Report - jshswl.com/co

Report Overview

Visited public
2025-07-08 14:20:07
Tags
phishing darcula
Submit Tags
URL
jshswl.com/co
Finishing URL
jshswl.com/co
IP / ASN
43.163.81.122
#132203 Tencent Building, Kejizhongyi Avenue
Title
El servicio de envíos de Colombia
Phishing - Darcula Phishing Kit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jshswl.com	unknown	2024-09-04	2025-07-08	2025-07-08	14 kB	1.2 MB	43.163.81.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	jshswl.com/co	ScriptElement	2.9 kB	2025-03-28	2025-07-16
Pretty URL jshswl.com/co IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 05:19 Last Seen2025-07-16 21:22 Times Seen558 Hash c9856413e32fd91a4aedae103e4e03c8 f2e718cc34c3eb5272d549f55634245412bb4e99 98f59aa28b02ebaf99e8d94fcdd97128c9d329efd3ff9e7d2188d7ebe3550d85 Loading...

	jshswl.com/co	ScriptElement	1.0 kB	2025-03-28	2025-07-16
Pretty URL jshswl.com/co IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 05:19 Last Seen2025-07-16 21:22 Times Seen613 Hash 1721c4ad9c3ece090db7c40c6760ab50 3b5700ee650c570c339b9b6361ccf3b22c985394 0cfbd5300363e488a85c4af1a29dc18759dbb15658762f8f603ddb3fc66eed5a Loading...

	jshswl.com/assets/index-deeded5b.js	ScriptElement	329 kB	2025-06-14	2025-07-10
Pretty URL jshswl.com/assets/index-deeded5b.js IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 13:00 Last Seen2025-07-10 22:36 Times Seen16 Hash 5d6803631969cda52a127123ac30d0d5 4cccefe905f4d0b7a82bfe753aa9cb83fd4a4457 411dd74a514441f165299cfa00a276803ca713c5c323d507b9c5f210a6c2283e Loading...

	jshswl.com/assets/IndexView-6546f3ec.js	ScriptElement	456 B	2025-06-14	2025-07-10
Pretty URL jshswl.com/assets/IndexView-6546f3ec.js IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 13:00 Last Seen2025-07-10 22:36 Times Seen16 Hash d20bcced8e10c07c37a060cbc4343365 dd2a03127f0b85fedf919002fa6ddeb2fb0d0bff 7f7bbeaeb83b507a187f53ea07447a1909cddc0a196790ac270541314f2d8e49 Loading...

	jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js	ImportedModule	42 kB	2025-06-14	2025-07-10
Pretty URL jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-14 13:00 Last Seen2025-07-10 22:36 Times Seen16 Hash 549f89a5f485db098b6df72c49084d5c 7c8a1f44a7a8b53c4f393257cc7019f5dbfbfc69 2fb4da33423bb578b6053661a40cbbc7175fb006c5d56b6f9bd6384c3bc8da01 Loading...

	jshswl.com/assets/HomeView-d7717fe2.js	ScriptElement	63 kB	2025-06-14	2025-07-10
Pretty URL jshswl.com/assets/HomeView-d7717fe2.js IP 43.163.81.122 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 13:00 Last Seen2025-07-10 22:36 Times Seen16 Hash cc9c4b07ce18fa0d3d6b5bf197e8385b 4f224e2e3da1c3f9e1293efad1768247489877e5 f84e10b2a54829e8608a1b1639c67539ebc0674523f27699f30810b254f8f0d3 Loading...

HTTP Transactions (30)

URL IP Response Size

GET jshswl.com/col_post/assets/6b0680aataJSB.woff2

43.163.81.122

200 OK

34 kB

URL GET
jshswl.com/col_post/assets/6b0680aataJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33664, version 1.0
Size
34 kB (33664 bytes)
Hash
2d1d1bbf92b748e013dd6dce8f0577af
aac287ccadea6904a6ad1534d89fe7d0063cb5a1
6b0680aa5ad9ecdf7f04018c8fee8b69faecdb0b3b309e2ce220592c11e50bbd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/6b0680aataJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 33664
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/6b0680aataJSB.woff2

43.163.81.122

200 OK

34 kB

URL GET
jshswl.com/col_post/assets/6b0680aataJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33664, version 1.0
Size
34 kB (33664 bytes)
Hash
2d1d1bbf92b748e013dd6dce8f0577af
aac287ccadea6904a6ad1534d89fe7d0063cb5a1
6b0680aa5ad9ecdf7f04018c8fee8b69faecdb0b3b309e2ce220592c11e50bbd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/6b0680aataJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 33664
X-Firefox-Spdy: h2

GET jshswl.com/assets/IndexView-6546f3ec.js

43.163.81.122

200 OK

456 B

URL GET
jshswl.com/assets/IndexView-6546f3ec.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Java source, ASCII text, with very long lines (455)
Size
456 B (456 bytes)
Hash
d20bcced8e10c07c37a060cbc4343365
dd2a03127f0b85fedf919002fa6ddeb2fb0d0bff
7f7bbeaeb83b507a187f53ea07447a1909cddc0a196790ac270541314f2d8e49

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-6546f3ec.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jshswl.com/co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:48 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 456
X-Firefox-Spdy: h2

GET jshswl.com/assets/IndexView-6546f3ec.js

43.163.81.122

200 OK

456 B

URL GET
jshswl.com/assets/IndexView-6546f3ec.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Java source, ASCII text, with very long lines (455)
Size
456 B (456 bytes)
Hash
d20bcced8e10c07c37a060cbc4343365
dd2a03127f0b85fedf919002fa6ddeb2fb0d0bff
7f7bbeaeb83b507a187f53ea07447a1909cddc0a196790ac270541314f2d8e49

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-6546f3ec.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-deeded5b.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:49 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 456
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/47.webp

43.163.81.122

200 OK

54 kB

URL GET
jshswl.com/col_post/layout/images/47.webp
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
RIFF (little-endian) data, Web/P image
Size
54 kB (54326 bytes)
Hash
f8ff10fb5f5c6d24c34e87180a015a1c
776762b54956a40e5a1a348e9195738efe7ecf99
b3a441c8f41f9b474e36f04f81972c804d507f49ed8f248e335152a92149934f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/47.webp HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/webp
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 54326
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/56.png

43.163.81.122

200 OK

4.8 kB

URL GET
jshswl.com/col_post/layout/images/56.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 433 x 100, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4772 bytes)
Hash
eacfdeeb65c8b853f82ecef649864248
9c7ef4061e692b0a14b405ad9d68afe7c87f6d27
23c71136ec42e323a3f38ceb0293f796306c54258ec0faadceb036cd09d4b230

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/56.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 4772
X-Firefox-Spdy: h2

GET wss://jshswl.com/ws?token=f62695399c1f95a40ad82d47fdc493f94c95a16103d4b1d919719d657a03ec96678ad438a2c6c7296eceeba31979dad98234b701a7645feff0989f39f8cd2679e886a57ba1

43.163.81.122

101 Switching Protocols

0 B

URL GET
wss://jshswl.com/ws?token=f62695399c1f95a40ad82d47fdc493f94c95a16103d4b1d919719d657a03ec96678ad438a2c6c7296eceeba31979dad98234b701a7645feff0989f39f8cd2679e886a57ba1
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /ws?token=f62695399c1f95a40ad82d47fdc493f94c95a16103d4b1d919719d657a03ec96678ad438a2c6c7296eceeba31979dad98234b701a7645feff0989f39f8cd2679e886a57ba1 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://jshswl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EpbNRo7gDm6Flww/5HNn6A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000
Connection: Upgrade
Sec-WebSocket-Accept: DdEVtBiF4sJ4PGlcWoUdeNa2DP4=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
Server: Caddy
Upgrade: websocket
Date: Tue, 08 Jul 2025 14:19:50 GMT

GET jshswl.com/col_post/assets/80e721b5taJSB.woff

43.163.81.122

200 OK

72 kB

URL GET
jshswl.com/col_post/assets/80e721b5taJSB.woff
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format, CFF, length 72260, version 0.0
Size
72 kB (72260 bytes)
Hash
f6ab592e8a02d7930bd1bec811564f4c
3d9d5b2c58cc86aafe60cd45bbf6eafc0b686053
80e721b59c34ca8f5e23a8773df72758e38897c7afe4d7fa0a9c769964265830

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/80e721b5taJSB.woff HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 72260
X-Firefox-Spdy: h2

POST jshswl.com/api

43.163.81.122

200 OK

3.3 kB

URL POST
jshswl.com/api
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
JSON text data
Size
3.3 kB (3268 bytes)
Hash
88b2673d10720f47b68e0e2bd6d07831
a15f5cdbf226fd7f4230a31e8bdbef728342ede1
ddaf97e587c4278d7baaf9b6e4c75dc6d5075eea8840b87377cd7e5ecd3a1100

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

POST /api HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://jshswl.com
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Tue, 08 Jul 2025 14:19:49 GMT
server: GoFrame HTTP Server
trace-id: d96c59e9844c50188e433f0c1081d33d
via: 1.1 Caddy
X-Firefox-Spdy: h2

GET jshswl.com/col_post/55.png

43.163.81.122

200 OK

922 B

URL GET
jshswl.com/col_post/55.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
922 B (922 bytes)
Hash
12a853f2e837b036ac706f3d5160aea5
d8380d871c0f3e5a9af77eff42ee608ee0c96e6b
3a61e873b5d0133a8c478da0bf3c97abbd630597960934b73cbb253d88646a56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/55.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:49 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 922
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/96217f1dtaJSB.woff2

43.163.81.122

200 OK

36 kB

URL GET
jshswl.com/col_post/assets/96217f1dtaJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/96217f1dtaJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 35904
X-Firefox-Spdy: h2

GET jshswl.com/assets/index-deeded5b.js

43.163.81.122

200 OK

329 kB

URL GET
jshswl.com/assets/index-deeded5b.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (34029)
Size
329 kB (328886 bytes)
Hash
5d6803631969cda52a127123ac30d0d5
4cccefe905f4d0b7a82bfe753aa9cb83fd4a4457
411dd74a514441f165299cfa00a276803ca713c5c323d507b9c5f210a6c2283e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/index-deeded5b.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:47 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 328886
X-Firefox-Spdy: h2

GET jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js

43.163.81.122

200 OK

42 kB

URL GET
jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (41381)
Size
42 kB (41452 bytes)
Hash
549f89a5f485db098b6df72c49084d5c
7c8a1f44a7a8b53c4f393257cc7019f5dbfbfc69
2fb4da33423bb578b6053661a40cbbc7175fb006c5d56b6f9bd6384c3bc8da01

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jshswl.com/co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:50 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 41452
X-Firefox-Spdy: h2

GET jshswl.com/assets/HomeView-895702f6.css

43.163.81.122

200 OK

323 B

URL GET
jshswl.com/assets/HomeView-895702f6.css
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
ASCII text, with very long lines (322)
Size
323 B (323 bytes)
Hash
6bcd6f0f0ac43b18faf6614f0dd46fcf
965c507b7a0f6301f709978e5c4bb5a9357e0522
895702f60b913cb88038b79e4b439cc0abb17020a7a213ade28fbcd97fb91b7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-895702f6.css HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/css; charset=utf-8
date: Tue, 08 Jul 2025 14:19:50 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 323
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/44.gif

43.163.81.122

200 OK

1.1 kB

URL GET
jshswl.com/col_post/layout/images/44.gif
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
GIF image data, version 87a, 1200 x 400
Size
1.1 kB (1141 bytes)
Hash
983d5518a0022adfaa24a2c615cd0e47
5be56c998f10b81ec02d3cef9aa54e6fad9c7602
f266783622b88dc2c7e30a8821fabba670f552e25b1a3df2f685d4c80a4a4db0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/44.gif HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/gif
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 1141
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/96217f1dtaJSB.woff2

43.163.81.122

200 OK

36 kB

URL GET
jshswl.com/col_post/assets/96217f1dtaJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/96217f1dtaJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:48 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 35904
X-Firefox-Spdy: h2

GET jshswl.com/assets/HomeView-d7717fe2.js

43.163.81.122

200 OK

63 kB

URL GET
jshswl.com/assets/HomeView-d7717fe2.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
JavaScript source, ASCII text, with very long lines (56837)
Size
63 kB (62812 bytes)
Hash
cc9c4b07ce18fa0d3d6b5bf197e8385b
4f224e2e3da1c3f9e1293efad1768247489877e5
f84e10b2a54829e8608a1b1639c67539ebc0674523f27699f30810b254f8f0d3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-d7717fe2.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-deeded5b.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:51 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 62812
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/46.webp

43.163.81.122

200 OK

59 kB

URL GET
jshswl.com/col_post/layout/images/46.webp
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
59 kB (59134 bytes)
Hash
e21a72bf2dcebe64124d4309bf208a10
21a6a044ddfa40827f73490fd1d0b805b94dec40
729d5d96d0a4814e8ce14c50330e5a448a178a5addf5f0222fe1ac3faf96b9fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/46.webp HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/webp
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 59134
X-Firefox-Spdy: h2

GET jshswl.com/co

43.163.81.122

200 OK

452 B

URL User Request GET
jshswl.com/co
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
452 B (452 bytes)
Hash
8fe46e049a5231e2763c4f1ce2bcc34f
287c3119a78a1e54cbaef69290fe0a01f3fc9126
5ec232730c70761db8038a5ee9246cba9339ccf656286681177d71e544e6243c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /co HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/html; charset=utf-8
date: Tue, 08 Jul 2025 14:19:46 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 452
X-Firefox-Spdy: h2

GET jshswl.com/assets/index-767cb32b.css

43.163.81.122

200 OK

116 kB

URL GET
jshswl.com/assets/index-767cb32b.css
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (40192)
Size
116 kB (116429 bytes)
Hash
1b143a628258d7c2166d95e9510e8643
415d3c2b049cc85b8ac5b4c0a09b7c1f08774d89
767cb32b5d488864397da48b7698d5f8c566ac348814ad91d9e75d180e47a01d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/index-767cb32b.css HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/css; charset=utf-8
date: Tue, 08 Jul 2025 14:19:47 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 116429
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/4ce1bef1taJSB.png

43.163.81.122

200 OK

6.4 kB

URL GET
jshswl.com/col_post/assets/4ce1bef1taJSB.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 1385 x 363, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6398 bytes)
Hash
9132244b2de06f5a1552c89a6332d03d
d28b93963433f595fe199ba9a68d044b502ac5af
4ce1bef196b7df98389b2a9b78cbf5e0aa30738106aa6e366535b03f02ba3cb7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/4ce1bef1taJSB.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 6398
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/7dacf83ftaJSB.woff2

43.163.81.122

200 OK

72 kB

URL GET
jshswl.com/col_post/assets/7dacf83ftaJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/7dacf83ftaJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 71896
X-Firefox-Spdy: h2

GET jshswl.com/assets/HomeView-d7717fe2.js

43.163.81.122

200 OK

63 kB

URL GET
jshswl.com/assets/HomeView-d7717fe2.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
JavaScript source, ASCII text, with very long lines (56837)
Size
63 kB (62812 bytes)
Hash
cc9c4b07ce18fa0d3d6b5bf197e8385b
4f224e2e3da1c3f9e1293efad1768247489877e5
f84e10b2a54829e8608a1b1639c67539ebc0674523f27699f30810b254f8f0d3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/HomeView-d7717fe2.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jshswl.com/co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:50 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 62812
X-Firefox-Spdy: h2

GET jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js

43.163.81.122

200 OK

42 kB

URL GET
jshswl.com/assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (41381)
Size
42 kB (41452 bytes)
Hash
549f89a5f485db098b6df72c49084d5c
7c8a1f44a7a8b53c4f393257cc7019f5dbfbfc69
2fb4da33423bb578b6053661a40cbbc7175fb006c5d56b6f9bd6384c3bc8da01

