Report - mbhadvisory.com/oqio/?1

Report Overview

Submitted URL
mbhadvisory.com/oqio/?1
IP
198.54.115.70
ASN
#22612 NAMECHEAP-NET
Submitted
2023-05-30 14:50:41
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-29	330 B	964 B	104.18.14.101
mbhadvisory.com	unknown	2015-10-15	2015-10-18	2023-05-24	14 kB	788 kB	198.54.115.70
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-29	2.7 kB	5.6 kB	142.250.74.3
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-29	426 B	48 kB	142.250.74.40
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-29	3.9 kB	190 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com

Quad9 DNS

Scan Date	Severity	Indicator
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com
2023-05-30	medium	mbhadvisory.com

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	mbhadvisory.com/	47 B	2023-03-07	2024-04-26
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-26 23:47:14 Times Seen6639 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	mbhadvisory.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.21.0	8.0 kB	2023-03-07	2024-04-26
Pretty URL mbhadvisory.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.21.0 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:46 Last Seen2024-04-26 01:27:53 Times Seen1941 Hash 984977dc184f8059f2a679b324893e4c d60a246ba584ba892a87bcf446e71d26adbcb91a 55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8 Loading...

	mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.3	6.4 kB	2023-03-12	2024-04-24
Pretty URL mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.3 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:06:50 Last Seen2024-04-24 15:15:08 Times Seen823 Hash eafdbde5c4e53432f48a58adc20b2c6b 98816b151f851d0a71e115f59474023793058e46 12a618537a5ecc700c5cd76816ded0793c5c369fa6d786ce82b7199e34b080a3 Loading...

	mbhadvisory.com/	739 B	2023-03-07	2024-04-26
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-26 17:01:32 Times Seen4220 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	mbhadvisory.com/	5.6 kB	2023-05-30	2023-05-31
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-31 15:42:40 Times Seen2 Hash b1783b6135ecb91569439d82e9d5a291 1f7dfcacde1658c12c9421f30ad9b3d70a640e5e 9b711fd96428a7ea932d32585f28b5008e5ed4ec85abc0a210b9a48f46f2c75e Loading...

	unknown	39 B	2023-04-11	2024-04-26
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 03:58:47 Last Seen2024-04-26 17:01:32 Times Seen2794 Hash 87b659c90b81604997dd06a67e8b773e bc13329ca575a3e32c93e0e1cf791f47f91b0c2f 1ac445488ebead2ed0b74a9c86ad76fa1a81f363806218afb2ae4aae5f127448 Loading...

	mbhadvisory.com/	369 B	2023-05-30	2023-05-31
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-31 15:42:40 Times Seen2 Hash 8e380f8605aa74683059ecbb6dc3893b 4074fa9e741f9b04c444c1bd4293cdba1fb53c15 3497bba039c313bbecf3457ff695eb098e9940b1f1464437a88106f908258f98 Loading...

	mbhadvisory.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6	13 kB	2023-03-29	2024-04-27
Pretty URL mbhadvisory.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17:20 Last Seen2024-04-27 01:53:12 Times Seen37948 Hash 5bc2b1fa970f9cecb3c30c0c92c98271 7c6bb87aaa24714b7b3b3c86dd932736a80270a9 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e Loading...

	mbhadvisory.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4	90 kB	2023-03-29	2024-04-26
Pretty URL mbhadvisory.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:52:25 Last Seen2024-04-26 13:31:33 Times Seen102886 Hash 0e850a69bc7fd0acc2e92ce6eee87959 8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Loading...

	mbhadvisory.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0	13 kB	2023-03-07	2024-04-26
Pretty URL mbhadvisory.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2024-04-26 13:31:33 Times Seen76210 Hash 5cfa2b481de6e87c2190a0e3538515d8 0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Loading...

	mbhadvisory.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0	274 kB	2023-04-28	2024-04-18
Pretty URL mbhadvisory.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 08:55:30 Last Seen2024-04-18 11:27:50 Times Seen1813 Hash d01712dc614e43de021a98920dfb7208 fd6bef0ce9eccf622cc89736a211f7585fa48074 124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b Loading...

	mbhadvisory.com/	215 B	2023-03-07	2024-04-27
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-27 00:16:41 Times Seen2242 Hash 1bb7b821b587959d4c0cc406c49077ff 2cb4827d5cd5a05729418b369019b9c1eb0798ed 1f93a5f6091369b8b6cdb7be01a6c7044ec8c3af0eeac05a5f0dfb3aea2a3e31 Loading...

	mbhadvisory.com/	366 B	2023-03-12	2024-04-27
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:06:50 Last Seen2024-04-27 00:16:42 Times Seen1554 Hash 0203838dba446c5041508bf7bac8571c 50520dc9862f9293f116c673b117ab5adb3439b7 533609a6035017a05159e1dd8e8f7edf67a320c836b3f6f6c375dc78cdefa02a Loading...

	mbhadvisory.com/	252 B	2023-05-30	2023-05-31
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-31 15:42:40 Times Seen2 Hash 221b2498e7642e5bee17e5373d0603da 26827a8dd195a4a902c9f114af1a4ef046871556 cedaa92954a908b6c89e63a96e18486903e19fd25e943d8c271c535fd93c1d53 Loading...

	mbhadvisory.com/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL mbhadvisory.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 02:03:49 Times Seen342523 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=UA-143942036-1	120 kB	2023-05-30	2023-05-30
Pretty URL www.googletagmanager.com/gtag/js?id=UA-143942036-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-30 16:50:42 Times Seen2 Hash 13761cc9729b69528e7acf524cb53fb2 94cb534cd5bcc64ade88f3777c8fad006440f3ba c8f003e38334cb42b9a55b08e4e4fa358c506e31d015424c9153b45841ac5151 Loading...

	mbhadvisory.com/	129 B	2023-05-30	2023-05-31
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-31 15:42:40 Times Seen2 Hash b83e24cf30a83e0a32ed1bf311a75584 365c490ebdd1f60ff114d2c2c548b666c6be14a0 3cac71995e1658db54da49b2274f297be26a6af31415708da58dcead89cbf597 Loading...

	mbhadvisory.com/	180 B	2023-03-07	2024-04-24
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-24 22:40:37 Times Seen3182 Hash 623d6f59f2a5b2ba62b39858ccdd3989 6a97f16eb9c49657c50eb392d761380915ffd423 dd2c61ba8e6b506df9729d254d5c12b3c0f9de99bb7e5dba5f7e58c15d729f89 Loading...

	mbhadvisory.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0	1.3 kB	2023-03-07	2024-04-26
Pretty URL mbhadvisory.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-26 17:01:32 Times Seen9495 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

	mbhadvisory.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6	10 kB	2023-03-29	2024-04-26
Pretty URL mbhadvisory.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:17:20 Last Seen2024-04-26 15:12:44 Times Seen26073 Hash 7be65ac27024c7b5686f9d7c49690799 241ada4a86443adc5623d1a3a8018a96d9de6d5a 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84 Loading...

	unknown	11 B	2023-04-10	2024-04-26
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02:06 Last Seen2024-04-26 17:01:32 Times Seen1491 Hash 55502d99942870d6241f351d1f2d737b e102e477fdd0f9474800a94b5df1fccbe6e02428 ba21d0e962fd67149deb3819bec5eb166d86ff32839869ab1d7ece80611d3254 Loading...

	mbhadvisory.com/	1.6 kB	2023-05-30	2023-05-30
Pretty URL mbhadvisory.com/ IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:50:42 Last Seen2023-05-30 16:50:42 Times Seen1 Hash f86818276ec03cea1638eb27f82946f4 1d4763bda176b7d36b029ae4cd2763edee7de50c 0fdca85aac9fc238fc359be8af4df99afdece75123f8bddee7a9db5b8d39274b Loading...

	unknown	38 B	2023-04-10	2024-04-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02:06 Last Seen2024-04-27 02:00:44 Times Seen13988 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	mbhadvisory.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1	12 kB	2023-03-07	2024-04-25
Pretty URL mbhadvisory.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1 IP 198.54.115.70 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-04-25 08:07:38 Times Seen5599 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 02:03:49 Times Seen342022 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (45)

URL IP Response Size

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
98475c88f72773ab63e1fc04fcbff358
77b905e5ef9330ee0a640171485bf52a82bd790e
96895a14a23920ff2dd2cb0dc8176ba6c5cc756fba745c61c99d1050791bfafe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 30 May 2023 14:50:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 27 May 2023 06:34:56 GMT
Expires: Sat, 03 Jun 2023 06:34:55 GMT
Etag: "77b905e5ef9330ee0a640171485bf52a82bd790e"
Cache-Control: max-age=315271,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf7ca061aef0afe-OSL

mbhadvisory.com/oqio/?1

198.54.115.70

302 Found

0 B

URL User Request GET HTTP/2
mbhadvisory.com/oqio/?1
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /oqio/?1 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-powered-by: PHP/7.4.33
location: /
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 30 May 2023 14:50:23 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-143942036-1

142.250.74.40

200 OK

47 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-143942036-1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (2271)
Size
47 kB (46896 bytes)
Hash
13761cc9729b69528e7acf524cb53fb2
94cb534cd5bcc64ade88f3777c8fad006440f3ba
c8f003e38334cb42b9a55b08e4e4fa358c506e31d015424c9153b45841ac5151

HTTP Headers

GET /gtag/js?id=UA-143942036-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 14:50:24 GMT
expires: Tue, 30 May 2023 14:50:24 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 May 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mbhadvisory.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6

198.54.115.70

200 OK

878 B

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text
Size
878 B (878 bytes)
Hash
0e4a098f3f6e3faede64db8b9da80ba2
65b9b3c849f3fbdd783ddbfb183616ff55c7ee53
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 17:23:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 878
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.9.3

198.54.115.70

200 OK

1.1 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.9.3
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (6739), with no line terminators
Size
1.1 kB (1065 bytes)
Hash
e6ec28fbb47b0e0f8627a32175ba2734
463620e1119ee44e5ab034b05809aad892ff6bb4
0524b3645acfcce3a567f9538920ed69a71649d7cac5f5d0ceaf68955c5e9643

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.9.3 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: text/css
last-modified: Wed, 12 Apr 2023 06:10:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1065
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/et-cache/108/et-divi-dynamic-108.css?ver=1684221391

198.54.115.70

200 OK

1.2 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/et-cache/108/et-divi-dynamic-108.css?ver=1684221391
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (6697)
Size
1.2 kB (1222 bytes)
Hash
a552e19b21f9dd76eb59881aa1a6b51e
02620db2390fc1b4666d1e41434332509dd597b8
ee54d5fc4d46e09c704a6cba0ddf308cada165c30493548035419da8bd98b97e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/et-cache/108/et-divi-dynamic-108.css?ver=1684221391 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: text/css
last-modified: Tue, 16 May 2023 07:16:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1222
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/themes/Divi-Child/style.css?ver=4.21.0

198.54.115.70

200 OK

296 B

URL GET HTTP/2
mbhadvisory.com/wp-content/themes/Divi-Child/style.css?ver=4.21.0
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text
Size
296 B (296 bytes)
Hash
252c0da43e76bfacd477bc3f6fef7041
f93b4ee1d0c37cc4226cd505b1c8b61b9cff18ae
436e09f43c321e8cbba2de42931344373a35ef6d6e0bfbb005aebced88f860b2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi-Child/style.css?ver=4.21.0 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: text/css
last-modified: Thu, 06 Jun 2019 06:50:15 GMT
accept-ranges: bytes
content-length: 296
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1

198.54.115.70

200 OK

3.0 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1577)
Size
3.0 kB (3016 bytes)
Hash
a76f61318af036823b08d73536486be6
31ff9b215dcef9151b9f4fc50ea91a9df1962102
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: application/javascript
last-modified: Wed, 12 Apr 2023 06:10:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3016
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/et-cache/108/et-core-unified-deferred-108.min.css?ver=1684224676

198.54.115.70

200 OK

651 B

URL GET HTTP/2
mbhadvisory.com/wp-content/et-cache/108/et-core-unified-deferred-108.min.css?ver=1684224676
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (3591), with no line terminators
Size
651 B (651 bytes)
Hash
23af697bffd55b9e6dff117af567209f
7016d33fa20e9342fa206d043e05414ac81b9290
84594826d032ae6e3f0b134eb726fba597c6a0814a93f79771149f9edc64bc44

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/et-cache/108/et-core-unified-deferred-108.min.css?ver=1684224676 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: text/css
last-modified: Tue, 16 May 2023 08:11:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 651
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mbhadvisory.com/wp-content/uploads/2020/02/MBH-logo.png

198.54.115.70

200 OK

24 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2020/02/MBH-logo.png
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
PNG image data, 331 x 117, 8-bit/color RGB, interlaced\012- data
Size
24 kB (23517 bytes)
Hash
9a9525dd990973dbef8d533e52c429aa
cc2bf17ee1a5544ebccc760754b59a9e6289410c
31cf6a5110842e0c0d509d7f97999c9a0fc4231b2d809a1b3effc06eb1ba1cbd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/MBH-logo.png HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: image/png
last-modified: Thu, 06 Feb 2020 05:33:02 GMT
accept-ranges: bytes
content-length: 23517
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4b40aa902e030c3962325bfbc1aa3a4
a4ba1f4ef41182df919a3d52c5b453880c43a45f
db2652de35ec8788a924075eadc88c711e2f245d8165ff00c726461b83d114a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4b40aa902e030c3962325bfbc1aa3a4
a4ba1f4ef41182df919a3d52c5b453880c43a45f
db2652de35ec8788a924075eadc88c711e2f245d8165ff00c726461b83d114a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4b40aa902e030c3962325bfbc1aa3a4
a4ba1f4ef41182df919a3d52c5b453880c43a45f
db2652de35ec8788a924075eadc88c711e2f245d8165ff00c726461b83d114a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2

142.250.74.131

200 OK

26 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25504, version 1.0\012- data
Size
26 kB (25504 bytes)
Hash
9390329e68f76c53c8b11597223f8ff8
9527c9717418d55b3a29d6e5af3dd74b3d8358ba
1a7ac4eab8a91f146794f27fdacc3a66a8b20527cba7f2bda4a27e5f657a981b

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:35:51 GMT
expires: Thu, 23 May 2024 00:35:51 GMT
cache-control: public, max-age=31536000
age: 569674
last-modified: Tue, 02 May 2023 15:12:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

142.250.74.131

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25384, version 1.0\012- data
Size
25 kB (25384 bytes)
Hash
da1fad84831e19559a0119dca38b30af
5ce6faee2df441f18e2e1a6491da609d6bdad9bd
320fb7e771568759087a963cc5d33a8d88897f498ee0b67ad1adb2ef320d2a16

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 18:35:48 GMT
expires: Thu, 23 May 2024 18:35:48 GMT
cache-control: public, max-age=31536000
age: 504877
last-modified: Tue, 02 May 2023 15:15:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

142.250.74.131

200 OK

26 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25456, version 1.0\012- data
Size
26 kB (25456 bytes)
Hash
4065d61a7ba7eb2602d2cbb54723e3de
7c6f159e263b1c1e88de91d6b745853fc7e46683
ce4714944663ab66446464e544e69808450bee9d0332659795eacea5751fc4f2

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:49:50 GMT
expires: Wed, 22 May 2024 18:49:50 GMT
cache-control: public, max-age=31536000
age: 590435
last-modified: Tue, 02 May 2023 15:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVQ.woff

142.250.74.131

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVQ.woff
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format, TrueType, length 31392, version 1.1\012- data
Size
31 kB (31392 bytes)
Hash
7dbfd8cbbfe38b08f2b3022ee2972c4c
c8a4693ac14927e8b2d86be71d74b47734a3ec97
8cdf606d9f581c0b41a260df5b788fc5979840aeacc8724e84dabbd6cb23ef72

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31392
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 01:17:25 GMT
expires: Thu, 23 May 2024 01:17:25 GMT
cache-control: public, max-age=31536000
age: 567180
last-modified: Tue, 02 May 2023 15:12:55 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2

142.250.74.131

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
76d72b5ef3a8eedd08eaed86de488e41
4d8374d24030fff036f2bd1df0ab8bcb27e19b21
19ff52995517c6fc4e03bf060f83b6c033c88885b6c4b0d2a5ea1e47583c8ee6

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 20:29:44 GMT
expires: Wed, 22 May 2024 20:29:44 GMT
cache-control: public, max-age=31536000
age: 584441
last-modified: Tue, 02 May 2023 15:15:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2

142.250.74.131

200 OK

26 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26328, version 1.0\012- data
Size
26 kB (26328 bytes)
Hash
d8fb888f63177090dc289dcd6bc2931c
ac8a1bd0706acb0a2b8c47f30d92367980b995ce
ec64208f0dc036c4bb2f19bf89a7d991e4dbd4413ae5b02e8e40ce91c66b261a

HTTP Headers

GET /s/opensans/v35/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWV4ewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:48:25 GMT
expires: Wed, 22 May 2024 18:48:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:28:47 GMT
content-type: font/woff2
age: 590520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

142.250.74.131

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://mbhadvisory.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24712, version 1.0\012- data
Size
25 kB (24712 bytes)
Hash
6426d7c7cf628698f2693c345e78f3ed
ba5c3dc9e202a5a6fa582ec90e94449e88c65d60
607eb42162512af73de673e5529e0f752efc846afd3cd75ca794af1ddc2f3d00

HTTP Headers

GET /s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mbhadvisory.com
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 20:29:42 GMT
expires: Wed, 22 May 2024 20:29:42 GMT
cache-control: public, max-age=31536000
age: 584443
last-modified: Tue, 02 May 2023 15:15:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/11/MBSR-Mindfulness-Training.jpg

198.54.115.70

200 OK

29 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/11/MBSR-Mindfulness-Training.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 450x300, components 3\012- data
Size
29 kB (29299 bytes)
Hash
1a69b2a0973cdbd7ef128f99b112db6f
63422f4bb77727b3d6326203633704e63221b8f3
a32a0af2e1f6e94c267fd11962f52b9ff24c2c9e612a24054ccb4bf1c26689fb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/11/MBSR-Mindfulness-Training.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2019 10:29:27 GMT
accept-ranges: bytes
content-length: 29299
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mbhadvisory.com/wp-content/uploads/2019/11/MBCL-Mindfulness-Training.jpg

198.54.115.70

200 OK

19 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/11/MBCL-Mindfulness-Training.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, manufacturer=Canon, model=Canon EOS 40D, xresolution=118, yresolution=126, resolutionunit=2, datetime=2009:09:24 09:31:01], baseline, precision 8, 450x300, components 3\012- data
Size
19 kB (18596 bytes)
Hash
480b648a6bd311aab6b93a715ffc535c
f8b3f7ee50f2a0eae20bcadad54041a623453eb4
8b22a3cb8fa3da0e7966f09adb760faa8c55f51c8752ca352ca6d5cb4a92ab75

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/11/MBCL-Mindfulness-Training.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2019 10:23:38 GMT
accept-ranges: bytes
content-length: 18596
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/11/day-mindfulness.jpg

198.54.115.70

200 OK

33 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/11/day-mindfulness.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1, software=Embettered by PicMonkey. http://www.picmonkey.com], baseline, precision 8, 450x300, components 3\012- data
Size
33 kB (32885 bytes)
Hash
992e83a2919036f434ff2b6def1f4d0c
eb964df85357512b1bf8d53a4d3d669e59d857ca
84550b7626cdc7833039b557cee71543593578e24a74daee30b41bb7e22690f7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/11/day-mindfulness.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:24 GMT
content-type: image/jpeg
last-modified: Mon, 09 Mar 2020 07:55:50 GMT
accept-ranges: bytes
content-length: 32885
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6

198.54.115.70

200 OK

2.9 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (10241), with no line terminators
Size
2.9 kB (2894 bytes)
Hash
7be65ac27024c7b5686f9d7c49690799
241ada4a86443adc5623d1a3a8018a96d9de6d5a
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 17:23:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2894
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.21.0

198.54.115.70

200 OK

2.9 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.21.0
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (7584)
Size
2.9 kB (2851 bytes)
Hash
984977dc184f8059f2a679b324893e4c
d60a246ba584ba892a87bcf446e71d26adbcb91a
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.21.0 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 17:24:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2851
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6

198.54.115.70

200 OK

3.9 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (12943), with no line terminators
Size
3.9 kB (3918 bytes)
Hash
5bc2b1fa970f9cecb3c30c0c92c98271
7c6bb87aaa24714b7b3b3c86dd932736a80270a9
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 17:23:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3918
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0

198.54.115.70

200 OK

490 B

URL GET HTTP/2
mbhadvisory.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text
Size
490 B (490 bytes)
Hash
d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 17:24:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 490
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.3

198.54.115.70

200 OK

2.4 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.3
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (6439), with no line terminators
Size
2.4 kB (2427 bytes)
Hash
eafdbde5c4e53432f48a58adc20b2c6b
98816b151f851d0a71e115f59474023793058e46
12a618537a5ecc700c5cd76816ded0793c5c369fa6d786ce82b7199e34b080a3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.9.3 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Wed, 12 Apr 2023 06:10:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2427
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

198.54.115.70

200 OK

4.6 kB

URL GET HTTP/2
mbhadvisory.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (13326)
Size
4.6 kB (4603 bytes)
Hash
5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Thu, 30 Mar 2023 08:36:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4603
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/11/Mindfulness-Retreats.jpg

198.54.115.70

200 OK

31 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/11/Mindfulness-Retreats.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=4016, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D750, orientation=upper-left, width=6016], baseline, precision 8, 450x300, components 3\012- data
Size
31 kB (30663 bytes)
Hash
ac757663581116dc57c9997b5da0f0ff
306fc5399eebed115a3d57405f3a8a118030b1e1
5d005b4e7ea533d122d77fb3645df882f2d0ea746a747a329c8bddbecec87dc4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/11/Mindfulness-Retreats.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2019 10:23:42 GMT
accept-ranges: bytes
content-length: 30663
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/11/b.-Foundations-Mindfulness-Schools.jpg

198.54.115.70

200 OK

28 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/11/b.-Foundations-Mindfulness-Schools.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, height=2848, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=4288], baseline, precision 8, 450x300, components 3\012- data
Size
28 kB (27527 bytes)
Hash
5efad60bb089d164a8fd3bf54c03c9ce
801a880f3a314ab52c459ccf07d232efe0cb06ab
728a9f8bc107fc7b53eac27d21949d93c42df76b79d150c3125dae9a790c13e5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/11/b.-Foundations-Mindfulness-Schools.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: image/jpeg
last-modified: Thu, 28 Nov 2019 10:23:07 GMT
accept-ranges: bytes
content-length: 27527
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

198.54.115.70

200 OK

30 kB

URL GET HTTP/2
mbhadvisory.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30376 bytes)
Hash
0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.4 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Thu, 30 Mar 2023 08:36:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30376
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2020/02/desktop-community.jpg

198.54.115.70

200 OK

23 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2020/02/desktop-community.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=1, software=Embettered by PicMonkey. http://www.picmonkey.com], baseline, precision 8, 450x300, components 3\012- data
Size
23 kB (23368 bytes)
Hash
1ddbbf28bb90e214309f413301037396
c29cea8344992a6135084f9296ef2e1a0e5e8dd5
33b75f8cb94e5a74462ffb02ee06c9e1476377ecf36e796545e2426d6857e333

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/02/desktop-community.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: image/jpeg
last-modified: Tue, 11 Feb 2020 14:59:44 GMT
accept-ranges: bytes
content-length: 23368
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

198.54.115.70

200 OK

12 kB

URL GET HTTP/2
mbhadvisory.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (48325)
Size
12 kB (11775 bytes)
Hash
47cdb0e81ea341ad27a1a0b0ba6b02d8
6195a67b0b7f7919f07309e2c8ce71f3d4729d03
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2.2 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: text/css
last-modified: Thu, 30 Mar 2023 08:36:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11775
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0

198.54.115.70

200 OK

65 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65467)
Size
65 kB (65200 bytes)
Hash
d01712dc614e43de021a98920dfb7208
fd6bef0ce9eccf622cc89736a211f7585fa48074
124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0 HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 17:24:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65200
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

198.54.115.70

200 OK

92 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 92476, version 2.4\012- data
Size
92 kB (92476 bytes)
Hash
7d04c782e3ec7b655cb15e50245c4c49
6ac6c03ebcebc29f36f09525ae9564f12240776d
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: font/woff
last-modified: Fri, 28 Apr 2023 17:24:33 GMT
accept-ranges: bytes
content-length: 92476
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/12/MBH-Mindfulness-Program.jpg

198.54.115.70

200 OK

197 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/12/MBH-Mindfulness-Program.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2213x943, components 3\012- data
Size
197 kB (197239 bytes)
Hash
a37d940f2b33ab65af2940dea56ff81a
237b9c9d343ff48a4bba03e62468d33274ab3dfc
a829dbeb11999e83c2c8e6bdd116814008d708e3e435d55a7eacf4ded5c95df2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/12/MBH-Mindfulness-Program.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/wp-content/et-cache/108/et-core-unified-deferred-108.min.css?ver=1684224676
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:25 GMT
content-type: image/jpeg
last-modified: Wed, 11 Dec 2019 16:20:17 GMT
accept-ranges: bytes
content-length: 197239
date: Tue, 30 May 2023 14:50:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/06/cropped-mbh-logo-192x192.jpg

198.54.115.70

200 OK

10 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/06/cropped-mbh-logo-192x192.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Size
10 kB (10013 bytes)
Hash
253175b1d17d0bce201ef9854d7950e8
f88fbe3e32d36fd76eade892e1bbafa64e4de7ed
61fcb0ab98628f3a47bddf089aa504fc19d089bccd442c93d3faeef27b3b3a84

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-mbh-logo-192x192.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:26 GMT
content-type: image/jpeg
last-modified: Fri, 14 Feb 2020 04:39:19 GMT
accept-ranges: bytes
content-length: 10013
date: Tue, 30 May 2023 14:50:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/wp-content/uploads/2019/06/cropped-mbh-logo-32x32.jpg

198.54.115.70

200 OK

1.2 kB

URL GET HTTP/2
mbhadvisory.com/wp-content/uploads/2019/06/cropped-mbh-logo-32x32.jpg
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://mbhadvisory.com/
Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 32x32, components 3\012- data
Size
1.2 kB (1217 bytes)
Hash
4f36fe20f19b7dec0c7a56723b913532
d92447836b2f87d497bdd9b532b10b9d659f7436
64140d90e11bf761cdc2ff4ae683a8019a93fbad587b22e6fe1d186a42811d9a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-mbh-logo-32x32.jpg HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbhadvisory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Jun 2023 14:50:26 GMT
content-type: image/jpeg
last-modified: Fri, 14 Feb 2020 04:39:21 GMT
accept-ranges: bytes
content-length: 1217
date: Tue, 30 May 2023 14:50:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

mbhadvisory.com/

198.54.115.70

200 OK

160 kB

URL User Request GET HTTP/2
mbhadvisory.com/
IP
198.54.115.70:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectmbhadvisory.com
Fingerprint46:0E:7B:C6:89:A0:CD:EC:55:62:FB:7F:45:43:AC:93:1B:DE:5F:38
ValidityThu, 23 Jun 2022 00:00:00 GMT - Mon, 24 Jul 2023 23:59:59 GMT

File type

Size
160 kB (159906 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: mbhadvisory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://mbhadvisory.com/wp-json/>; rel="https://api.w.org/", <https://mbhadvisory.com/wp-json/wp/v2/pages/108>; rel="alternate"; type="application/json", <https://mbhadvisory.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 14:50:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL