Report - immediate-bumex.com/

Report Overview

Visited public
2025-04-16 07:58:25
Tags
URL
immediate-bumex.com/
Finishing URL
immediate-bumex.com/
IP / ASN
212.92.105.102
#43350 NForce Entertainment B.V.
Title
Immediate Bumex 60 Official Trading App & Latest Immediate 6000 Bumex Version 16X

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

140

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
immediate-bumex.com	unknown	2024-04-10	2024-09-11	2024-09-22	35 kB	1.4 MB	212.92.105.102

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed
2025-04-16	medium	immediate-bumex.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	immediate-bumex.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1	ScriptElement	757 B	2024-02-09	2025-04-26
Pretty URL immediate-bumex.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-09 15:13 Last Seen2025-04-26 08:19 Times Seen292 Hash 519f90c9b78414721d1005101528b47a 4f0f31e4723720a3b3fa5ee344f4c7150a2c2998 50c686094830433cbab4c26e1b004cb3891eebfdf022ef2d41106596a4d705e0 Loading...

	immediate-bumex.com/	ScriptElement	177 B	2023-03-07	2025-05-02
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-02 14:33 Times Seen604 Hash 125da0749932d9ddfa3767638383abf9 69475f56fbfaf7859ebad33ac1be371b36b200cc e7f3fe59be4fbb3d95650bb24f407f1f792eba6eefec0d970d5d7b2bde669b64 Loading...

	immediate-bumex.com/	ScriptElement	104 B	2023-10-22	2025-04-26
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-22 16:22 Last Seen2025-04-26 04:32 Times Seen67 Hash f25b4bd043a21d3c0b789db7c0dcb4ef 41689d5a09ef28debdf3b0dad39d8ae3601d014c 6ae447e40363a7e50cf54c15d7da56196dfe7b6d1c9f53d5498b2744410d6ab1 Loading...

	immediate-bumex.com/	ScriptElement	657 B	2025-04-16	2025-04-16
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-16 07:58 Last Seen2025-04-16 07:58 Times Seen1 Hash 77b83a95518def8b1de8824479256c77 b842754d9748074f7120a9df3ce4c9ec3b30756e 4bfce0a502ff44b786b73fac58fa8c2686e513652a562b10e0bfb68db7f7692a Loading...

	immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16	ScriptElement	30 kB	2025-01-08	2025-04-16
Pretty URL immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-08 10:56 Last Seen2025-04-16 15:45 Times Seen22 Hash 696c51dcd9631f02d28d39fadefdd67d 11fc826e34f795901c8a7ec0f7ef4831ad2b6022 52937687c44d798fb8cd512609692b035f37fdbce19e7eddb747f0c0f48e32d2 Loading...

	immediate-bumex.com/	ScriptElement	260 B	2023-03-07	2025-05-07
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 16:26 Times Seen3228 Hash 9b78b28b396646badfc6017235ee4be9 18103240bf0cb760cdf7febc628b56b8fca44319 215f517010a20f2f4c55d34dd3c574568bd0fb83662f0b915ddb6561f97c3904 Loading...

	immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16	ScriptElement	54 kB	2025-01-08	2025-04-16
Pretty URL immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-08 10:56 Last Seen2025-04-16 15:45 Times Seen22 Hash 4d7fd4ec2c26288cf2ad585f0d4e24a0 efc14e1f1f8b40d6058770ebe879a1538acbd295 22a2e54ee3cc97ff26fa83366ed627ff8480ca19fa13145e0ab4180a17e9e794 Loading...

	immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0	ScriptElement	6.8 kB	2023-03-29	2025-05-05
Pretty URL immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:12 Last Seen2025-05-05 18:06 Times Seen517 Hash 2c8d926d887909904dab4316508bacc6 455db3d80b61fefab3797bacd140f95229fa7518 50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8 Loading...

	immediate-bumex.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1	ScriptElement	7.3 kB	2024-08-31	2025-05-07
Pretty URL immediate-bumex.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-31 11:00 Last Seen2025-05-07 16:26 Times Seen715 Hash 67148b2ff82038d0faf6385f182c5644 7452d643e468caf6db8ecf07618f1cb7ff3f7651 5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974 Loading...

	immediate-bumex.com/	ScriptElement	33 B	2023-03-07	2025-05-05
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:08 Last Seen2025-05-05 18:06 Times Seen179 Hash 5950de99fe01bdffab39022bc95332cb 76fa990bed1e89f8a9fb6502f3c7fbadc001e65d f076576cbe832eeb3786f580377fd79edca592f705cd2782e0080c477e927bbc Loading...

	immediate-bumex.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-08
Pretty URL immediate-bumex.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-08 05:33 Times Seen91733 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	immediate-bumex.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-08
Pretty URL immediate-bumex.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-08 05:33 Times Seen105515 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16	ScriptElement	30 kB	2023-05-02	2025-04-26
Pretty URL immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-02 01:14 Last Seen2025-04-26 04:32 Times Seen76 Hash 0d7765bae213b8cf43ba5f06960055ec b97311bed465062adfe3b0f20f363441be2d4881 e889e4e37ac5bce51552e6432402bad41853158bd662f41bbc50acceaff5a1f6 Loading...

	immediate-bumex.com/	ScriptElement	105 B	2023-12-29	2025-05-03
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-29 10:54 Last Seen2025-05-03 15:36 Times Seen196 Hash 26909cfee4ad69861654476cc84ae9a5 71f267bfb81a8ea66aa934dd29833965d7df1c88 84f28dd8d2ffccd5f1667989378ef32f97e118058f8306bf4cdff127698e7468 Loading...

	immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0	ScriptElement	1.3 kB	2023-03-07	2025-04-26
Pretty URL immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18 Last Seen2025-04-26 04:32 Times Seen141 Hash 443de93866d65f762354c9446ad8b366 19e310996d2549b6ad99f17dc800799571472aec 90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1 Loading...

	immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16	ScriptElement	4.0 kB	2023-03-07	2025-04-26
Pretty URL immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-04-26 04:32 Times Seen127 Hash 4950423c548a646372ae58f7bbe67d1f f54943150a9cc3db37bba49e9abb8f1206b8b12b ab69f8053e420d7f3c043b55a1bfebd9981ccf92c21b4fd823031ab51967323a Loading...

	immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16	ScriptElement	245 kB	2023-03-08	2025-04-26
Pretty URL immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:47 Last Seen2025-04-26 04:32 Times Seen102 Hash 12855fe710661551c42e95a9c9290600 72c56f9f3584405934289059ccd5ed678ddcb00c df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142 Loading...

	immediate-bumex.com/	ScriptElement	127 B	2023-03-07	2025-05-07
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-07 15:55 Times Seen2287 Hash e891393f0be3a6ffaa3923b307180e7e bc0a7332b9846a5762a71b9b9811c1a8b19df194 2d1778345d3607ceb641cc5f21b0a2c045fa70052361ac91a17c39b2c9d96f71 Loading...

	immediate-bumex.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0	ScriptElement	6.9 kB	2023-11-19	2025-05-03
Pretty URL immediate-bumex.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-19 10:25 Last Seen2025-05-03 15:36 Times Seen209 Hash ca1e68e1ae2dbb2206d21481576bbb45 eecac929830764dba8b0734241090f2403671fa8 ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d Loading...

	immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13	ScriptElement	271 B	2023-08-11	2025-05-06
Pretty URL immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13 IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 05:46 Last Seen2025-05-06 12:53 Times Seen1883 Hash c6a55456af4776c733018888483aba22 297b53f8538ba3b59d2028f16de4e14ec90337ce 20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8 Loading...

	immediate-bumex.com/	ScriptElement	46 B	2023-03-07	2025-05-07
Pretty URL immediate-bumex.com/ IP 212.92.105.102 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-07 15:55 Times Seen912 Hash bec9c700df243a74235f459eeaa0d9cb 47c8b6aff8817c560284ab7f629d1fb9903a4391 b419ddf3962f2f32b55824f2bc29e97b342f8df820c6913c9f58e91cb1608df8 Loading...

HTTP Transactions (70)

URL IP Response Size

immediate-bumex.com/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.5.5

212.92.105.102

200 OK

1.6 kB

URL GET
immediate-bumex.com/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.5.5
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (1573), with no line terminators
Size
1.6 kB (1573 bytes)
Hash
4780517929a305d994c345c693c7e008
f259047949bc4dfff967499e5a207d0ac43e16fd
aaef1023200ec674705f6efbf0d45a2f36ba49de83103623180b15dc1dd17694

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.5.5 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-625"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.svg

212.92.105.102

200 OK

335 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
335 B (335 bytes)
Hash
51768606d83a265da9e7ee8efbb21edb
b22c5b98344da8d3ea54ecb9baab4c5a5a7ebdb4
8fcaa96d8835e39fa6a74ff4dc781d908112d46ceb8fb81ff37c433f390a4c8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/de.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-14f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/006.jpeg

212.92.105.102

200 OK

60 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/006.jpeg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1000x625, components 3
Size
60 kB (60038 bytes)
Hash
c8de1807833023862aeb929c738feea3
c38903ea162ce761efe366ca7c22e719cc94ae01
8a7daa02ed32839c6a4acbc8d5a0ae193a775c77d28b9d9f76ec611842590fb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/006.jpeg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/jpeg
Content-Length: 60038
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-ea86"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json

212.92.105.102

200 OK

2.2 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JSON text data
Size
2.2 kB (2151 bytes)
Hash
974c06c22e80fbf8fc59a64946494b43
6f25ac4d1108e81458e684ff3cd2fdbd8ac32786
1e4455cdccea0ee7e1e5d9e13c5b2be8b964c3012341201f22092952036489a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Cookie: wp-wpml_current_language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-867"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/api.php/1/api/user/auth/geo-data

212.92.105.102

200 OK

142 B

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/api.php/1/api/user/auth/geo-data
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JSON text data
Size
142 B (142 bytes)
Hash
ba6605f8ce4a76fdd292485f5db4c1a2
246227e28c0a14aaabf929c7e98c665d793e9e74
2c669cf713927c358adc95b5cec9769ea622db31736068a1d1f56428dc6ae530

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/api.php/1/api/user/auth/geo-data HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Cookie: wp-wpml_current_language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:04 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.33
Vary: Accept-Encoding, Accept
access-control-allow-origin: *
access-control-expose-headers: X-Set-Token, X-Pagination-Total-Count, Date, X-History-Filter-Hash, Fxbot-Referer
x-request-id: 16940cf1c0e3287260d4702037083a8d28486df1891e4dda4fd264b6aa61b3a2
cache-control: private
cf-cache-status: DYNAMIC
set-cookie: SERVERID=w02-8888; Path=/
cf-ray: 931222ab1a0496fe-AMS
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/hu.svg

212.92.105.102

200 OK

359 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/hu.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
359 B (359 bytes)
Hash
3621c5eb449691cbe1d3bc8757c831a1
e7e3674fe42359cc9a376e543d7548418071aea0
2c1380bd6fb1a88cabcae439eaf960d4dffa929a74cfe3d44f7552084fc1150b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/hu.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-167"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json

212.92.105.102

200 OK

2.2 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JSON text data
Size
2.2 kB (2151 bytes)
Hash
974c06c22e80fbf8fc59a64946494b43
6f25ac4d1108e81458e684ff3cd2fdbd8ac32786
1e4455cdccea0ee7e1e5d9e13c5b2be8b964c3012341201f22092952036489a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/vocabulary/en.json HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Cookie: wp-wpml_current_language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-867"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.72

212.92.105.102

200 OK

389 B

URL GET
immediate-bumex.com/wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.72
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (389), with no line terminators
Size
389 B (389 bytes)
Hash
45977ac32578852ab779878e707c5cfc
db52f8d7fc8d76beb51d3091b94c511a0810c8cd
a39445bf758c3548d49b5da4a18bb3ecb3e263ed0aa97a29a83a9822cd222d30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.72 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-185"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13

212.92.105.102

200 OK

59 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (58697), with no line terminators
Size
59 kB (58697 bytes)
Hash
82a65dc43ead999e4c89efe2c1bbeb40
075bfb9ec99cfce789e3f3ac0ef2ff104dc1d50b
af770f5afec3e9f10196ea60476a44dde4d80010e680500685b578fee468c8c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-e549"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.svg

212.92.105.102

200 OK

1.3 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1290 bytes)
Hash
cf165af749d574a25a1a29f31b0ed692
fd1663941236e3105b46f020e0e23913452b2585
4c5edc0c143fffe3bfed4126d2b3527e6e21c57499af43f9577b45c6eb93e598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-50a"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/hr.svg

212.92.105.102

200 OK

2.4 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/hr.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
2.4 kB (2428 bytes)
Hash
23ea3f2c9b976eb82c1556881543ec7a
df83b819176d4e3e12e59345ed1bf94c59f01d37
888b95081206a0c3488cb21d3e8b0b4fb98491f80931f39587dced1b04700e96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/hr.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-97c"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/da.svg

212.92.105.102

200 OK

362 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/da.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
362 B (362 bytes)
Hash
c4d7abcf4c21c729ea9aab45faa1912a
6ecbf40cb392204b8c7af284352108b500111969
33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/da.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-16a"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.svg

212.92.105.102

200 OK

352 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
e9efcfc75d8fdee9370032dc72e78bcf
77d974568d91216054eee046c19c99f71cccb9be
a7d195ab974d9555702eede5af18287b5767efcea5fc6dadf529e114dc6fb568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-160"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ja.svg

212.92.105.102

200 OK

357 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ja.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
357 B (357 bytes)
Hash
b072ff9b575b2c9db1f40db4a8603ea1
56c055fa39d04fdfbf8ca59c3186b982e301bbf2
3cff261749f98b839faf4cbd34b7748daf28ed5d9377f3cb9929d6cc506665a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/ja.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-165"
Content-Encoding: gzip

immediate-bumex.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1

212.92.105.102

200 OK

757 B

URL GET
immediate-bumex.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (757), with no line terminators
Size
757 B (757 bytes)
Hash
519f90c9b78414721d1005101528b47a
4f0f31e4723720a3b3fa5ee344f4c7150a2c2998
50c686094830433cbab4c26e1b004cb3891eebfdf022ef2d41106596a4d705e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-2f5"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0

212.92.105.102

200 OK

1.1 kB

URL GET
immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (1061), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
340df9cb2c8a1e5d5428a81637866c40
759e7dffd2c0427030749b61e4193046b515f6ef
d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-425"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16

212.92.105.102

200 OK

54 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
54 kB (54132 bytes)
Hash
4d7fd4ec2c26288cf2ad585f0d4e24a0
efc14e1f1f8b40d6058770ebe879a1538acbd295
22a2e54ee3cc97ff26fa83366ed627ff8480ca19fa13145e0ab4180a17e9e794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/js/registration-form.js?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-d374"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ko.svg

212.92.105.102

200 OK

1.7 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ko.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1660 bytes)
Hash
7deaaa44e02b9aea9fc1a7f8a70cfe34
d2f42c97768727cf6f006ebc8671eb14d7f0edc3
a920bc55182702e5ceb09b5750c765d2e0f4aee817a969f221e900e930fcb0de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/ko.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-67c"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16

212.92.105.102

200 OK

24 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text
Size
24 kB (24229 bytes)
Hash
89ce447c1755a488d17bec881196adf3
1c0dd6b8549bf7023e9f302bc2490944aa5d998e
5ae1a7abb598b54b3dc3529b788bbee60faf9e68296b4d04154072cb8eec56f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-5ea5"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1

212.92.105.102

200 OK

258 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with no line terminators
Size
258 B (258 bytes)
Hash
886011711ae972cd8472eef5eba5c298
6e52e59dfcbe911b4ab1a69036e1e3b930030c7e
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-102"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/el.svg

212.92.105.102

200 OK

509 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/el.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
509 B (509 bytes)
Hash
ad2d06f8e09051f574083a3d00b0d3c4
278327ff2ba9f9ff2075e69635576298e083a56f
855ef79130c430a08f89dad91b7206b3d31b42a1b509000029c60b9336856e45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/el.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1fd"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pl.svg

212.92.105.102

200 OK

310 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pl.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
310 B (310 bytes)
Hash
73699780fe17013ad360d5441cba044d
3e37c78fdc79aada415a05c2275c0fdf9664f062
e03d57c0f7db7d4dc8eb6a2bc359f3a40591b490130bcfa06fba08d514fbdb07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/pl.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-136"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0

212.92.105.102

200 OK

1.3 kB

URL GET
immediate-bumex.com/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (1295), with no line terminators
Size
1.3 kB (1295 bytes)
Hash
443de93866d65f762354c9446ad8b366
19e310996d2549b6ad99f17dc800799571472aec
90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-50f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/001.jpeg

212.92.105.102

200 OK

34 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/001.jpeg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x571, components 3
Size
34 kB (33827 bytes)
Hash
ee48d6345a9616ca5159c4942afef6d8
a3f901a2c6d4c3074f939ba50d3e80851a2df850
173bbd7f441f504b4682972f071a03893a586ddf7246eaf3ca2341d8ed0cfc1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/001.jpeg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/jpeg
Content-Length: 33827
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-8423"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16

212.92.105.102

200 OK

30 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26958)
Size
30 kB (29538 bytes)
Hash
0d7765bae213b8cf43ba5f06960055ec
b97311bed465062adfe3b0f20f363441be2d4881
e889e4e37ac5bce51552e6432402bad41853158bd662f41bbc50acceaff5a1f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/js/intlTelInput.min.js?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-7362"
Content-Encoding: gzip

immediate-bumex.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1

212.92.105.102

200 OK

20 kB

URL GET
immediate-bumex.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (19512), with no line terminators
Size
20 kB (19512 bytes)
Hash
b7e067012db6249774c29e4c56b4f2c0
7523574074e98d492a8da515f0daf7446cc504e0
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-4c38"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16

212.92.105.102

200 OK

4.0 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (4014)
Size
4.0 kB (4015 bytes)
Hash
4950423c548a646372ae58f7bbe67d1f
f54943150a9cc3db37bba49e9abb8f1206b8b12b
ab69f8053e420d7f3c043b55a1bfebd9981ccf92c21b4fd823031ab51967323a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/js/mailcheck.min.js?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-faf"
Content-Encoding: gzip

immediate-bumex.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

212.92.105.102

200 OK

88 kB

URL GET
immediate-bumex.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-15601"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/Logo.png

212.92.105.102

200 OK

2.8 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/Logo.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 167 x 168, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2758 bytes)
Hash
4be47e6e097186915a4ea61992d81675
56dc146e2aa065a8afd98e6c24252fa464cc7d84
47f9afd2c44b79ec3a165506b0f195634e08aae1ae38ebb9b731948e57a21498

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/Logo.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 2758
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-ac6"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.svg

212.92.105.102

200 OK

609 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
609 B (609 bytes)
Hash
a3bce36139bdbeeb26d9847b105692d0
b89a8460c0b7f3b038e3202038ad706ade7e73eb
b023af9d9a9bde7e7f6136b1ba2fbcc5807af1c5f6dac17b383c29a8692f851c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-261"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/nl.svg

212.92.105.102

200 OK

355 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/nl.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
1932756ac7767c2f33986237417d8731
84a604da4f8df24af728a73685c4cc2cad9de962
8ca8a2dc879e29edd00a08bffc8d825f67d0988e55538d52e43861bb3af22f83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/nl.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-163"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/is.svg

212.92.105.102

200 OK

449 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/is.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
449 B (449 bytes)
Hash
f0950fb9089c4f9e32fb53b8fdaaad61
0a946bcdfa19977da80126e7e213e262344c4f29
b34f812ef46d9c15b14560edcd00d6f5a1a77a381dcb8e1414650f18dc963402

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/is.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1c1"
Content-Encoding: gzip

immediate-bumex.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2

212.92.105.102

200 OK

112 kB

URL GET
immediate-bumex.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (57765), with CRLF line terminators
Size
112 kB (112437 bytes)
Hash
e4038793bd9dba450fbde333ebb2c7ad
5a97376465e75ea223102550aaaef51d878890f8
73e546a25c697a9fc474c8e6e2feda5a769bee52ca2062d87adf6b96b06a6e92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1b735"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.5.0

212.92.105.102

200 OK

5.9 kB

URL GET
immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.5.0
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (5901), with no line terminators
Size
5.9 kB (5901 bytes)
Hash
620bdc2e262641f4cee95c34de331140
588be9ecfa8899889f324f17b4fe3f0828acd478
ff95720758215ef9f328fda9e5b00e7c64421bcc8c0439e38201492e0fa78616

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.5.0 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-170d"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/et.svg

212.92.105.102

200 OK

335 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/et.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
335 B (335 bytes)
Hash
97eaf9e3e1e5795116e411e3408c8ad5
62d0a947b1ddc561aaa6b0db15a115cc38263e86
361ceeb485933d4e9e5374bab0acf83404a5b7f634e6ee3bc61a3f125cea19af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/et.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-14f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/003-e1706463396825.png

212.92.105.102

200 OK

119 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/003-e1706463396825.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 591 x 383, 8-bit/color RGBA, non-interlaced
Size
119 kB (118987 bytes)
Hash
1bc328deea072e39fa89a021ea059e2e
f71cd4c9028751d91dab1a8117e99d8f0440181d
744d76bfaa5bb79541f57ea8c2c1aad5a69f9a488556cb45b86fbeae4a3edb38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/003-e1706463396825.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 118987
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-1d0cb"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/uploads/2024/01/004.png

212.92.105.102

200 OK

31 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/004.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 766 x 766, 8-bit/color RGBA, non-interlaced
Size
31 kB (31176 bytes)
Hash
2e972de5d6e3be2951014aa3155cf418
35d33d2b7d55c89fa578e25618ed504d65b5d9b4
78c18104263c647cc1b8ad6f18a7161feaaaa6ab151817509931abb4769bfb27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/004.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 31176
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-79c8"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fi.svg

212.92.105.102

200 OK

249 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fi.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
249 B (249 bytes)
Hash
d1724c02c151d1f44b22d5c89e199c54
fbb67ed0796f19c50d9354ffa54a0103d33049b7
0d9fdf20d3b93aa471132ea660f36e3331fc137bb628121caeec33e905a2a33b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fi.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Content-Length: 249
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-f9"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/lv.svg

212.92.105.102

200 OK

299 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/lv.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
299 B (299 bytes)
Hash
bebccff3aeba51647f0dce95d6551d53
b257a531d6b251909e3174a7820c24d19b54559f
5e92000c8341f0ea10f5677f62c071202b412f252a361d79a0d4a7fa09910aca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/lv.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-12b"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/tr.svg

212.92.105.102

200 OK

520 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/tr.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
520 B (520 bytes)
Hash
7af14a6fd5253f05724502662d478fac
df6f03167492046dd2f02e3e005e66201f80ceb9
f101fe5cf7c2fe25bb1d2c7efcacb8acb52c90561497576f2f16be8a5d628315

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/tr.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-208"
Content-Encoding: gzip

immediate-bumex.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1

212.92.105.102

200 OK

7.3 kB

URL GET
immediate-bumex.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (7333), with no line terminators
Size
7.3 kB (7333 bytes)
Hash
67148b2ff82038d0faf6385f182c5644
7452d643e468caf6db8ecf07618f1cb7ff3f7651
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1ca5"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/007.jpeg

212.92.105.102

200 OK

50 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/007.jpeg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x500, components 3
Size
50 kB (50417 bytes)
Hash
abcc4e1eb0e187313931b2866194a540
1120bc015435a837c4f6a4a42041c1b4fac5e1bf
595d7c3123fda0b00715dafaa782b306d4308dece51ad627f1df6ec14b621d1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/007.jpeg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/jpeg
Content-Length: 50417
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-c4f1"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.svg

212.92.105.102

200 OK

352 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/it.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
34ec214f5547e19d4e1fe9d0d638f9c7
7ef49fd31ffa7a0ea47e8ad0a2fa2121621baae5
ebdeb69d61fd3e3b429eafd9b45b51422b87348d932a7fbcd668975437650fdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/it.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-160"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-br.svg

212.92.105.102

200 OK

3.1 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-br.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
3.1 kB (3095 bytes)
Hash
0c3ab5184e7b7429a458164488ad3704
6d5780433cbbd4b3a6f25c791a8ba59bc726f862
414878d5f95d09d4b5e65cdcdda185c7be3c775ba366add3b36d31479707b926

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/pt-br.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-c17"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ro.svg

212.92.105.102

200 OK

352 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ro.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
352 B (352 bytes)
Hash
b3459066e38308492a7ac98271d7b034
bdc08d8b6b3a4ab7eef55fb2b73028001f045581
3244688e345eb37de4069b23d32d91b59ecb2c28a14e38aaa4e02678f5d0bb7c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/ro.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-160"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ru.svg

212.92.105.102

200 OK

355 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ru.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
42103243a1d4c3f2e823e99f3c00aaa4
1d95a227efb867c8b3dfa2902ea8a803f3fd3519
0a720bc83f72d17849bd213570ed808ae6b430fa5f3d50dc7fdb32413f7ade01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/ru.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-163"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/bg.svg

212.92.105.102

200 OK

335 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/bg.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
335 B (335 bytes)
Hash
fbae98f9ecb2c7a0d7bbadd4cda16c54
0799313019185c31326cca8c6af85520f0ef05db
a5531f87b36975a82c97748b5405c1f3d6d1fa7fa3f78843aea4b67903b76e7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/bg.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-14f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/Rating-stars.png

212.92.105.102

200 OK

29 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/Rating-stars.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 426 x 228, 8-bit/color RGBA, non-interlaced
Size
29 kB (28622 bytes)
Hash
17cdff90fe80ca52b04a2a9f928fb075
3d765522e8aaa380c740df65283d12c156b940ce
9a68ee4b34bf5674048ab7444aab8d35e56fdfb58056e527915878da4d3cce7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/Rating-stars.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 28622
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-6fce"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/images/flags.png

212.92.105.102

200 OK

71 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/images/flags.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/images/flags.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/css/intlTelInput.min.css?ver=2.0.16
Cookie: wp-wpml_current_language=en; SERVERID=w02-8888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:04 GMT
Content-Type: image/png
Content-Length: 70857
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-114c9"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16

212.92.105.102

200 OK

245 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (1654)
Size
245 kB (245226 bytes)
Hash
12855fe710661551c42e95a9c9290600
72c56f9f3584405934289059ccd5ed678ddcb00c
df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/js/utils.min.js?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-3bdea"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/cs.svg

212.92.105.102

200 OK

374 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/cs.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
374 B (374 bytes)
Hash
0fe0a2e4225eee5dd8a3c73a5ab5a312
c930c1341640bee697cf50053721ddfd750dae2e
2a3a7fa3da584643cbac6234aa452705982f50454ed0a259d8c8cd6a9c2fa8c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/cs.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-176"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/SSL-Secure-Connection-300x134.png

212.92.105.102

200 OK

41 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/SSL-Secure-Connection-300x134.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 300 x 134, 8-bit/color RGBA, non-interlaced
Size
41 kB (40886 bytes)
Hash
24600a758e1580637fb64ecdc9fbee61
12f8092ea3280f0020fa12c2af6334c6d79730e8
7f0774efaeb4ab17e27e65cf45db3a4aed7540d878ba0d7baa015c3370f33506

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/SSL-Secure-Connection-300x134.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 40886
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-9fb6"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13

212.92.105.102

200 OK

271 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text
Size
271 B (271 bytes)
Hash
c6a55456af4776c733018888483aba22
297b53f8538ba3b59d2028f16de4e14ec90337ce
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-10f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16

212.92.105.102

200 OK

30 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
30 kB (30383 bytes)
Hash
696c51dcd9631f02d28d39fadefdd67d
11fc826e34f795901c8a7ec0f7ef4831ad2b6022
52937687c44d798fb8cd512609692b035f37fdbce19e7eddb747f0c0f48e32d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/js/optin-form.js?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-76af"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/sk.svg

212.92.105.102

200 OK

1.6 kB

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/sk.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1637 bytes)
Hash
6ed3cf547a2f8579e45330fde3095537
dfc6023844bb5a110c3d9219c82dd326940ae055
c1b338efd99956c2ae0c62fcf559b2d956fa11f71751985d62c9942b061dad6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/sk.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-665"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/images/regSuccess.png

212.92.105.102

200 OK

4.3 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/images/regSuccess.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
4.3 kB (4251 bytes)
Hash
4cd1d4874ebef5120e63efa1c66278dc
3648f90f2ccc2e8ded42794dc0c0a363fc945527
caae22c3dadc5664eff10a1e3d0a5959bfea87d28f52f03ca4f3d7ebf560e5de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/images/regSuccess.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 4251
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-109b"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0

212.92.105.102

200 OK

6.8 kB

URL GET
immediate-bumex.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (6795), with no line terminators
Size
6.8 kB (6795 bytes)
Hash
2c8d926d887909904dab4316508bacc6
455db3d80b61fefab3797bacd140f95229fa7518
50fe1014e82dd9acea2f5b26061c8f135cb11ea0aa5d5ad5985e6b265b7f50a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.5.0 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1a8b"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/Favicon-150x150.png

212.92.105.102

200 OK

3.8 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/Favicon-150x150.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3767 bytes)
Hash
95924984ee3155c3e20e13acc4437ca8
4802ff46db5fce9b4f63f55c76cf3e3a256f9423
bd06871394895760a054b3f2d249564e10c0b40cdca62965f363aaa0bfbbdac5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/Favicon-150x150.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 3767
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-eb7"
Accept-Ranges: bytes

immediate-bumex.com/

212.92.105.102

200 OK

172 kB

URL User Request GET
immediate-bumex.com/
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
HTML document, ASCII text, with very long lines (28630)
Size
172 kB (172004 bytes)
Hash
bb257be62a1e1c3709f91660df57b23b
94fc7b67116f3226a8d5bd6e874031b8775edc85
e4e47ee2312f52771d3efafe3993a1662f7a50a26de9084b97073e2c5600a4bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Apr 2025 19:16:44 GMT
Vary: Accept-Encoding
ETag: W/"67f5761c-29fe4"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/es.svg

212.92.105.102

200 OK

714 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/es.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
714 B (714 bytes)
Hash
82a1bb6b96ec71df6247971da6e35155
bb5be7dedff6612e4c8cb7c8019563c547238897
8fc508fdb3ef11a4e38f9123f1ae903962ca14841cefd7b98ed5550d50d2f1bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/es.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-2ca"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/sv.svg

212.92.105.102

200 OK

376 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/sv.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
376 B (376 bytes)
Hash
6d7b2e74f61e873c0fb690155956025e
b515a34c1884d45ef9a2b7f3ebdf731a0613e1c8
4a271da0e5fbcda6d2d15092d8a564e8ef3d36ad507215563ac2faa0e8833001

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/sv.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-178"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/th.svg

212.92.105.102

200 OK

367 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/th.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
367 B (367 bytes)
Hash
756f64249f1f943e61bff54780b49cd8
e4beba68e98c966f57a6cca0e40915ba60500e23
cf1c5911962ac51db0ff4e36a6a91f5ff42c1ba40246ada4067b3b5a846f21b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/th.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-16f"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0

212.92.105.102

200 OK

6.9 kB

URL GET
immediate-bumex.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (6883), with no line terminators
Size
6.9 kB (6883 bytes)
Hash
ca1e68e1ae2dbb2206d21481576bbb45
eecac929830764dba8b0734241090f2403671fa8
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1ae3"
Content-Encoding: gzip

immediate-bumex.com/wp-content/uploads/2024/01/Favicon.png

212.92.105.102

200 OK

2.8 kB

URL GET
immediate-bumex.com/wp-content/uploads/2024/01/Favicon.png
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
PNG image data, 167 x 168, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2818 bytes)
Hash
2749b852870eca46fea2a11377208bb5
c8f1f91fa034b8f5ee1df0a136f11919229fa1a5
1589de5f617c696f8da2088ccb56da1f7b6a5e1bfcfaca8a754401906d90c673

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/01/Favicon.png HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/png
Content-Length: 2818
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
ETag: "671e376c-b02"
Accept-Ranges: bytes

immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/css/widget.css?ver=2.0.16

212.92.105.102

200 OK

7.9 kB

URL GET
immediate-bumex.com/wp-content/plugins/fxbot-registration-form/assets/css/widget.css?ver=2.0.16
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (7914), with no line terminators
Size
7.9 kB (7914 bytes)
Hash
c0526b907bd105ac9d2606c1f6d5225c
38c1efab7570951029c569ea67875e1c0a52f5e2
995420b5354d83b5f15d0a86ff2ac19bc33516e5ec7d0465a9398011a512c336

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/fxbot-registration-form/assets/css/widget.css?ver=2.0.16 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1eea"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.5.5

212.92.105.102

200 OK

1.9 kB

URL GET
immediate-bumex.com/wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.5.5
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (1908), with no line terminators
Size
1.9 kB (1908 bytes)
Hash
4b975a8395bd0a0410b576647ba50906
2e965a1cbe96545cfe0ea8495e8b48d5f7e0cb17
024f1241cafafa2e444fed0beee0ec230befac822d6f95ac4a3933ba2621dfec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.5.5 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-774"
Content-Encoding: gzip

immediate-bumex.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

212.92.105.102

200 OK

14 kB

URL GET
immediate-bumex.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-3509"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/no.svg

212.92.105.102

200 OK

424 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/no.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
424 B (424 bytes)
Hash
ebe2b7f4aefa3c8869fa9f0a402210bb
dc0ceab0f048a8c8ac97e3277f2ed237b974f005
7021694edfe47096e0aa9a5ea85a6851181f723ae3a8806779a8e01702325804

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/no.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-1a8"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/lt.svg

212.92.105.102

200 OK

355 B

URL GET
immediate-bumex.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/lt.svg
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
SVG Scalable Vector Graphics image
Size
355 B (355 bytes)
Hash
86458cbb859c05bf3fc54af01e50856b
9b0769e31e63686d55f311f9b0064ac1dd7f3f67
acd3a6a8487a79e9c9a0cdf7cd61f9f066e6c4aaa71050f93885562db997521e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/lt.svg HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-163"
Content-Encoding: gzip

immediate-bumex.com/wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.229

212.92.105.102

200 OK

2.6 kB

URL GET
immediate-bumex.com/wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.229
IP
212.92.105.102:443
ASN
#43350 NForce Entertainment B.V.

Requested by
https://immediate-bumex.com/
Certificate
IssuerLet's Encrypt
Subjectimmediate-bumex.com
FingerprintA1:9E:FF:BB:55:DA:8E:15:BC:96:5E:C1:42:C9:6D:36:C4:96:3B:E6
ValiditySun, 23 Mar 2025 05:09:36 GMT - Sat, 21 Jun 2025 05:09:35 GMT

File type
ASCII text, with very long lines (2475)
Size
2.6 kB (2554 bytes)
Hash
446b18326b6a7efc47be011ea468def5
dbc8692f8dbcc01efaa22454cb8f19992ead7462
5423a9a2ead65199cfe8f812727ca497fa9333824ebfaead1427ae2a9e25ba8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.229 HTTP/1.1
Host: immediate-bumex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediate-bumex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 16 Apr 2025 07:58:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 27 Oct 2024 12:51:56 GMT
Vary: Accept-Encoding
ETag: W/"671e376c-9fa"
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML