Report - jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp

Report Overview

Visited public
2023-08-28 17:40:09
Tags
URL
jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Finishing URL
jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
IP / ASN
207.120.33.35
#3356 LEVEL3
Title
100% FREE ACCESS - JOIN FREE NOW!!!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-08-28 05:42:07	454 B	32 kB	216.58.211.10
ka-p.fontawesome.com	4489	2012-10-18	2019-12-16 21:35:53	2023-08-28 06:04:35	1.5 kB	62 kB	104.18.22.52
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-08-28 05:32:46	897 B	6.0 kB	104.18.22.52
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-28 03:54:37	2.1 kB	93 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-28 03:54:35	893 B	5.2 kB	142.250.74.106
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24 15:35:31	2023-08-28 13:51:49	901 B	30 kB	152.199.19.160
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-27 18:12:02	3.0 kB	6.3 kB	142.250.74.131
jlwbmhg.com	unknown	2023-05-09	2023-05-09 19:54:58	2023-08-28 00:15:35	5.3 kB	124 kB	207.120.33.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed
2023-08-28	medium	jlwbmhg.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	jlwbmhg.com/common_tpls/js/form_support.js?v=1101202201	ScriptElement	3.8 kB	2023-03-08	2024-08-21
Pretty URL jlwbmhg.com/common_tpls/js/form_support.js?v=1101202201 IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25 Last Seen2024-08-21 08:25 Times Seen40 Hash 4ffa5d12f2aa2394aa284438d9ab1658 66a6678dc24eae37e35b8ee571e78f6e8af796da a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0 Loading...

	jlwbmhg.com/common_tpls/js/validate_form_v2.js?jsv=33	ScriptElement	26 kB	2023-03-14	2024-08-21
Pretty URL jlwbmhg.com/common_tpls/js/validate_form_v2.js?jsv=33 IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:51 Last Seen2024-08-21 08:25 Times Seen14 Hash b26223d9940db2288de40d67f6f90731 83fd7db93e9f1c5eb54305c662140d350e81f0f4 82541640f7edc753be5fb44d233216f5906f8f6ebc7200a02f229e263997b0ef Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	127 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-21 08:25 Times Seen17 Hash 987cb4cd06cbdbc694458792197453a0 03a7bedae186b4579555956a004744f78497b3e7 b1ec8ca388b07625941809d2bea46f0ba3ed49485c25cf1fe5735c080d81771d Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	388 B	2023-08-19	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-19 00:11 Last Seen2024-08-21 08:25 Times Seen12 Hash e0dfddef92dfde8d95dc42e03363cc81 ba518d5c70e54c50f3af40a280be1a3f681b7ea5 93850ebe5df1fed9e36047465ada548c828d41ca5810ddc98139fbf0b2c9f4b3 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	ScriptElement	88 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 10:36 Times Seen68113 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-05-09
Pretty URL ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 10:31 Times Seen27457 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	582 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-21 08:25 Times Seen7 Hash 14312a32b278cfe30cac6f23eeaa5a32 704d9b11a487947cb303589747c543d572cd6100 714d6c8a1fd4bc9ce75bfd2186821e4e64e9839c62989d054d1997cd5464255a Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	166 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 08:25 Times Seen35 Hash 30fbeedd3ef42ed4b3c0cedc516b2f71 dff25b928dad51d1d769285bf2a302d2be531927 1a9018c8172241d8aade74fd982307b0171e6b21ce2b4a470342852d92a99ed0 Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	59 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:58 Last Seen2024-08-21 08:11 Times Seen16 Hash cffd5e347526410b8d4ea84ff7d98463 9ea138c5d82132b2903dfca2bc6de42e3bb4b2c7 4ac6a08906e572c5a01455e972b35ec841a7e0f63619562b1458dac804e7a246 Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	206 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:58 Last Seen2024-08-21 08:25 Times Seen18 Hash 5f165dbb3feea7b4424a23a8756968d4 b2c2d5ac323753364da55be6246ca5d176a2d74d 3f19399992595664c23c41ba7cb1dd94a995b37dc681622aedc956975fb9ddc3 Loading...

	jlwbmhg.com/common_tpls/js/iframeResizer.contentWindow.min.js	ScriptElement	13 kB	2023-03-07	2025-04-17
Pretty URL jlwbmhg.com/common_tpls/js/iframeResizer.contentWindow.min.js IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-17 05:46 Times Seen84 Hash 2cf9df789476bc39b9906030f639660d de708b4a0fe32f3d77505675eb119b671327a6b4 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b Loading...

	kit.fontawesome.com/b314bdf1b3.js	ScriptElement	12 kB	2023-06-20	2023-11-22
Pretty URL kit.fontawesome.com/b314bdf1b3.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 05:08 Last Seen2023-11-22 21:59 Times Seen16 Hash 4fc6cefe553c0690d16534ebf9d89181 aa7c5a51a88e2dcbdf8b67e8648d35682d19e31f 8f3a8661dafbfffde857c6bbc7abc7c63e929047dfc5e6cc1a805ab8e98dacbb Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	528 B	2023-03-07	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-21 08:11 Times Seen24 Hash 10dd1b2ab36045f6dd30390708c046c8 5ea106d1b689de5bda25b576ae36d26160ed6795 6d5167f39f1f849ab2050bb2429f122ed1e62a41d7bdcf18a9ec09438f087e88 Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	500 B	2023-06-20	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-20 05:08 Last Seen2024-08-21 08:25 Times Seen30 Hash b3a1b315d6288a561818ce4d5253d7f6 2ce9c680b598f3cc1e3962a44ef82ae5fa4494fd 91fd13dbb2b63dbb6392347bd6b26447b1e7aa12711de8bd71979cd981ff1cb4 Loading...

	jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp	ScriptElement	2.5 kB	2023-03-12	2024-08-21
Pretty URL jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp IP 207.120.33.11 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:48 Last Seen2024-08-21 08:25 Times Seen11 Hash d8f703292262addbd1d29b3e00f14a58 441b15d7a7a85897e4b0bad12229ab2b44f3af5d cfe3ab5d0b2840811465dfdb0be54dab8889a1c51b27fc4edadc54e30874519e Loading...

HTTP Transactions (33)

URL IP Response Size

ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css

152.199.19.160

200 OK

20 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
20 kB (19629 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 12431072
cache-control: public,max-age=31536000
content-type: text/css
date: Mon, 28 Aug 2023 17:39:51 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2

ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js

152.199.19.160

200 OK

9.8 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32033)
Size
9.8 kB (9839 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 3340924
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 28 Aug 2023 17:39:51 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c141c9e4ae293080c66a7390c51860a
88fcdb4721be225cbe3a96b3900ab9f3d062c132
20dfefd2835c3db0ddaea174a330d72d6a5c932a0e24947be8cb8e913d1930bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c141c9e4ae293080c66a7390c51860a
88fcdb4721be225cbe3a96b3900ab9f3d062c132
20dfefd2835c3db0ddaea174a330d72d6a5c932a0e24947be8cb8e913d1930bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

jlwbmhg.com/common_tpls/images/icons/email.png

207.120.33.11

200 OK

1.3 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/images/icons/email.png
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1254 bytes)
Hash
a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/email.png HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 32e6ee87bae1955c74a74cdf848a41b5
x-varnish: 798664 132633
age: 15278
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d94495835202a00ea5ff4f1d3caf7c13
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/images/icons/fname.png

207.120.33.11

200 OK

1.6 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/images/icons/fname.png
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1649 bytes)
Hash
5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 4872bc0de8801f6526b766321edd8d85
x-varnish: 798665 711
age: 16079
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: f0ee8f65902c760fcee0cc2e38ce3e6c
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/images/icons/password.png

207.120.33.11

200 OK

1.5 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/images/icons/password.png
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1452 bytes)
Hash
6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/password.png HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 80034c40ecf9942fd926478268733655
x-varnish: 1481608 855789
age: 11108
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 4eb30abceb3886c6a69774f6ddf633dc
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/images/icons/address.png

207.120.33.11

200 OK

1.2 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/images/icons/address.png
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
1.2 kB (1167 bytes)
Hash
b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/images/icons/address.png HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 32908ccc85fdc2b8a101418f00044ec1
x-varnish: 1322570 950944
age: 16078
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 485b6b7aa7ad60584e6d8586c6868c26
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c141c9e4ae293080c66a7390c51860a
88fcdb4721be225cbe3a96b3900ab9f3d062c132
20dfefd2835c3db0ddaea174a330d72d6a5c932a0e24947be8cb8e913d1930bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

216.58.211.10

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Aug 2023 12:20:02 GMT
expires: Thu, 22 Aug 2024 12:20:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 451189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c141c9e4ae293080c66a7390c51860a
88fcdb4721be225cbe3a96b3900ab9f3d062c132
20dfefd2835c3db0ddaea174a330d72d6a5c932a0e24947be8cb8e913d1930bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8c141c9e4ae293080c66a7390c51860a
88fcdb4721be225cbe3a96b3900ab9f3d062c132
20dfefd2835c3db0ddaea174a330d72d6a5c932a0e24947be8cb8e913d1930bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3

104.18.22.52

200 OK

54 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65397)
Size
54 kB (54194 bytes)
Hash
486b13730aafe2a39cdaf1666679fa5b
aa0f52f048688ada20d921fef78cf15684a25f04
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jlwbmhg.com/
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:52 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 95755
accept-ranges: bytes
server: cloudflare
cf-ray: 7fde560b1c9fb529-OSL
X-Firefox-Spdy: h2

kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css

104.18.22.52

200 OK

0 B

URL GET HTTP/2
kit.fontawesome.com/b314bdf1b3/110588222/kit-upload.css
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b314bdf1b3/110588222/kit-upload.css HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jlwbmhg.com/
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:52 GMT
content-type: text/css
content-length: 0
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926, public, must-revalidate
etag: 54af53b207eef226d6511e0a88e3038e
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F3v1NIcxO7706RoEAT5D
cf-cache-status: HIT
age: 95755
accept-ranges: bytes
server: cloudflare
cf-ray: 7fde560b1ca3b529-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3

104.18.22.52

200 OK

2.6 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27832)
Size
2.6 kB (2603 bytes)
Hash
1cb05a2f9541200e1fa0a2cd0abc7663
fdf3292a6db22945eb79e08d847834205b749c6f
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jlwbmhg.com/
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:52 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 95755
accept-ranges: bytes
server: cloudflare
cf-ray: 7fde560b1ca1b529-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3

104.18.22.52

200 OK

4.2 kB

URL GET HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26366)
Size
4.2 kB (4194 bytes)
Hash
715826d7cea0f100c00238e5e5dc92b4
ea2a076f73ed3826287a726f35ae5e54136f2cee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jlwbmhg.com/
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:52 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 7fde560b1c9cb529-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kit.fontawesome.com/b314bdf1b3.js

104.18.22.52

200 OK

4.7 kB

URL GET HTTP/2
kit.fontawesome.com/b314bdf1b3.js
IP
104.18.22.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
4.7 kB (4730 bytes)
Hash
5f340107d3ca5e0ad8bca719faa910db
64fc143d12cd32ace697a3643c9d025738a585e4
3f8ecfe2a0b0f99b9c9ef1c7f5e30eebe30363c5d7a9c1cb02a1fd2feff58d62

HTTP Headers

GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F3krmcUBf21PfkvXUjKB
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7fde5608480bb529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:18:26 GMT
expires: Fri, 23 Aug 2024 15:18:26 GMT
cache-control: public, max-age=31536000
age: 354086
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7V1s.ttf

216.58.207.227

200 OK

66 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7V1s.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
TrueType Font data, 14 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsBold3.010;ITFO;Poppin\012- data
Size
66 kB (66163 bytes)
Hash
922cb3bc86ec0568c82525e315387021
9b353cec56d585154a440b2b883cd6f779ef35e3
2c07ce0658fcab0f0266babe01e11458c1126d92b5d53cd27f48282aaff0c20f

HTTP Headers

GET /s/poppins/v9/pxiByp8kv8JHgFVrLCz7V1s.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 66163
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 20:45:25 GMT
expires: Sat, 24 Aug 2024 20:45:25 GMT
cache-control: public, max-age=31536000
age: 248067
last-modified: Tue, 08 Oct 2019 21:22:28 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 10:05:21 GMT
expires: Sat, 24 Aug 2024 10:05:21 GMT
cache-control: public, max-age=31536000
age: 286471
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jlwbmhg.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:08:24 GMT
expires: Fri, 23 Aug 2024 15:08:24 GMT
cache-control: public, max-age=31536000
age: 354688
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 17:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

jlwbmhg.com/favicon.ico

207.120.33.11

404 Not Found

162 B

URL GET HTTP/2
jlwbmhg.com/favicon.ico
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Mon, 28 Aug 2023 17:39:52 GMT
content-type: text/html
content-length: 162
x-varnish: 468178
age: 0
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
section-io-cache: Miss
section-io-id: dfa052603c811962efb7bcb52a430276
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/js/iframeResizer.contentWindow.min.js

207.120.33.11

200 OK

13 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
ASCII text, with very long lines (12990)
Size
13 kB (13381 bytes)
Hash
2cf9df789476bc39b9906030f639660d
de708b4a0fe32f3d77505675eb119b671327a6b4
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 59483eca5a0d72169e9a08c9f0d3739c
x-varnish: 1552189 360470
age: 16468
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2c3361de3976a13db281744e98245711
X-Firefox-Spdy: h2

jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp

207.120.33.11

200 OK

30 kB

URL User Request GET HTTP/2
jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type

Size
30 kB (30144 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /acct/?sitekey=925714131cb2c521&act=bbrcomp HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 866715
age: 0
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 4af4b0378db5c460f7e8c0fa40296c3f
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/js/form_support.js?v=1101202201

207.120.33.11

200 OK

3.8 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/js/form_support.js?v=1101202201
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
ASCII text, with very long lines (4261), with no line terminators
Size
3.8 kB (3799 bytes)
Hash
bd72340aa5a6ac08cf9a0fdbd650579c
c0550503cbb35b4abcc5618fc78a0cb18c26c89c
783abe18fe8132421d19b383088f95e95a9ee6ac64b85bd2e2b178b481ab2ca4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: e54dba781e442a4efbc249531eadb3bf
x-varnish: 798662 1081375
age: 16480
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 14d1f1ea297e13a318ec13f7ecd14779
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap

142.250.74.106

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (3432), with no line terminators
Size
3.4 kB (3351 bytes)
Hash
10120de20c1d2fa917f6e5d5002038b2
30fbcaf43c8d096506490ce94ab8419a59bbb86b
fa5ebaea60aa8df1d4bb7f58bf19072c1b7a70879905bb780e640dcb8628d6bc

HTTP Headers

GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Aug 2023 17:39:52 GMT
date: Mon, 28 Aug 2023 17:39:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/compactML/css/epcjfdt1.css

207.120.33.11

200 OK

41 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/compactML/css/epcjfdt1.css
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type
ASCII text
Size
41 kB (41203 bytes)
Hash
d8d432131da70a1a7a75fdfced70a09c
0aac291f1076496af13eb2b47358aec636e7a264
9fa00e0c61d2c436e2ef102ade0298e6332cebf65800be7547dfd4e22d82830b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/compactML/css/epcjfdt1.css HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: text/css
last-modified: Mon, 18 May 2020 21:32:04 GMT
etag: W/"5ec2fed4-a0f3"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 957342
age: 0
via: 1.1 varnish-65c66bdb8c-7ffsz (Varnish/7.2)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 3a6962c93574c147144fbbf2ff4d6d0c
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Aug 2023 17:39:51 GMT
date: Mon, 28 Aug 2023 17:39:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jlwbmhg.com/common_tpls/js/validate_form_v2.js?jsv=33

207.120.33.11

200 OK

26 kB

URL GET HTTP/2
jlwbmhg.com/common_tpls/js/validate_form_v2.js?jsv=33
IP
207.120.33.11:443
ASN
#3356 LEVEL3

Requested by
https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Certificate
IssuerLet's Encrypt
Subjectjlwbmhg.com
Fingerprint5A:83:96:24:8C:4E:2C:39:E5:90:BB:23:1E:E1:90:41:0A:E1:7A:A9
ValiditySat, 08 Jul 2023 20:49:59 GMT - Fri, 06 Oct 2023 20:49:58 GMT

File type

Size
26 kB (25581 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common_tpls/js/validate_form_v2.js?jsv=33 HTTP/1.1
Host: jlwbmhg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jlwbmhg.com/acct/?sitekey=925714131cb2c521&act=bbrcomp
Cookie: PHPSESSID=ad96e223ee61aec7dc48fd0e2d0b79e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 28 Aug 2023 17:39:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 Feb 2023 23:40:03 GMT
etag: W/"63eaca53-63ed"
section-io-cache-id: 38339e0eaedc048b37c9d7e4872c60c4
x-varnish: 1322569 229607
age: 16480
via: 1.1 varnish-65c66bdb8c-bcwfl (Varnish/7.2)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 5be89f319c513dff40a610c8ef4fbc96
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by