Report - sitebuilder.barrieweb.com/

Report Overview

Visited public
2023-09-25 04:13:55
Tags
Submit Tags
URL
sitebuilder.barrieweb.com/
Finishing URL
sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
IP / ASN
65.21.122.58
#24940 Hetzner Online GmbH
Title
Welcome To Barrie Web Site Builder

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sitebuilder.barrieweb.com	unknown	2001-01-17	2021-06-12 11:56:53	2023-09-09 06:14:48	482 B	534 B	65.21.122.58
sitebuilder.barriewebdesign.com	unknown	2003-09-05	2016-02-03 13:27:59	2023-08-08 08:08:23	11 kB	505 kB	34.94.156.243
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-24 18:12:04	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-25 00:27:15	2.2 kB	66 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-24 23:15:49	518 B	19 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed
2023-09-25	medium	barriewebdesign.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	sitebuilder.barriewebdesign.com/sebase/js/jquery-ui.min.js	ScriptElement	255 kB	2023-03-11	2025-07-15
Pretty URL sitebuilder.barriewebdesign.com/sebase/js/jquery-ui.min.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:29 Last Seen2025-07-15 14:40 Times Seen486 Hash b4baecb73b7a75044853d7f4d363cb49 cee14f8598c3c7f75ed141896f976fe94ed286a0 9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	35 B	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 8e228ec9f7e616013d61e54edcb8c0f0 7bdd354079449b0bf70172f43f63d30e4cdece3f 6374b89774c0a9c441be9e7fd8ef07b059a5402a87077ed66dcae9584fb9a4fb Loading...

	sitebuilder.barriewebdesign.com/sebase/js/formvalidate.js	ScriptElement	64 kB	2023-07-13	2024-08-21
Pretty URL sitebuilder.barriewebdesign.com/sebase/js/formvalidate.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 06:14 Last Seen2024-08-21 07:09 Times Seen2 Hash 816f06153f79157a838dcc967deca8d5 e707a5b82cd0b7e9cb3fa0d754fc4bae14c59b88 5aeb8529950e6e5f47ccbafbdee59cef277d0eebb93a263bf1be15a5965b3750 Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	21 B	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 3083c1a1ad2ea335812c98151bb9d568 9cddd26a71467cc10b381fef8ecbcce7d992f355 a51c23a139169c49ab74be5e1d88f05d131eb9bf1a196c4b84ab1c80cae3a732 Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	2.8 kB	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 49027c831075e63e3529d26ab2fe2fd4 9d5bfd87e0af0379d937969461fed6fd7335a8c1 9dfde6d469f698dc662df50bcc59247a72bd5bfb735bdc7be5a466e1f360e2d1 Loading...

	sitebuilder.barriewebdesign.com/sebase/pen.js	ScriptElement	813 B	2024-08-21	2024-08-21
Pretty URL sitebuilder.barriewebdesign.com/sebase/pen.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:49 Last Seen2024-08-21 05:49 Times Seen1 Hash d7c6060f919240fd6853b3f3237bf15c e1c72d890126fa1f7cc0050fa4c876dae45f8bd5 1c3b3c79f68e9ed1c5970445691401440ee108b3ced1ed142e3b9c3907bd9626 Loading...

	sitebuilder.barriewebdesign.com/ui_design/common/js/bootstrap.min.js	ScriptElement	80 kB	2023-03-12	2025-07-13
Pretty URL sitebuilder.barriewebdesign.com/ui_design/common/js/bootstrap.min.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:47 Last Seen2025-07-13 07:24 Times Seen65 Hash 3e30cb9f50d706057915ea5191c750cd fe6e9085b857b7364abe4a7aa29a8b25a7127962 9783d3b32ac183e1062b9cdd77780ec1ca87a8e2ec2c44fefc885b316a13c571 Loading...

	sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.easing.min.js	ScriptElement	2.5 kB	2023-03-07	2025-07-16
Pretty URL sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.easing.min.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 02:09 Times Seen3181 Hash e2d41e5c8fed838d9014fea53d45ce75 bde98133f735398b27339c423a817e755329f7d1 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349 Loading...