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/CommonLayout.vue_vue_type_script_setup_true_lang-7ed1fe1e.js HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/HomeView-d7717fe2.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/javascript; charset=utf-8
date: Tue, 08 Jul 2025 14:19:51 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 41452
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/57.png

43.163.81.122

200 OK

88 kB

URL GET
jshswl.com/col_post/layout/images/57.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 1500 x 256, 8-bit/color RGB, interlaced
Size
88 kB (88413 bytes)
Hash
cf13ddd6046facd7c65f4ee0a634a2db
072343cde46570e42c08f97292db1a5b3ec2c216
4cad9fb86e3acaf1c75d5130dd3cbfd3f12fed9ffd8efa47faa4aeae94e996a2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/57.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 88413
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/96217f1dtaJSB.woff2

43.163.81.122

200 OK

36 kB

URL GET
jshswl.com/col_post/assets/96217f1dtaJSB.woff2
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/96217f1dtaJSB.woff2 HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: font/woff2
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 35904
X-Firefox-Spdy: h2

GET jshswl.com/assets/IndexView-4f4c357d.css

43.163.81.122

200 OK

508 B

URL GET
jshswl.com/assets/IndexView-4f4c357d.css
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
ASCII text, with very long lines (507)
Size
508 B (508 bytes)
Hash
9ad5a8a34fbd24169993bd7802b60b11
3461bdc985f343dee74c1380227e84eef7caaa3c
4f4c357dc183add047281009131b05e717f601fbb1f57aa5526691488ee591ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /assets/IndexView-4f4c357d.css HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: text/css; charset=utf-8
date: Tue, 08 Jul 2025 14:19:48 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 508
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/43.png

43.163.81.122

200 OK

5.8 kB

URL GET
jshswl.com/col_post/layout/images/43.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 520 x 120, 8-bit/color RGBA, non-interlaced
Size
5.8 kB (5821 bytes)
Hash
cd37ef3c6f767711f9e9a2f538bed888
5fc77dc6f7f0ad492c4bc17301fc2dca2bc2528a
b536470e933fcde4e7fb14e1375e8157e219135ebe0a0ec5499f3d14d91b0275

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/43.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 5821
X-Firefox-Spdy: h2

GET jshswl.com/col_post/layout/images/45.webp

43.163.81.122

200 OK

31 kB

URL GET
jshswl.com/col_post/layout/images/45.webp
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
31 kB (30778 bytes)
Hash
f3aa9d169843a497c8ada52889b24cf1
a69d3550bf114ae8e7ccdafce1208a9753a9422a
a464d36e6056663294b4fb08c3491b1004c04eacd77a3d3a383477ea8edddad4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/layout/images/45.webp HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/co
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/webp
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 30778
X-Firefox-Spdy: h2

GET jshswl.com/col_post/assets/b76fa40dtaJSB.png

43.163.81.122

200 OK

4.4 kB

URL GET
jshswl.com/col_post/assets/b76fa40dtaJSB.png
IP
43.163.81.122:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jshswl.com/co
Certificate
IssuerLet's Encrypt
Subjectjshswl.com
Fingerprint29:B8:5B:0A:C5:73:A6:3A:97:27:E4:E2:50:CF:AC:90:A6:BA:F8:89
ValidityMon, 07 Jul 2025 18:11:50 GMT - Sun, 05 Oct 2025 18:11:49 GMT

File type
PNG image data, 200 x 23, 8-bit/color RGBA, non-interlaced
Size
4.4 kB (4396 bytes)
Hash
aadfff651ac9437bee9118933eabe6da
d4aae64399ef24b670b809622beec57131864daf
b76fa40dc6d537c71530447605e2c3e81d11c09f08bf7bc657f527fd193f54b2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Darcula Phishing Kit

HTTP Headers

GET /col_post/assets/b76fa40dtaJSB.png HTTP/1.1
Host: jshswl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jshswl.com/assets/index-767cb32b.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-type: image/png
date: Tue, 08 Jul 2025 14:19:52 GMT
last-modified: Mon, 07 Jul 2025 16:28:13 GMT
via: 1.1 Caddy
content-length: 4396
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (30)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate