r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11726
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 10:34:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6125
Cache-Control: max-age=92360
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:34:04 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:13:24 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 10:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 926
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11795
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 10:34:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L1r3i+kpj5ii/lHOZu/kBhtKs3ttm6C0KEJ8jPPK8RHqNUglBk7Avz+7iyDLAU4S+Ttr9n+K4aA=
x-amz-request-id: AM6TVNZCG7765H4A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:48:53 GMT
age: 2711
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 10:34:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
13.95.18.34/Menaitech/application/hrms/mename/index.php
13.95.18.34200 OK 48 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/index.php
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (15773), with CRLF, LF line terminators
Hash 28f12e5a7a1a9880863672820b6f13ca
51a455e8c028f0b2aebf3d5123357ac2d06322e8
da6158fe6c7c775befe7f007362f9524604063c18a91978460937860188a0eb6
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/index.php HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=windows-1256
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Tue, 06 Dec 2022 10:34:04 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3; path=/
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:03 GMT
Content-Length: 47845
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688
13.95.18.34200 OK 27 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (820), with CRLF line terminators
Hash eb5f0d9b642eb9ccb5679a38817631ae
eec5ce787cea94a6ad622dbeb35a0fbc36f73fc6
f45873a3f882b7c52d765b3a960afe6fe5d99ce5b755748e4c6edff1ba6819b6
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/Jquery/jq-1.2.6.js?dontcash=3340645688 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 16:02:24 GMT
Accept-Ranges: bytes
ETag: "0a87a675f5d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 27241
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
13.95.18.34200 OK 6.2 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (350)
Hash e320c613af638ff0a52128a7bc34647b
18d60a90e35d746e9114cb5471a6163da15235fc
dfe3b58d51ebc759d383504f4b6b86228602051e04acd25409ec87841eec58de
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 6221
13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css
13.95.18.34200 OK 597 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash ff21d282958e8ba6d77bd367fe7e18eb
60202e6e22993f5d093b5ebc5654535041107759
c6901dceac33fd50cc039a583b303398a75051cd20593f70d0f9e697d25eecab
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/lib/Style_ltr.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 25 Jul 2017 16:07:16 GMT
Accept-Ranges: bytes
ETag: "0528615605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 597
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js
13.95.18.34200 OK 8.1 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 6516449ed5089677ed3d7e2f11fc8942
82e40d060bc269a6dde20c3990ca5a4fea6ca754
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.easing.1.3.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 8097
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js
13.95.18.34200 OK 3.6 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (521)
Hash 0e3a9d3a733977ba391fc316099927d9
25e4cec74365c56114512e30129c7aafb31c3912
32339fe2cb7c05655b96948cd17c263fb07b72da5ea27797b4c1e016b7607a96
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.animate-colors-min.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3593
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596
13.95.18.34200 OK 15 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (757), with CRLF line terminators
Hash 9f134a725f7bb9aa3dd7c34167f1cc76
661dafb0e8692445773573d62fb2452051910ca7
743e313e638908252f39a6e48711795aac36b9638941555ac5e87180a5f55ef3
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/shared.js?dontcash=15032905596 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 10:20:48 GMT
Accept-Ranges: bytes
ETag: "00f31e6258d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 15312
13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376
13.95.18.34200 OK 3.1 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (409), with CRLF line terminators
Hash ba0aece35ea6ff02566248e24f791d29
c361e648784dbe27755c0cfc6f3a4844b1204de8
efcd20778b7d8fb58c56ce8b7a3f4eff212fb58e0c24586507ffdc2d799b4107
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/lib/formcheck.js?dontcash=6681291376 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 16:07:14 GMT
Accept-Ranges: bytes
ETag: "0255514605d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3075
13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532
13.95.18.34200 OK 9.4 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (824), with CRLF line terminators
Hash 1845307b191762ff548a3c9b62a3ee08
b8b7c02385f1d309bbc527be7a9ecc36510c58a1
fa7dbc409becda3a6842b0a417e755d90e23caf1205fc8a079fa87ea226a30bb
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/lib/form_actions.js?dontcash=5010968532 HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 05:32:28 GMT
Accept-Ranges: bytes
ETag: "03ebf472180d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 9426
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js
13.95.18.34200 OK 36 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (35817)
Hash 7b1a3aa59293a6a5224a0e9b08f8c8d3
9bfd326d27653f109311227c1d53da07a3d83dc2
6b1112dd8b8bb2b4ef53ea28fedfccbe114a56be16c70203ef5fd0dab8574d23
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/jquery.skitter.min.js HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 36218
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png
13.95.18.34200 OK 233 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size 233 kB (233222 bytes)
Hash d5ceca6db5251a60ed54a7e5533ca8a2
5159d5749b600b8251523a4d66148206d318139b
0e10a6c3f94beb85a2dfc3276370c2292a5e64485ee36c2ab8f805db2ff3a56c
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/evaluation.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 233222
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png
13.95.18.34200 OK 89 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Hash ee341688e041d92396fd3f3e1defca53
919aa705bb6fa452efbfc7d140b95c5971c37eae
f35e6c00aad4a2996fbd234acd6617e7bdbb3b637451a855107d3230ff736c89
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/request_managment.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 88957
13.95.18.34/Menaitech/application/hrms/mename/lib/MainStyle.css
13.95.18.34200 OK 12 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/lib/MainStyle.css
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash d1c2980310ebd00041e23dcce305d87f
8e7a45015ca181e2e2476215275ad876ed00caba
f1f002aec53684b7b63bfce76be8b9f6f392193b7caa4456cc80fd4fa9217062
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/lib/MainStyle.css HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/lib/Style_ltr.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 10 Sep 2018 10:58:46 GMT
Accept-Ranges: bytes
ETag: "077e53ef548d41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 12008
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png
13.95.18.34200 OK 198 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size 198 kB (198436 bytes)
Hash 6fb60cbbff61543ac96a51a5b176fb58
b7d6e38dc9de1540127c6194aff247051959554d
fa2b9f3149c1fa701f95281d0804eb6337e999384e31695a257d72b1e6cde249
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/collaboration.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 198436
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png
13.95.18.34200 OK 197 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 496 x 315, 8-bit/color RGB, non-interlaced\012- data
Size 197 kB (197203 bytes)
Hash 1dc1d6fc7f62b10517b7e2d3fe66ec04
f19fa7b7b629aaace8983c7dc7912b693af495a1
98465c7a453c67b11105599103b72596bfcd2fa180acd0ade95cae9d4434b62b
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/training.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 197203
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 10:11:20 GMT
cache-control: public,max-age=3600
age: 1365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png
13.95.18.34200 OK 2.9 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash ccce8270143c612a4d0a10207458c70f
cdc10e2cd044eb46bbb6ad399463a6fc69465bf0
630ebe613036da4ea3744314c98737ffe609857924ce760a559007c581c868dc
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Index/MENA/background_upper.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 2939
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/logo.png
13.95.18.34200 OK 21 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/logo.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 97 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash f8e1f99cb1ce154b11c4502dabf4b9c7
391acac14286b6f005ba3fcf9a9d2f720d3b619a
e18d654eb74b52998182cf3b07a09f698c5f24d1a323cb6f28d0b3bb6a3d3210
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Index/MENA/logo.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 21366
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png
13.95.18.34200 OK 4.2 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 539 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash a8dd84bc7bf0d02e3113610406c269f5
673bad3ed6648c4dfa10924d6e5b8a620c37b119
ec65db44acd9059c0c325220ff7b83638d22f98b01ff3d7a7850de88e94fbbfa
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Index/MENA/image_box_upper_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 4204
13.95.18.34/Menaitech/application/hrms/mename/images/Home/sign_in_button.png
13.95.18.34200 OK 3.1 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/sign_in_button.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 90 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 750d65b22e14225b058e36769b401faa
0749af2e88c9222e0684eea3fb609f487447c648
2b28e224d0696ebd22f63c5b268c74da6720c28f3fc329e080184c868806acd5
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/sign_in_button.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 3079
13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png
13.95.18.34200 OK 7.2 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 539 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash ab603cb8f4914cf650e90eea12c0dd9f
4e276169cc87f941123bae101457e03f26335394
3f1d0e43cf8078395a848a6ac70217ac365b5f6127a13b733f1602d9a72070ea
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Index/MENA/image_box_lower_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:12 GMT
Accept-Ranges: bytes
ETag: "0f82313605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 7217
13.95.18.34/Menaitech/application/hrms/mename/images/Home/input_shadow.png
13.95.18.34200 OK 4.8 kB URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/input_shadow.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 202 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a6b0f7aa8a8e0b7e748a0a8c2941a97
433771a3016692217804f4ce53527ef7666f152a
120e0e4aee147f45b8b610ce38ef84b7cfb3ac4ce4b70ff65c321adb780cd64f
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/input_shadow.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 4809
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png
13.95.18.34404 Not Found 0 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/prev.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png
13.95.18.34404 Not Found 0 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/next.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif
13.95.18.34404 Not Found 0 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/images/ajax-loader.gif HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6112
Cache-Control: max-age=87279
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:34:05 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:48:44 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
13.95.18.34/favicon.ico
13.95.18.34404 Not Found 0 B IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 0
13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png
13.95.18.34200 OK 922 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash bd477a18fec81c9d9b69780d031fd2d6
7cb123992020611dd66e49b24e78a18f6b9110db
a3fe5fce429bde7796be56daa1810665718ba63cc8fa9741f699aaaa13441c4c
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/images/transperant.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/DB/Include/Shared/js/plugins/imageSlider/skitter.styles.css
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:02:26 GMT
Accept-Ranges: bytes
ETag: "0d5ab685f5d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 922
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TTaiIa+wmkcXJ2TUkpvd7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tLeWOHxJKPoQ3w6t+hzpPla3j/c=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash c67dbf939f393c210bbf3724e21d9274
218a605e8d87de14c4ae55c1b8b9743acd1655a1
f396492694bebd6a961e1c4f8ccd7165b4392faba2358ded088c0146a70ac78c
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670320336974%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 06 Dec 2022 09:56:56 GMT
cache-control: public,max-age=3600
last-modified: Tue, 06 Dec 2022 09:52:16 GMT
content-type: application/json
age: 2230
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8996
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:34:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4bbfe2037fd1658cad81b5b8e4d885c
9487451d24db59cc0f426410da2b55f94f3bb34b
2a124c75c6c90c5633f3538c8b84422262f81cb35d8f4cf4ed0032cc897a5ab9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18490
x-amzn-requestid: f01c056f-b0bc-4833-9934-d0c37f4d701c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS4wE5NIAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6504-1111ee0221c3c4165a9ef2ab;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L83k-5N1ntWkhPbKsReH19NWajYEVyQSBQIKM6aSZSovDKHTYeXhUQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:52 GMT
age: 43395
etag: "9487451d24db59cc0f426410da2b55f94f3bb34b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 45586
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 45606
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:44 GMT
age: 45863
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 26ac5a48-3e41-4638-88d6-c94ba8b7a6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS3nFxPoAMFcpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64fd-28f8cb92130706e3652eb971;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUk1Nt1XioDColWXDiEZsL8BmFpyWaV5tRbsbmAiR6A2psM_Gx3j_A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 46338
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 44679
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png
13.95.18.34200 OK 0 B URL HTTP/1.1 13.95.18.34/Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png
IP 13.95.18.34:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert quad9 Sinkholed
GET /Menaitech/application/hrms/mename/images/Home/Theme/slider/inquiry.png HTTP/1.1
Host: 13.95.18.34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://13.95.18.34/Menaitech/application/hrms/mename/index.php
Cookie: mename%2F=e33sleuunu21eu5medceu8qpl3
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 25 Jul 2017 16:07:10 GMT
Accept-Ranges: bytes
ETag: "0cbf211605d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:34:05 GMT
Content-Length: 107829