	sitebuilder.barriewebdesign.com/sebase/js/common_login.js	ScriptElement	3.4 kB	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/js/common_login.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 5e01ceacabfa09290e46ff572930b385 af8fafc92cadd43ea68c6d51b3b74c8e8282c7f0 4ad4d0d0b54e804297811bce0193c5ba589cbe37d3ba694e14dea12dd4f76196 Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	62 B	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash c21161c25d387a3031867cb4851f1f84 21fa32d616c8c2c8e75e72da7e8849c9c1dd7d90 ccff0eec592291c4e649bb4f942583ab88bf85eb3538d987d2f78d7766973b82 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-07-16
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 07:40 Times Seen409160 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.min.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-07-16 07:01 Times Seen5417 Hash 0732e3eabbf8aa7ce7f69eedbd07dfdd 4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b Loading...

	sitebuilder.barriewebdesign.com/ui_design/common/js/sb-admin.min.js	ScriptElement	1.4 kB	2023-09-10	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/ui_design/common/js/sb-admin.min.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 06:15 Last Seen2025-05-29 02:14 Times Seen3 Hash 4ec8e80afa3e08f288b141f62cdc764d f9d79720680150aff06f1670cceabcd0f8e8dbf9 d37499b7ac4bef5543baac158bf9d81c692984dc37d5f19fa416d59949b4479a Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	108 B	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 81e468b00555672a09139fc8f040cf9f 8e64b45c2c6ea744f0b977b6cf79f8be266f8b3a 5aa2d1bd83111d21d5b085dd56c192e7b552beb9882e57d816087669133a6615 Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	218 B	2023-07-09	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-09 15:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 0a7e080a8a42fc67e660cb98d5b84e22 659189c6a8529b821c3cf4e0d07f9ee6b2da1487 1f085f39610933250cd82674e207f08db1c8d40a86ef3cdffde61efe23f0e688 Loading...

	sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en	ScriptElement	590 B	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 4898ad889a8a3433616cf775dad66f23 a944277665deb27bc114cdda9ea825b049b4a592 ae7bbe2607f4bf5f810c3f9fd9f6946385c574bf6965a0b01b42a76f3d657e3a Loading...

	sitebuilder.barriewebdesign.com/sebase/sandbox%20eval%20code		147 B	2023-04-11	2025-07-16
Pretty URL sitebuilder.barriewebdesign.com/sebase/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-07-16 07:40 Times Seen409568 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	sitebuilder.barriewebdesign.com/sebase/js/lang/en.js	ScriptElement	19 kB	2023-07-13	2025-05-29
Pretty URL sitebuilder.barriewebdesign.com/sebase/js/lang/en.js IP 34.94.156.243 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 06:14 Last Seen2025-05-29 02:14 Times Seen3 Hash 601f7b67cc25580289df2ab9d4ffd692 95c6d6215495fbf87728667dc3dbed67aafad659 9058978d9b826ad0d07faa77230e0d6d0ae9e646c006c89c251bfebdd0e4e175 Loading...

HTTP Transactions (29)

URL IP Response Size

GET sitebuilder.barrieweb.com/

65.21.122.58

301 Moved Permanently

176 B

URL User Request GET HTTP/2
sitebuilder.barrieweb.com/
IP
65.21.122.58:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barrieweb.com
Fingerprint0A:09:F1:46:37:33:BA:17:67:84:28:E7:4E:09:2D:92:65:E6:5F:47
ValidityTue, 15 Aug 2023 05:44:50 GMT - Mon, 13 Nov 2023 05:44:49 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
176 B (176 bytes)
Hash
1ff63b71eb94f8da4cb1a903bced1f38
9800b3d85c36a67764f8f4d98e741113d78e65db
c701b556f555377e422912a83061fdcd9ffbbb836b0fec4cf89dee8b1ded07d9

HTTP Headers

GET / HTTP/1.1
Host: sitebuilder.barrieweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://sitebuilder.barriewebdesign.com/?u=l_94507901
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
strict-transport-security: max-age=15768000; includeSubDomains
date: Mon, 25 Sep 2023 04:13:53 GMT
content-length: 176
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/?u=l_94507901

34.94.156.243

302 Found

0 B

URL User Request GET HTTP/2
sitebuilder.barriewebdesign.com/?u=l_94507901
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=l_94507901 HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 25 Sep 2023 04:13:36 GMT
server: Apache
set-cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; Path=/; Secure; HttpOnly
c_reseller_id=94507901
location: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
content-length: 0
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en

34.94.156.243

200 OK

3.7 kB

URL User Request GET HTTP/2
sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.7 kB (3729 bytes)
Hash
8da9b8f2f95c5bd2928c6ac71861095e
5fd0d75227c5c61ee9fd21aa23d8a99cf8ec80d3
0ab8a1136cc63c2e05150926fd725913d1f510a4a09bc73c949d53c4d0cd4058

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sebase/common_login.jsp?uno=94507901&lang=en HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:36 GMT
server: Apache
set-cookie: c_reseller_id=94507901
c_mode=p
c_reseller_id=94507901; Expires=Tue, 26-Sep-2023 04:13:36 GMT; Path=/
user_type=test_drive; Expires=Tue, 26-Sep-2023 04:13:36 GMT; Path=/
akuid=""; Expires=Tue, 26-Sep-2023 04:13:36 GMT; Path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 3729
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/ui_design/common/css/font-awesome.css

34.94.156.243

200 OK

7.5 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/css/font-awesome.css
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (372), with CRLF line terminators
Size
7.5 kB (7488 bytes)
Hash
4bb3dd721c4652feee0953261d329710
3655f1fdf1e584c4d8e8d39026093ca306a5a341
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/css/font-awesome.css HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:49:04 GMT
etag: "9b47-6054f6cab8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7488
content-type: text/css
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/reseller_pub/94507901/css/akcust.css

34.94.156.243

200 OK

2.2 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/reseller_pub/94507901/css/akcust.css
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
assembler source, ASCII text, with very long lines (498), with CRLF line terminators
Size
2.2 kB (2210 bytes)
Hash
7ea5be3aeca7a79182b1f65aa98efbd3
bcdad6cb5bb994c9f5d7fd942bb76255235f18ce
b9821667d26308bbdda46d3e959400d8fc23c2a00662830ea54cfc2319048ece

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /reseller_pub/94507901/css/akcust.css HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Fri, 26 May 2023 12:45:34 GMT
etag: "269b-5fc981cebd780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2210
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c5ff8d7acc8e7364e55f0f702753cdf3
8070b53f5904114284c148c6a9e31bd0a812fb88
60894dff5403072fe1a10fedc55fd9c34f223afc4073351c32ac819abe8d63fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sitebuilder.barriewebdesign.com/ui_design/common/css/bootstrap.min.css

34.94.156.243

200 OK

28 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/css/bootstrap.min.css
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
Unicode text, UTF-8 text, with very long lines (65300), with CRLF line terminators
Size
28 kB (27585 bytes)
Hash
b844eab13108eb797a3af293326cd907
f6f3668ac41f7ffd053d478d72ffa87980380f57
dc964eef31e1dbc3833e97fe468d1dcbc3ce6269e16c94c4f665c08a96d10c10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/css/bootstrap.min.css HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:32 GMT
etag: "2fbb0-6054f6ac34000-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 27585
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c5ff8d7acc8e7364e55f0f702753cdf3
8070b53f5904114284c148c6a9e31bd0a812fb88
60894dff5403072fe1a10fedc55fd9c34f223afc4073351c32ac819abe8d63fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sitebuilder.barriewebdesign.com/ui_design/design1/css/akcommon.css

34.94.156.243

200 OK

18 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/design1/css/akcommon.css
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with very long lines (682), with CRLF line terminators
Size
18 kB (18253 bytes)
Hash
adb3c2083457d6e7827ff6f7e17449d8
2fa4f47c1dc48604ad8b05c8ddc0f019c228ecec
f7bce8e30421017ca1061e5b717660b0be0c608b3ddc0a4fd436f97ddb3c07ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/design1/css/akcommon.css HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:40 GMT
etag: "17b59-6054f6b3d5200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 18253
content-type: text/css
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.min.js

34.94.156.243

200 OK

31 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.min.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with very long lines (65446), with CRLF line terminators
Size
31 kB (30908 bytes)
Hash
0732e3eabbf8aa7ce7f69eedbd07dfdd
4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/js/jquery.min.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:34 GMT
etag: "15d9f-6054f6ae1c480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30908
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.easing.min.js

34.94.156.243

200 OK

817 B

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/js/jquery.easing.min.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with very long lines (2532), with no line terminators
Size
817 B (817 bytes)
Hash
e2d41e5c8fed838d9014fea53d45ce75
bde98133f735398b27339c423a817e755329f7d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/js/jquery.easing.min.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:58 GMT
etag: "9e4-6054f6c4ffa80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 817
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/ui_design/common/js/sb-admin.min.js

34.94.156.243

200 OK

674 B

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/js/sb-admin.min.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with very long lines (1191), with CRLF line terminators
Size
674 B (674 bytes)
Hash
4ec8e80afa3e08f288b141f62cdc764d
f9d79720680150aff06f1670cceabcd0f8e8dbf9
d37499b7ac4bef5543baac158bf9d81c692984dc37d5f19fa416d59949b4479a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/js/sb-admin.min.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:38 GMT
etag: "5a8-6054f6b1ecd80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 674
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/ui_design/common/js/bootstrap.min.js

34.94.156.243

200 OK

23 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/js/bootstrap.min.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with very long lines (65294), with CRLF line terminators
Size
23 kB (23331 bytes)
Hash
3e30cb9f50d706057915ea5191c750cd
fe6e9085b857b7364abe4a7aa29a8b25a7127962
9783d3b32ac183e1062b9cdd77780ec1ca87a8e2ec2c44fefc885b316a13c571

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/js/bootstrap.min.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:40 GMT
etag: "13a4f-6054f6b3d5200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 23331
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/reseller_pub/94507901/images/logo.png

34.94.156.243

200 OK

39 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/reseller_pub/94507901/images/logo.png
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
PNG image data, 286 x 154, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39272 bytes)
Hash
354706ec0e176484ae7fe490705c88b9
8952cb28f5b6db869819e024d4bad2678e5e3833
12eed28086b592e85a5935038e005a656a91dd098352e115a78af07140c16e76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /reseller_pub/94507901/images/logo.png HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Fri, 26 May 2023 12:12:16 GMT
etag: "9968-5fc97a5d4c800"
accept-ranges: bytes
content-length: 39272
vary: Accept-Encoding
content-type: image/png
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/sebase/js/common_login.js

34.94.156.243

200 OK

982 B

URL GET HTTP/2
sitebuilder.barriewebdesign.com/sebase/js/common_login.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ASCII text, with CRLF line terminators
Size
982 B (982 bytes)
Hash
5e01ceacabfa09290e46ff572930b385
af8fafc92cadd43ea68c6d51b3b74c8e8282c7f0
4ad4d0d0b54e804297811bce0193c5ba589cbe37d3ba694e14dea12dd4f76196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sebase/js/common_login.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: c_reseller_id=94507901; c_mode=p; JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:52 GMT
etag: "d5b-6054f6bf46d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 982
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/sebase/js/lang/en.js

34.94.156.243

200 OK

3.5 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/sebase/js/lang/en.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
Non-ISO extended-ASCII text, with CRLF line terminators
Size
3.5 kB (3506 bytes)
Hash
2494d45882911730c1d26c142680a2a3
627471b967bc9b5be15fbdd0fe3be8f501a41bae
f58283d826288bd4ceb5176c9a8d4e49cdd5f791218255f47fbcf24c0eb9cb69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sebase/js/lang/en.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: c_reseller_id=94507901; c_mode=p; JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:36 GMT
etag: "4b63-6054f6b004900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3506
content-type: application/javascript
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/sebase/js/formvalidate.js

34.94.156.243

200 OK

7.1 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/sebase/js/formvalidate.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
ISO-8859 text, with very long lines (788), with CRLF line terminators
Size
7.1 kB (7144 bytes)
Hash
0f5d1d56a532fde46219d325b58f92d6
154b35ee3915c5da40c69e5c441796a860a988d3
557b86355ceae1210e1cb46e81652e24a83fb3631cc13b8d4df5a576f9ab9874

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sebase/js/formvalidate.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: c_reseller_id=94507901; c_mode=p; JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:50 GMT
etag: "fbb1-6054f6bd5e880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7144
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1481fcd5428e1e8013edc7621812724
8e86eadf871ca94477b0e469360502203eab3d97
9b9ad2ae252224803a2cc6f160d3305677ca54c8053008fd5b469574c42ac12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sitebuilder.barriewebdesign.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 04:50:55 GMT
expires: Fri, 20 Sep 2024 04:50:55 GMT
cache-control: public, max-age=31536000
age: 343363
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1481fcd5428e1e8013edc7621812724
8e86eadf871ca94477b0e469360502203eab3d97
9b9ad2ae252224803a2cc6f160d3305677ca54c8053008fd5b469574c42ac12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1481fcd5428e1e8013edc7621812724
8e86eadf871ca94477b0e469360502203eab3d97
9b9ad2ae252224803a2cc6f160d3305677ca54c8053008fd5b469574c42ac12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sitebuilder.barriewebdesign.com/ui_design/common/fonts/fontawesome-webfont.woff2?v=4.7.0

34.94.156.243

200 OK

77 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/ui_design/common/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ui_design/common/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sitebuilder.barriewebdesign.com/ui_design/common/css/font-awesome.css
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:38 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:54 GMT
etag: "12d68-6054f6c12f180"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sitebuilder.barriewebdesign.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:25:53 GMT
expires: Fri, 20 Sep 2024 15:25:53 GMT
cache-control: public, max-age=31536000
age: 305265
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15764, version 1.0\012- data
Size
16 kB (15764 bytes)
Hash
603b8950590bf833546eee7cbc79944a
ebbde06eb829868c5f689afe2d48377608be1e7b
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sitebuilder.barriewebdesign.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:01:32 GMT
expires: Fri, 20 Sep 2024 15:01:32 GMT
cache-control: public, max-age=31536000
age: 306726
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1481fcd5428e1e8013edc7621812724
8e86eadf871ca94477b0e469360502203eab3d97
9b9ad2ae252224803a2cc6f160d3305677ca54c8053008fd5b469574c42ac12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 25 Sep 2023 04:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sitebuilder.barriewebdesign.com/favicon.ico

34.94.156.243

404 Not Found

2.2 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/favicon.ico
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.2 kB (2177 bytes)
Hash
fd99a2c4e0bb615ea17e81ac406e0c84
a95c3ab1104de3fc89996553b4a3c527d2cddf89
5b7a57eba43258d1d1e4e64fa0fa7eaa3fd7f9e64035a9921ee467751f9bd624

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Mon, 25 Sep 2023 04:13:38 GMT
server: Apache
last-modified: Thu, 16 Mar 2017 13:52:22 GMT
etag: "881-54ad95ec6d180"
accept-ranges: bytes
content-length: 2177
vary: Accept-Encoding
content-type: text/html
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sitebuilder.barriewebdesign.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 11:13:54 GMT
expires: Sun, 22 Sep 2024 11:13:54 GMT
cache-control: public, max-age=31536000
age: 147584
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300;1,400&display=swap

142.250.74.106

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300;1,400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text
Size
18 kB (18251 bytes)
Hash
5aec592a0d8fce1e75037ed2d57703d3
6198b7a586acdd1723af5b696b14cbbdd52874ae
56d88aa487f044653f5c4ad19a589fbc351a63f07dfbc33c6d356b68b6d8c020

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sitebuilder.barriewebdesign.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 25 Sep 2023 04:13:37 GMT
date: Mon, 25 Sep 2023 04:13:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET sitebuilder.barriewebdesign.com/sebase/js/jquery-ui.min.js

34.94.156.243

200 OK

255 kB

URL GET HTTP/2
sitebuilder.barriewebdesign.com/sebase/js/jquery-ui.min.js
IP
34.94.156.243:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
Certificate
IssuerLet's Encrypt
Subjectsitebuilder.barriewebdesign.com
FingerprintD5:4D:C4:4E:02:5F:34:40:F6:60:30:F5:6B:07:57:C4:D9:B9:6B:94
ValidityTue, 08 Aug 2023 05:06:40 GMT - Mon, 06 Nov 2023 05:06:39 GMT

File type

Size
255 kB (255089 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sebase/js/jquery-ui.min.js HTTP/1.1
Host: sitebuilder.barriewebdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sitebuilder.barriewebdesign.com/sebase/common_login.jsp?uno=94507901&lang=en
DNT: 1
Connection: keep-alive
Cookie: c_reseller_id=94507901; c_mode=p; JSESSIONID=EDC6F24E4183BB623B1AB0D6CA0D9A7F; c_reseller_id=94507901; user_type=test_drive; akuid=""
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 04:13:37 GMT
server: Apache
last-modified: Thu, 14 Sep 2023 10:48:50 GMT
etag: "3e471-6054f6bd5e880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by