loading...

	13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376	14 kB	2023-03-08	2023-12-02
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376 IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-12-02 13:48:15 Times Seen4 Hash c55dc3a853c3f0f2f51c338891f77ca8 edda08ca79d29ddea0fe79cd77879aa267a4971b 1118a4d273b9c8ea26d13e5c572affe74c43f7774512be8466d69e56d826d90a Loading...

	13.95.18.34/Menaitech/application/hrms/mename/index.php	29 B	2023-03-08	2023-03-08
Pretty URL 13.95.18.34/Menaitech/application/hrms/mename/index.php IP 13.95.18.34 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:15:08 Last Seen2023-03-08 20:15:08 Times Seen1 Hash 17384ca601becd29d22202fcac77681f dcb6b2633a2a3a76b765ee568a35ef08e2577c01 12b300a43561982df9592b1a202b1a8bfe2325459e9712f157551c7e511d2622 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3794da0c409690d5d2fa3b487d21798e	74 kB	2023-03-08	2024-01-31
Pretty Observations First Seen2023-03-08 20:15:08 Last Seen2024-01-31 00:45:21 Times Seen14 Hash 3794da0c409690d5d2fa3b487d21798e 0d4d37f5cb7a0643e08329b59fee5c9088184551 dc9c3980bfae3e0d73750df899ccd513d9033641cf8774427eb72e4e0e6b0ee7 Loading...

HTTP Transactions (48)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11726
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 10:34:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6125
Cache-Control: max-age=92360
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:34:04 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:13:24 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 10:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 926
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11795
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 10:34:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: L1r3i+kpj5ii/lHOZu/kBhtKs3ttm6C0KEJ8jPPK8RHqNUglBk7Avz+7iyDLAU4S+Ttr9n+K4aA=
x-amz-request-id: AM6TVNZCG7765H4A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:48:53 GMT
age: 2711
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 10:34:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

13.95.18.34/Menaitech/application/hrms/mename/index.php

13.95.18.34

200 OK

48 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/index.php
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (15773), with CRLF, LF line terminators
Size
48 kB (47845 bytes)
Hash
28f12e5a7a1a9880863672820b6f13ca
51a455e8c028f0b2aebf3d5123357ac2d06322e8
da6158fe6c7c775befe7f007362f9524604063c18a91978460937860188a0eb6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/index.php HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=windows-1256
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 06 Dec 2022 10:34:04 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3; path=/
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:03 GMT
Content-Length: 47845

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688

13.95.18.34

200 OK

27 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (820), with CRLF line terminators
Size
27 kB (27241 bytes)
Hash
eb5f0d9b642eb9ccb5679a38817631ae
eec5ce787cea94a6ad622dbeb35a0fbc36f73fc6
f45873a3f882b7c52d765b3a960afe6fe5d99ce5b755748e4c6edff1ba6819b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 16:02:24 GMT
Accept-Ranges: bytes
ETag: "0a87a675f5d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 27241

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css

13.95.18.34

200 OK

6.2 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (350)
Size
6.2 kB (6221 bytes)
Hash
e320c613af638ff0a52128a7bc34647b
18d60a90e35d746e9114cb5471a6163da15235fc
dfe3b58d51ebc759d383504f4b6b86228602051e04acd25409ec87841eec58de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 6221

13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css

13.95.18.34

200 OK

597 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
597 B (597 bytes)
Hash
ff21d282958e8ba6d77bd367fe7e18eb
60202e6e22993f5d093b5ebc5654535041107759
c6901dceac33fd50cc039a583b303398a75051cd20593f70d0f9e697d25eecab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/lib/Style_ltr.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 25 Jul 2017 16:07:16 GMT
Accept-Ranges: bytes
ETag: "0528615605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 597

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js

13.95.18.34

200 OK

8.1 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text
Size
8.1 kB (8097 bytes)
Hash
6516449ed5089677ed3d7e2f11fc8942
82e40d060bc269a6dde20c3990ca5a4fea6ca754
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 8097

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js

13.95.18.34

200 OK

3.6 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (521)
Size
3.6 kB (3593 bytes)
Hash
0e3a9d3a733977ba391fc316099927d9
25e4cec74365c56114512e30129c7aafb31c3912
32339fe2cb7c05655b96948cd17c263fb07b72da5ea27797b4c1e016b7607a96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3593

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596

13.95.18.34

200 OK

15 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (757), with CRLF line terminators
Size
15 kB (15312 bytes)
Hash
9f134a725f7bb9aa3dd7c34167f1cc76
661dafb0e8692445773573d62fb2452051910ca7
743e313e638908252f39a6e48711795aac36b9638941555ac5e87180a5f55ef3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 10:20:48 GMT
Accept-Ranges: bytes
ETag: "00f31e6258d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 15312

13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376

13.95.18.34

200 OK

3.1 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (409), with CRLF line terminators
Size
3.1 kB (3075 bytes)
Hash
ba0aece35ea6ff02566248e24f791d29
c361e648784dbe27755c0cfc6f3a4844b1204de8
efcd20778b7d8fb58c56ce8b7a3f4eff212fb58e0c24586507ffdc2d799b4107

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 16:07:14 GMT
Accept-Ranges: bytes
ETag: "0255514605d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3075

13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532

13.95.18.34

200 OK

9.4 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (824), with CRLF line terminators
Size
9.4 kB (9426 bytes)
Hash
1845307b191762ff548a3c9b62a3ee08
b8b7c02385f1d309bbc527be7a9ecc36510c58a1
fa7dbc409becda3a6842b0a417e755d90e23caf1205fc8a079fa87ea226a30bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 05:32:28 GMT
Accept-Ranges: bytes
ETag: "03ebf472180d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 9426

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js

13.95.18.34

200 OK

36 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (35817)
Size
36 kB (36218 bytes)
Hash
7b1a3aa59293a6a5224a0e9b08f8c8d3
9bfd326d27653f109311227c1d53da07a3d83dc2
6b1112dd8b8bb2b4ef53ea28fedfccbe114a56be16c70203ef5fd0dab8574d23

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 36218

13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png

13.95.18.34

200 OK

233 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size
233 kB (233222 bytes)
Hash
d5ceca6db5251a60ed54a7e5533ca8a2
5159d5749b600b8251523a4d66148206d318139b
0e10a6c3f94beb85a2dfc3276370c2292a5e64485ee36c2ab8f805db2ff3a56c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 233222

13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png

13.95.18.34

200 OK

89 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size
89 kB (88957 bytes)
Hash
ee341688e041d92396fd3f3e1defca53
919aa705bb6fa452efbfc7d140b95c5971c37eae
f35e6c00aad4a2996fbd234acd6617e7bdbb3b637451a855107d3230ff736c89

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 88957

13.95.18.34/Menaitech/application/hrms/mename/lib/MainStyle.css

13.95.18.34

200 OK

12 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/lib/MainStyle.css
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
12 kB (12008 bytes)
Hash
d1c2980310ebd00041e23dcce305d87f
8e7a45015ca181e2e2476215275ad876ed00caba
f1f002aec53684b7b63bfce76be8b9f6f392193b7caa4456cc80fd4fa9217062

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/lib/MainStyle.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 10 Sep 2018 10:58:46 GMT
Accept-Ranges: bytes
ETag: "077e53ef548d41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 12008

13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png

13.95.18.34

200 OK

198 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size
198 kB (198436 bytes)
Hash
6fb60cbbff61543ac96a51a5b176fb58
b7d6e38dc9de1540127c6194aff247051959554d
fa2b9f3149c1fa701f95281d0804eb6337e999384e31695a257d72b1e6cde249

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 198436

13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png

13.95.18.34

200 OK

197 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size
197 kB (197203 bytes)
Hash
1dc1d6fc7f62b10517b7e2d3fe66ec04
f19fa7b7b629aaace8983c7dc7912b693af495a1
98465c7a453c67b11105599103b72596bfcd2fa180acd0ade95cae9d4434b62b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 197203

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 10:11:20 GMT
cache-control: public,max-age=3600
age: 1365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png

13.95.18.34

200 OK

2.9 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2939 bytes)
Hash
ccce8270143c612a4d0a10207458c70f
cdc10e2cd044eb46bbb6ad399463a6fc69465bf0
630ebe613036da4ea3744314c98737ffe609857924ce760a559007c581c868dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 2939

13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/logo.png

13.95.18.34

200 OK

21 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/logo.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 97 x 119, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21366 bytes)
Hash
f8e1f99cb1ce154b11c4502dabf4b9c7
391acac14286b6f005ba3fcf9a9d2f720d3b619a
e18d654eb74b52998182cf3b07a09f698c5f24d1a323cb6f28d0b3bb6a3d3210

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Index/MENA/logo.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 21366

13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png

13.95.18.34

200 OK

4.2 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 539 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4204 bytes)
Hash
a8dd84bc7bf0d02e3113610406c269f5
673bad3ed6648c4dfa10924d6e5b8a620c37b119
ec65db44acd9059c0c325220ff7b83638d22f98b01ff3d7a7850de88e94fbbfa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 4204

13.95.18.34/Menaitech/application/hrms/mename/images/Home/sign_in_button.png

13.95.18.34

200 OK

3.1 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/sign_in_button.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 90 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3079 bytes)
Hash
750d65b22e14225b058e36769b401faa
0749af2e88c9222e0684eea3fb609f487447c648
2b28e224d0696ebd22f63c5b268c74da6720c28f3fc329e080184c868806acd5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/sign_in_button.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3079

13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png

13.95.18.34

200 OK

7.2 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 539 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7217 bytes)
Hash
ab603cb8f4914cf650e90eea12c0dd9f
4e276169cc87f941123bae101457e03f26335394
3f1d0e43cf8078395a848a6ac70217ac365b5f6127a13b733f1602d9a72070ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 7217

13.95.18.34/Menaitech/application/hrms/mename/images/Home/input_shadow.png

13.95.18.34

200 OK

4.8 kB

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/input_shadow.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 202 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4809 bytes)
Hash
8a6b0f7aa8a8e0b7e748a0a8c2941a97
433771a3016692217804f4ce53527ef7666f152a
120e0e4aee147f45b8b610ce38ef84b7cfb3ac4ce4b70ff65c321adb780cd64f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/input_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 4809

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png

13.95.18.34

404 Not Found

0 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png

13.95.18.34

404 Not Found

0 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif

13.95.18.34

404 Not Found

0 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6112
Cache-Control: max-age=87279
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:34:05 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:48:44 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

13.95.18.34/favicon.ico

13.95.18.34

404 Not Found

0 B

URL HTTP/1.1
13.95.18.34/favicon.ico
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0

13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png

13.95.18.34

200 OK

922 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
922 B (922 bytes)
Hash
bd477a18fec81c9d9b69780d031fd2d6
7cb123992020611dd66e49b24e78a18f6b9110db
a3fe5fce429bde7796be56daa1810665718ba63cc8fa9741f699aaaa13441c4c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 922

push.services.mozilla.com/

52.41.201.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.201.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TTaiIa+wmkcXJ2TUkpvd7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tLeWOHxJKPoQ3w6t+hzpPla3j/c=

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22

34.102.187.140

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size
22 kB (21675 bytes)
Hash
c67dbf939f393c210bbf3724e21d9274
218a605e8d87de14c4ae55c1b8b9743acd1655a1
f396492694bebd6a961e1c4f8ccd7165b4392faba2358ded088c0146a70ac78c

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 06 Dec 2022 09:56:56 GMT
cache-control: public,max-age=3600
last-modified: Tue, 06 Dec 2022 09:52:16 GMT
content-type: application/json
age: 2230
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png

34.120.237.76

200 OK

18 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
18 kB (18490 bytes)
Hash
f4bbfe2037fd1658cad81b5b8e4d885c
9487451d24db59cc0f426410da2b55f94f3bb34b
2a124c75c6c90c5633f3538c8b84422262f81cb35d8f4cf4ed0032cc897a5ab9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 18490
x-amzn-requestid: f01c056f-b0bc-4833-9934-d0c37f4d701c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS4wE5NIAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6504-1111ee0221c3c4165a9ef2ab;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L83k-5N1ntWkhPbKsReH19NWajYEVyQSBQIKM6aSZSovDKHTYeXhUQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:52 GMT
age: 43395
etag: "9487451d24db59cc0f426410da2b55f94f3bb34b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 45586
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 45606
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10183 bytes)
Hash
99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:44 GMT
age: 45863
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4827 bytes)
Hash
73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 46338
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 44679
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png

13.95.18.34

200 OK

0 B

URL HTTP/1.1
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png
IP
13.95.18.34:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 107829

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations