Report - abctheatrebox.com/updaten/Roundcub=%20en.html

Report Overview

Visited public
2025-06-10 01:45:38
Tags
URL
abctheatrebox.com/updaten/Roundcub=%20en.html
Finishing URL
abctheatrebox.com/updaten/Roundcub=%20en.html
IP / ASN
15.235.219.232
#16276 OVH SAS
Title
Page not found - ABC TheatreBox

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
abctheatrebox.com	unknown	2024-12-11	2025-02-14	2025-06-09	15 kB	1.6 MB	15.235.219.232
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	606 B	61 kB	142.250.74.10
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	1.7 kB	148 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed
2025-06-09	medium	abctheatrebox.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	47 B	2023-03-07	2025-06-13
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-13 03:00 Times Seen7182 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.9.3	ScriptElement	2.3 kB	2025-06-09	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-09 17:33 Last Seen2025-06-13 02:19 Times Seen31 Hash d834f2ad78a2268d6497e08749df5e1a 191fb1396d4af5310b58f12c48706b3fe4a73d11 2cc140c784aa49b9aee51bd9de96a6cdf2c5ca057ab768ec6e6a98a9a7c429f6 Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.9.3	ScriptElement	9.6 kB	2023-08-09	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 05:33 Last Seen2025-06-13 03:08 Times Seen17364 Hash ef56117d1bb5cc41aa6bd127a49c7640 b9c2ed774177fc0fceba5cb58113024b23fe4fb7 d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620 Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.9.3	ScriptElement	1.7 kB	2024-03-20	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 13:06 Last Seen2025-06-13 03:08 Times Seen10406 Hash 691a1e43450e7cda541a3bd6f10fd5db d3a78cb77ccec297c9d32fee99a2a4761f604a8c 8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1 Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.9.3	ScriptElement	3.9 kB	2025-06-09	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-09 17:33 Last Seen2025-06-13 02:19 Times Seen30 Hash 84239b0dfe48c4e0270ffbae8f0f3f13 16f4c864622e80b07569e3ef932865631e80767c 299264e6508843ebd2bf696212a992724e103e58f3b2d925c499c1c2451e90ef Loading...

	abctheatrebox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-06-13
Pretty URL abctheatrebox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-06-13 03:36 Times Seen112291 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	739 B	2023-03-07	2025-06-13
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-06-13 03:00 Times Seen4820 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	abctheatrebox.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.4	ScriptElement	1.3 kB	2023-03-07	2025-06-13
Pretty URL abctheatrebox.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.4 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-13 03:00 Times Seen6569 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	206 B	2023-11-07	2025-06-13
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-07 23:57 Last Seen2025-06-13 03:00 Times Seen3791 Hash c41deaf84d1c74db489ee38837b25689 f4d1c111722f85c8a9f0faa06a7b2ac2a913fa17 ae799f59cd8fbe0017c3c8f659373021b7cf53d9f87b9e16ce738a4d9138cff9 Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	252 B	2025-05-26	2025-06-10
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-26 12:08 Last Seen2025-06-10 01:45 Times Seen5 Hash 208fde110c55a04d7c4ad0e500ed061d e6aca4b314c5beec036f6dcef677f229f661b591 46b74e87617e5abf48ac5569586b335f0a647a6d5601fbe94f3a067b18d964b7 Loading...

	abctheatrebox.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.4	ScriptElement	274 kB	2024-11-11	2025-06-13
Pretty URL abctheatrebox.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.4 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-11 11:08 Last Seen2025-06-13 03:00 Times Seen1206 Hash ffeda0ad944eaea8e25836de4a379be5 cb2199a64629ba9f207d1764603b5bd81b71e3cb ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312 Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.9.3	ScriptElement	4.0 kB	2024-12-04	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-04 12:48 Last Seen2025-06-13 03:08 Times Seen4244 Hash d287805a49a165617edb2c8e53108510 be03d1aa839358050674f937277da8941cbcb69a 1f00e7386753e6994b5ff5ee61a772c3b5d9742694d00041e28fff83fee413cd Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	209 B	2025-02-25	2025-06-13
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-25 22:19 Last Seen2025-06-13 03:08 Times Seen772 Hash 7c0a25dc8ec45815e81de49fa4d3674b 5c43c87f967251aa4c76c780c30dbfd5a0a46428 9d0913b40acff480a86621fc3d1ede23688ad4404b0a1b18e63639f5eda77caf Loading...

	abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.9.3	ScriptElement	15 kB	2024-06-19	2025-06-13
Pretty URL abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.9.3 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-19 04:58 Last Seen2025-06-13 03:08 Times Seen8696 Hash fc06080ebf979384eaf92a5f1cd7a50b 1474b07026c758629a82df51a5e4fbb7abf531df c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837 Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	152 B	2023-03-07	2025-06-13
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-13 03:08 Times Seen30282 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	1.6 kB	2025-06-10	2025-06-10
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-10 01:45 Last Seen2025-06-10 01:45 Times Seen1 Hash 0386ee3be72e0870d2b49a2d9616eabf 5bfd064749f48b8c4738e781c7b3fe35a7a66533 65b5a0c82955a3189b0d75d0ef0de68f41ea3ac8f7f2dc67702dce6f85403ce7 Loading...

	abctheatrebox.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-06-13
Pretty URL abctheatrebox.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-06-13 03:36 Times Seen99572 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	abctheatrebox.com/updaten/Roundcub=%20en.html	ScriptElement	722 B	2025-05-26	2025-06-10
Pretty URL abctheatrebox.com/updaten/Roundcub=%20en.html IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-26 12:08 Last Seen2025-06-10 01:45 Times Seen5 Hash 177e5a89cf5903ac39b9568a89efea21 e96685e807a4c84596fcd150d7fefba8996c75a6 9bfd048163f86768a0a4b6a64dc1d92b49e7ac135b9b7dee0f8f7374758ce07c Loading...

	abctheatrebox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.4	ScriptElement	3.3 kB	2023-03-07	2025-06-13
Pretty URL abctheatrebox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.4 IP 15.235.219.232 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-06-13 03:00 Times Seen4490 Hash fa07f10043b891dacdb82f26fd2b42bc 9c1dc49e9747758e033c0e9a7d016401bd78602c 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace Loading...

HTTP Transactions (33)

URL IP Response Size

abctheatrebox.com/updaten/Roundcub=%20en.html

15.235.219.232

404 Not Found

76 kB

URL User Request GET
abctheatrebox.com/updaten/Roundcub=%20en.html
IP
15.235.219.232:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subject*.abctheatrebox.com
Fingerprint23:E1:66:4E:75:0D:5A:52:42:28:15:97:4E:A7:84:CD:E5:A0:82:27
ValiditySat, 12 Apr 2025 17:28:48 GMT - Fri, 11 Jul 2025 17:28:47 GMT

File type
HTML document, ASCII text, with very long lines (26343)
Size
76 kB (76151 bytes)
Hash
23087c66605e79a7f8a8968abac0efc5
0d572393a17923b7a5908a3676078f9f95a2c540
708d4540d222211f372b22fb56796f98218798266ac95fbb8af60ef1bc031303

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /updaten/Roundcub=%20en.html HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
x-powered-by: PHP/8.0.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, no-store, private
content-type: text/html; charset=UTF-8
link: <https://abctheatrebox.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Tue, 10 Jun 2025 01:45:18 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.9.3

15.235.219.232

200 OK

9.6 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (9242)
Size
9.6 kB (9636 bytes)
Hash
ef56117d1bb5cc41aa6bd127a49c7640
b9c2ed774177fc0fceba5cb58113024b23fe4fb7
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 3540
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.9.3

15.235.219.232

200 OK

4.0 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (4035), with no line terminators
Size
4.0 kB (4035 bytes)
Hash
d287805a49a165617edb2c8e53108510
be03d1aa839358050674f937277da8941cbcb69a
1f00e7386753e6994b5ff5ee61a772c3b5d9742694d00041e28fff83fee413cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1361
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/uploads/2025/02/ABC-theatrebox-Logo-R.png

15.235.219.232

200 OK

467 kB

URL GET
abctheatrebox.com/wp-content/uploads/2025/02/ABC-theatrebox-Logo-R.png
IP
15.235.219.232:443
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerLet's Encrypt
Subject*.abctheatrebox.com
Fingerprint23:E1:66:4E:75:0D:5A:52:42:28:15:97:4E:A7:84:CD:E5:A0:82:27
ValiditySat, 12 Apr 2025 17:28:48 GMT - Fri, 11 Jul 2025 17:28:47 GMT

File type
PNG image data, 2100 x 2115, 8-bit/color RGBA, non-interlaced
Size
467 kB (466618 bytes)
Hash
72c47a65c94128e9ea5738313359c126
690dbd218e3d35ee35ba943a03c47a3dee5bd2e2
4204b12a4d4899505cf860e34507ef4d5cd174290461c94e347ecde388462ee9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2025/02/ABC-theatrebox-Logo-R.png HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 08 Oct 2025 01:45:20 GMT
content-type: image/png
last-modified: Thu, 20 Feb 2025 03:48:11 GMT
accept-ranges: bytes
content-length: 466618
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.4

15.235.219.232

200 OK

274 kB

URL GET
abctheatrebox.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.27.4
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (65467)
Size
274 kB (274335 bytes)
Hash
ffeda0ad944eaea8e25836de4a379be5
cb2199a64629ba9f207d1764603b5bd81b71e3cb
ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.27.4 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 19 Feb 2025 10:48:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 70641
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap

142.250.74.10

200 OK

60 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
60 kB (60285 bytes)
Hash
2593faf8996bee67c11ecab08a525fb2
e59f506dd70dee83633f54b05b0441ccf8ea701f
a90459f44cd490350c67eee46fc5b0d3bce47af41907847cb00d161b880414ba

HTTP Headers

GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 10 Jun 2025 01:45:20 GMT
date: Tue, 10 Jun 2025 01:45:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abctheatrebox.com/updaten/Roundcub=%20en.html

15.235.219.232

404 Not Found

76 kB

URL User Request GET
abctheatrebox.com/updaten/Roundcub=%20en.html
IP
15.235.219.232:80
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (26342)
Size
76 kB (76122 bytes)
Hash
39b045fd35acacf4bb554998fcf4cca2
0a273aba4db89fd7e485f468d6d7e3f4f92f3e28
f1170f455408e63bb68a9561d3f352bf835c6e9ea1b6f79803dec66c9d1db0ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /updaten/Roundcub=%20en.html HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/8.0.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0, no-store, private
content-type: text/html; charset=UTF-8
link: <https://abctheatrebox.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
date: Tue, 10 Jun 2025 01:45:19 GMT
server: LiteSpeed

abctheatrebox.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

15.235.219.232

200 OK

116 kB

URL GET
abctheatrebox.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (55654)
Size
116 kB (116363 bytes)
Hash
dfe67cbbac3da53fdbbaed71c91db428
8c82643ef63a8389c1b800b7c5d0af9d684b8b24
597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 15 Apr 2025 21:25:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 15300
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=9.9.3

15.235.219.232

200 OK

20 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (19727), with no line terminators
Size
20 kB (19727 bytes)
Hash
e98f5279cacaef826050eb2595082e77
a8544ea38d3f635cdf937ff02c6766801a689431
88b9926f308c1b694f61a23f1c80f2ef3a9980f98084bfc0f273b7049611db2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 3426
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Size
48 kB (48332 bytes)
Hash
5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://abctheatrebox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:18:27 GMT
expires: Fri, 05 Jun 2026 13:18:27 GMT
cache-control: public, max-age=31536000
age: 390414
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-32x32.png

15.235.219.232

200 OK

1.5 kB

URL GET
abctheatrebox.com/wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-32x32.png
IP
15.235.219.232:443
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerLet's Encrypt
Subject*.abctheatrebox.com
Fingerprint23:E1:66:4E:75:0D:5A:52:42:28:15:97:4E:A7:84:CD:E5:A0:82:27
ValiditySat, 12 Apr 2025 17:28:48 GMT - Fri, 11 Jul 2025 17:28:47 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.5 kB (1497 bytes)
Hash
d7618b18390bc1a8eaf3fdf21fa0763a
d6651519865d334c6466c58cb11237806ee67503
e187817e77fb1a106eaed8d7c71610fb7d5e6d87dc73dbe6d25bc1c3aaf32858

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-32x32.png HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-06-10%2001%3A45%3A21%7C%7C%7Cep%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2025-06-10%2001%3A45%3A21%7C%7C%7Cep%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 08 Oct 2025 01:45:21 GMT
content-type: image/png
last-modified: Thu, 20 Feb 2025 01:31:19 GMT
accept-ranges: bytes
content-length: 1497
date: Tue, 10 Jun 2025 01:45:21 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/add-to-cart-form-style.css?ver=6.8.1

15.235.219.232

200 OK

7.2 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/add-to-cart-form-style.css?ver=6.8.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (7195)
Size
7.2 kB (7196 bytes)
Hash
50b53d78c5ceb4fcb70d839f7d3c50e3
1795a28c2017931a5e64555b6752ffe87dd9efc6
10d132287787bda7c50c35c86de5cb47dd4238ac4cd80d32126422bd3f2926f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/add-to-cart-form-style.css?ver=6.8.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1469
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/brands.css?ver=9.9.3

15.235.219.232

200 OK

2.3 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/brands.css?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (2279), with no line terminators
Size
2.3 kB (2279 bytes)
Hash
48d56016b20f151be4f24ba6d0eb1be4
d46d600e709e67e5f41a91c2edcd038a2677a495
00faab274a47c51cf6c4ad12d5398ac8a6f04c096f056ad26b90d987e628f0f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/brands.css?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 682
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/themes/Divi-Child/style.css?ver=4.27.4

15.235.219.232

200 OK

296 B

URL GET
abctheatrebox.com/wp-content/themes/Divi-Child/style.css?ver=4.27.4
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text
Size
296 B (296 bytes)
Hash
252c0da43e76bfacd477bc3f6fef7041
f93b4ee1d0c37cc4226cd505b1c8b61b9cff18ae
436e09f43c321e8cbba2de42931344373a35ef6d6e0bfbb005aebced88f860b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi-Child/style.css?ver=4.27.4 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 19 Feb 2025 10:33:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 197
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

15.235.219.232

200 OK

14 kB

URL GET
abctheatrebox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 4870
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.9.3

15.235.219.232

200 OK

1.7 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (1690)
Size
1.7 kB (1720 bytes)
Hash
691a1e43450e7cda541a3bd6f10fd5db
d3a78cb77ccec297c9d32fee99a2a4761f604a8c
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 832
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Size
48 kB (48332 bytes)
Hash
5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://abctheatrebox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:18:27 GMT
expires: Fri, 05 Jun 2026 13:18:27 GMT
cache-control: public, max-age=31536000
age: 390414
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-192x192.png

15.235.219.232

200 OK

19 kB

URL GET
abctheatrebox.com/wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-192x192.png
IP
15.235.219.232:443
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerLet's Encrypt
Subject*.abctheatrebox.com
Fingerprint23:E1:66:4E:75:0D:5A:52:42:28:15:97:4E:A7:84:CD:E5:A0:82:27
ValiditySat, 12 Apr 2025 17:28:48 GMT - Fri, 11 Jul 2025 17:28:47 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced
Size
19 kB (19187 bytes)
Hash
b79da0b14f641124abca0b516b2b011d
c0b61d8ac11f98c841a4ff84c3cb57fdb0bb292a
78faaa79223f32a04c902f1762ccb6c82fc618ff41fa30ce0a2147aa43fe54c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2025/02/cropped-ABC-theatrebox-Logo-192x192.png HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2025-06-10%2001%3A45%3A21%7C%7C%7Cep%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2025-06-10%2001%3A45%3A21%7C%7C%7Cep%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttp%3A%2F%2Fabctheatrebox.com%2Fupdaten%2FRoundcub%3D%2520en.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 08 Oct 2025 01:45:21 GMT
content-type: image/png
last-modified: Thu, 20 Feb 2025 01:31:19 GMT
accept-ranges: bytes
content-length: 19187
date: Tue, 10 Jun 2025 01:45:21 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-gallery-style.css?ver=6.8.1

15.235.219.232

200 OK

25 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-gallery-style.css?ver=6.8.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (25267)
Size
25 kB (25268 bytes)
Hash
c24678efee7439ccda6ff9dd772bf84d
f72d5fcff6ad55e1d811cfe6942e6612c8060e43
84be8e5b2148e143aa08bb9515296d8730fb164156349e6ac538512f8cf76eed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-gallery-style.css?ver=6.8.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 2565
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=9.9.3

15.235.219.232

200 OK

86 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
86 kB (85777 bytes)
Hash
213126d360160f3d4e14446e52dcea9e
950ced59981c544adba3277cd913b59e54e7d38e
8b24fbb3233ad811cd4c8534309b0d43bf5a7044beb14b32c5b737beb551f8f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 10812
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.4

15.235.219.232

200 OK

3.3 kB

URL GET
abctheatrebox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.4
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text
Size
3.3 kB (3349 bytes)
Hash
fa07f10043b891dacdb82f26fd2b42bc
9c1dc49e9747758e033c0e9a7d016401bd78602c
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.27.4 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 19 Feb 2025 10:48:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1334
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Size
48 kB (48332 bytes)
Hash
5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a

HTTP Headers

GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://abctheatrebox.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:18:27 GMT
expires: Fri, 05 Jun 2026 13:18:27 GMT
cache-control: public, max-age=31536000
age: 390414
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

abctheatrebox.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.4

15.235.219.232

200 OK

1.3 kB

URL GET
abctheatrebox.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.4
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text
Size
1.3 kB (1343 bytes)
Hash
d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.27.4 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 19 Feb 2025 10:48:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 570
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.9.3

15.235.219.232

200 OK

2.3 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (2346), with no line terminators
Size
2.3 kB (2346 bytes)
Hash
d834f2ad78a2268d6497e08749df5e1a
191fb1396d4af5310b58f12c48706b3fe4a73d11
2cc140c784aa49b9aee51bd9de96a6cdf2c5ca057ab768ec6e6a98a9a7c429f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1119
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=9.9.3

15.235.219.232

200 OK

7.5 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (7527), with no line terminators
Size
7.5 kB (7527 bytes)
Hash
59d266c0ea580aae1113acb3761f7ad5
73c56509ceda1b1047096bae2cab820063047833
8de5b2ae100f00d7a4e18f42cb12e8b5562d387f6b5c0ed09332cd5cec389ac0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:21 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1274
date: Tue, 10 Jun 2025 01:45:21 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

15.235.219.232

200 OK

92 kB

URL GET
abctheatrebox.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
Web Open Font Format, TrueType, length 92084, version 2.4
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/wp-content/et-cache/notfound/et-divi-dynamic.css?ver=1740405838
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=10368000
expires: Wed, 08 Oct 2025 01:45:21 GMT
content-type: font/woff
last-modified: Wed, 19 Feb 2025 10:48:00 GMT
accept-ranges: bytes
content-length: 92084
date: Tue, 10 Jun 2025 01:45:21 GMT
server: LiteSpeed
vary: Accept-Encoding

abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-filter-price-slider-style.css?ver=6.8.1

15.235.219.232

200 OK

6.3 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-filter-price-slider-style.css?ver=6.8.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (6289)
Size
6.3 kB (6290 bytes)
Hash
455a34355340cd76eb3e835529a09639
f077bb7e297fd2eb4ee4ae06b610f140a418207a
d17c58c7887ae79915b2eae92ab0c7b9709f615e6f60b75e1127a8a21225fa20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/client/blocks/woocommerce/product-filter-price-slider-style.css?ver=6.8.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:21 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1061
date: Tue, 10 Jun 2025 01:45:21 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.9.3

15.235.219.232

200 OK

3.9 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (3889), with no line terminators
Size
3.9 kB (3889 bytes)
Hash
84239b0dfe48c4e0270ffbae8f0f3f13
16f4c864622e80b07569e3ef932865631e80767c
299264e6508843ebd2bf696212a992724e103e58f3b2d925c499c1c2451e90ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1443
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1740352804

15.235.219.232

200 OK

4.5 kB

URL GET
abctheatrebox.com/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1740352804
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (4484), with no line terminators
Size
4.5 kB (4484 bytes)
Hash
470c4b4e634dd4bce4de734fb035587a
631d8002d4d9eae8529bb0206af38bece72a8927
b090091e3161e43bc0ffc4e7973cbfaa9eb1e13d02acb05929480d3c8697050f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1740352804 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Sun, 23 Feb 2025 23:20:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 982
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

15.235.219.232

200 OK

88 kB

URL GET
abctheatrebox.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 30412
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/et-cache/notfound/et-divi-dynamic.css?ver=1740405838

15.235.219.232

200 OK

153 kB

URL GET
abctheatrebox.com/wp-content/et-cache/notfound/et-divi-dynamic.css?ver=1740405838
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
ASCII text, with very long lines (14525)
Size
153 kB (152628 bytes)
Hash
a272743db2336b017123de9065feb979
68d6e3b1dd5d6e4323a4b53c26f70691f6e9191c
f85ec2d43b351b768a3197b8d1c8e094c1f02a2794e9ed405206487129063d08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/notfound/et-divi-dynamic.css?ver=1740405838 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 24 Feb 2025 14:03:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 18733
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-9.9.3

15.235.219.232

200 OK

14 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
Unicode text, UTF-8 text, with very long lines (10250)
Size
14 kB (13874 bytes)
Hash
ea813bf93c29dd3a46240131aea4a4da
c7d4fb7709f591c37c2e005acc6318a02b81b04a
93ff8a83753fea877fb3875fc9a45c583209dd92acdf82e5c9534c2abc364544

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Wed, 10 Jun 2026 01:45:20 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 2557
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.9.3

15.235.219.232

200 OK

15 kB

URL GET
abctheatrebox.com/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.9.3
IP
15.235.219.232:80
ASN
#16276 OVH SAS

Requested by
http://abctheatrebox.com/updaten/Roundcub=%20en.html

File type
JavaScript source, ASCII text, with very long lines (15315), with no line terminators
Size
15 kB (15315 bytes)
Hash
fc06080ebf979384eaf92a5f1cd7a50b
1474b07026c758629a82df51a5e4fbb7abf531df
c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.9.3 HTTP/1.1
Host: abctheatrebox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://abctheatrebox.com/updaten/Roundcub=%20en.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=2592000,public
expires: Thu, 10 Jul 2025 01:45:20 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 09 Jun 2025 17:28:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 4814
date: Tue, 10 Jun 2025 01:45:20 GMT
server: LiteSpeed

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML