{"report_id":"1876371c-ff46-400c-80db-444570bdd5d0","version":0,"status":"done","tags":[],"date":"2026-06-18T12:43:16Z","url":{"schema":"http","addr":"abg1818s.com","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"title":"欧博入口-平台网址","dom":{"size":19117,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (701)","md5":"2adb065ffad75ec391a738bcfc10602d","sha1":"7736c13b3358135bb6ff32e5835aff59ab3b67bb","sha256":"ffcbcc34627a5870785dd2efde3fa507113a0ac5522a2e07cc85f2105a91f26a","sha512":"888304b0b16804fb954cb0ffef1dc15fd1c47a014616cfd80e88da3649ce8ee06333e4e2b6d9228f7f0e42aacbd265d02948ee55abcb2d113c9e3b5edc716ea7","ssdeep":"384:woFkzFeKQp+l1FU0zFMFUIdDFJFJFVfDZmn5sbjFWVnPB4DB/ZQ:jFgF/Qp+l1FxzFMFUIdDFJFJFVfDIn5t","tlshash":"478294068df31506606780d86bf5779e3aa98307c30ecdb876ed22a5dfcbf955813298","dom_hash":"domhash4221ba21d974c854e603e9359a16f46d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"abg1818s.com","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-23T12:43:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"abg1818s.com","ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":102,"request_count":34,"received_data":853363,"sent_data":16039,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"abg1818.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":0,"sent_data":548,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.abg1818s.com","ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2026-06-03","domain_rank":0,"first_seen":"2026-06-18T12:43:17.367602Z","last_seen":"2026-06-18T12:43:17.367602Z","alert_count":20,"request_count":5,"received_data":9902,"sent_data":2454,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"domTimer","is_inline":false,"md5":"7a936e1a3705e6d0c8c58f3c75f459df","sha1":"571d6bc10712044b4d0ee126d1f58dd2b856bf0a","sha256":"ca1cf9bf3d32832c136d41acde1b6c70931941a7c801c190b2f807a94512ebfd","sha512":"e71bc5adabbafe15d14da2a45b2ba7a5b917c391799d7d6d8484174cd30c6233beda8dfe393dd2cc5473afa1f4c25a287d9829487f11cfde1bfad8193dc1225d","ssdeep":"","tlshash":"b2a00008e282222800e002382080008002208000c880000080000002802000208c0088","size":67,"data":"","first_seen":"2026-03-18T14:48:48.661867Z","last_seen":"2026-06-18T12:43:22.613126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/bootstrap.min.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","size":37045,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-18T17:04:09.746252Z","times_seen":92213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/simpleAlert.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"b08f61c64e6918defef4474b00a56b10","sha1":"7005bbfd042c7b0dbaaa5da40ddffb35b69a53fa","sha256":"e8c8791e5f0613fa38ac887b664ddcd2f19fda14ce7ae8a75d45a0f87076ee6c","sha512":"65f307d88c0edc314e2fc0578c30c71415a8d5d21ee8a243c4afd1c7d190e24e8fe280050041d3478d6137405d3012eab1809fcf1e713813e26a1158c9d5d999","ssdeep":"","tlshash":"d5518028d0723d515f7f33794b2fd065fe9500239045a38039aeb98e4fb9540659aefe","size":2629,"data":"","first_seen":"2025-03-18T05:53:15.036992Z","last_seen":"2026-06-18T12:43:22.557125Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/game.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"e576272c6ba2f2a42fd95fbabcd2b111","sha1":"0e317814242a9b557c1ade9689e70d9ec1d80244","sha256":"2ab38dc4843e2435d0988983709f8e6f60bd78f9e88fb6ad68d790761a12a36e","sha512":"b71a1daa54eca321265b3b07bd47cb3f0d41365e6cd567a29795665b57f4226dfadb6525df00b31c827d3910357fd7fd101cf423f7731136ec4fc32a1991f46a","ssdeep":"768:P1fZRdpWvyJyDHXlNKZmfTthRzRmTthRzRHht/SRxghtdMRchtlFRjBlhthRvLCJ:PznpWvyJyDHXlNKZmk0+fDLteOaSd2","tlshash":"1a43b6e9f8f32256443a229c5e60ea8edfe5503bd752df467a1c0ab52f1c984007376d","size":57880,"data":"","first_seen":"2025-03-18T05:53:15.030033Z","last_seen":"2026-06-18T12:43:22.590554Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/jquery.layerModel.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e98f2b0ece71a09d40b4f3bf2444e85","sha1":"042f063abf0ed806de7ae7b1146a08aa10a5e120","sha256":"2bfa66b667aab148c8a4fd3f580b3996df34716e8e6ad6778cc9ccc165be6274","sha512":"4a4901f4e3871a521ec486042d156ecb3198f0c206e63b3ca3ad6171a4bffeac76c933ab258a80d76d3a3f16526f213972b52ea33428ebb77b1e541e9cf99b21","ssdeep":"192:7Fnj4IulLkf3ENumP5tZtfeCy05t/H0oG+IFDuj7vr6yCWjT:Bj30w2ztDJ07HUjuyV","tlshash":"2572509965636cbd2832a3bdcd2941dcd322b017432ada257c9c711d6fbcc6012e5bee","size":16686,"data":"","first_seen":"2025-03-18T05:53:15.005695Z","last_seen":"2026-06-18T12:43:22.559478Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/jquery.min.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"6631a779321bc03f4a5281d3ff526254","sha1":"5be8bf17be5085d803dfcbe59f8d6e584b516679","sha256":"797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858","sha512":"ae9633aee19d0e53648a7fb1be53752d48d58fde56e927e30022ee1b0130846a7a22b0e1ff2f732cc025827a90bbbe9d2680e1a37bec3414183454cd3e25269c","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9y:7NMnJiz6oAQKP5a98HrJ","tlshash":"c283d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84244,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-18T12:43:22.516007Z","times_seen":1755,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/banner.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"69ee90f6b196a89dd8bca66c148c419c","sha1":"9b6c497a075fa2793eaaa6b0d0cd58d9603ed711","sha256":"27e08767bab61a4de3389605f07dcf95e5672de182ef022df3f7b1f6c94d9b7f","sha512":"fb5fba99f31f05bcd589a3faeb7adf4c8209211d80b02d73c60d39fad33654327b465fb0cc55f24ec3f15d90ef52d6838a740a3b480fa970f971953b09887419","ssdeep":"192:OdLthO94LtRThd8abPv2ZcuAggeV8M46hEoUO6:yoy8QGiZeeM4+Eoi","tlshash":"552250368de311294067b16b5bae407937aa12074e0cfd44b9acb5924fdee2c41777f8","size":10895,"data":"","first_seen":"2026-06-18T12:43:22.52771Z","last_seen":"2026-06-18T12:43:22.52771Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/notice.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"66a72a8e6533e97cec2845aed007f25e","sha1":"32536cdeb1fca93f0119cbccfb3ca2c0dedc4f73","sha256":"ab4c0f6d413e244edf5dbd2c14fe6db93ccb7be0ff73d88133ea8685d3d4675b","sha512":"07a0c374e57e70884d71655e1d4ec563a7d52d2a54756a7294dca1c4c291b0d4bf9ddc2383df4a79e3dffc564eafd34f493168af5fe920a84c917c808821b131","ssdeep":"384:TO4EagO7AyUPe0GxFnApRxFH48TyXuxzIh7:TOnap7Ayue0GjApRxRvxzIh7","tlshash":"aa5240399a6321919167f06b1aef15b5333501036c0dbe25bd0c2247afce92d96b2bfd","size":13485,"data":"","first_seen":"2026-06-18T12:43:22.54458Z","last_seen":"2026-06-18T12:43:22.54458Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"domTimer","is_inline":false,"md5":"7a936e1a3705e6d0c8c58f3c75f459df","sha1":"571d6bc10712044b4d0ee126d1f58dd2b856bf0a","sha256":"ca1cf9bf3d32832c136d41acde1b6c70931941a7c801c190b2f807a94512ebfd","sha512":"e71bc5adabbafe15d14da2a45b2ba7a5b917c391799d7d6d8484174cd30c6233beda8dfe393dd2cc5473afa1f4c25a287d9829487f11cfde1bfad8193dc1225d","ssdeep":"","tlshash":"b2a00008e282222800e002382080008002208000c880000080000002802000208c0088","size":67,"data":"","first_seen":"2026-03-18T14:48:48.661867Z","last_seen":"2026-06-18T12:43:22.613126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/common.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed50db497c57b5a63e9c3d6af374c8a8","sha1":"dc31dc36ada407bd2342d02e463184ebf8d66671","sha256":"35b1c0f535ea8c34203a7b810137abbce082e4bb6775868404338a73da7c5cef","sha512":"42f03a79fb1502be0eb1e7d95dab13317dc93e18ab9104514b74c60bd69a8bfb1303f49114a7e43c3706dc3cf8f5434da044622b7c120b37e23810cdad6a82bf","ssdeep":"384:5OmgauDHIiV6Guamm28muF84HZ4bY19gH3Cj16lPnJLEYc9RarPmM+NzvNLIMQVT:5OmgauDHIiV6Guamm28mumiHE","tlshash":"2442a2aff9b699100a5b303b1d7f8b593823a00b3904f5047f5c96695f8da3968b27dc","size":13044,"data":"","first_seen":"2026-06-18T12:43:22.520514Z","last_seen":"2026-06-18T12:43:22.520514Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/header.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"2aa7b6960b167476840c59770b21a687","sha1":"c5a28b9fe3cfdeeba7891e8e0aac5dd399219fc1","sha256":"71cadd8533c0a2d7ee77251d3d9d49820907d6f9171f6749d4b27b5a6ea9e93b","sha512":"279b9ec86b83ae1d9e4231919b17aea8dbc052b3d2b5ffc6894154cc0bec3a64ecdb152c9f0ba0d548228682218afd6b1cc6bfe2024bd9c7cfefdecfe983cb3c","ssdeep":"","tlshash":"bc014c48d0fe104291a1a110dabb462e2b37d7079609de00750c19cb6fc3e99ce5fee8","size":689,"data":"","first_seen":"2026-06-18T12:43:22.523912Z","last_seen":"2026-06-18T12:43:22.523912Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/service-button.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"a15aa4606f7a4374c7d4c0380b11e76a","sha1":"0c4f0fd7e83d4953b7b63a076bcb2ed3e958d468","sha256":"4ddee80ccaee86d043952bbedd0e7e0870b6d79146d3ff5bfc1b7b659d80121c","sha512":"e712a08911a74e495da5b717b3e885c9243fb57e43d5400646031dd25d93e7bfa11dd3ba74ee6f3247e073d719cb260948e2f91f588185dab2b7fdccf04b65e5","ssdeep":"","tlshash":"0201d0b5d4cf20620217f426619f83493a355113250dbe05ba6c95b75fcdc2c99bb3dd","size":853,"data":"","first_seen":"2026-06-18T12:43:22.610832Z","last_seen":"2026-06-18T12:43:22.610832Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/tracking.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"393aa96c14b43d4605e5ab1e545a1daf","sha1":"dfea8d9b3112fd1c466f74b2411247a80c92b606","sha256":"d4a67e102a8578c4da972a63dc7c9ba47365ee9a6439e5d08a0b22f5020f6980","sha512":"54f465e5104dbefc6d381eb13a1f79a2069cd21abd7b63f669c93beb33ee4c30e8b059428b67d1759499ec4575de87b1fd5531b05ca9a9b2148946c3b2796501","ssdeep":"1536:KPIcQrW/+cEXDegrrNS3ENo4NEijG2EVsWs6cTInJ:KAcQXXCgrrNSUNqVUT2","tlshash":"3b9339dab381b03053f795a7607fa21ab739191834098424f13cdda9395b987e1b3f6e","size":89926,"data":"","first_seen":"2026-06-18T12:43:22.563807Z","last_seen":"2026-06-18T12:43:22.563807Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"domTimer","is_inline":false,"md5":"7a936e1a3705e6d0c8c58f3c75f459df","sha1":"571d6bc10712044b4d0ee126d1f58dd2b856bf0a","sha256":"ca1cf9bf3d32832c136d41acde1b6c70931941a7c801c190b2f807a94512ebfd","sha512":"e71bc5adabbafe15d14da2a45b2ba7a5b917c391799d7d6d8484174cd30c6233beda8dfe393dd2cc5473afa1f4c25a287d9829487f11cfde1bfad8193dc1225d","ssdeep":"","tlshash":"b2a00008e282222800e002382080008002208000c880000080000002802000208c0088","size":67,"data":"","first_seen":"2026-03-18T14:48:48.661867Z","last_seen":"2026-06-18T12:43:22.613126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/index.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"53407c2c2e2e4387157cb84e0cdbed73","sha1":"bdbab6b9428113d63637b815a291860483327654","sha256":"cdba28fbb6b0d03e8fb76ca98e506b85cd7442b9d6068b3767fa2a37bf36716a","sha512":"7c3d6426007043fddfcaa7e677124ec62dca596e6127fc82ca4467536c3e75be3f81e838769e3b09d82555c921622ab4d6611922098118a47e940c8133114c6e","ssdeep":"","tlshash":"da61cf6ae0a01f26207b11784afbe91c55aa5113e603ce36f51c59961fccbb8e39ca0d","size":3414,"data":"","first_seen":"2026-03-18T14:48:48.637702Z","last_seen":"2026-06-18T12:43:22.535992Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"domTimer","is_inline":false,"md5":"7a936e1a3705e6d0c8c58f3c75f459df","sha1":"571d6bc10712044b4d0ee126d1f58dd2b856bf0a","sha256":"ca1cf9bf3d32832c136d41acde1b6c70931941a7c801c190b2f807a94512ebfd","sha512":"e71bc5adabbafe15d14da2a45b2ba7a5b917c391799d7d6d8484174cd30c6233beda8dfe393dd2cc5473afa1f4c25a287d9829487f11cfde1bfad8193dc1225d","ssdeep":"","tlshash":"b2a00008e282222800e002382080008002208000c880000080000002802000208c0088","size":67,"data":"","first_seen":"2026-03-18T14:48:48.661867Z","last_seen":"2026-06-18T12:43:22.613126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"domTimer","is_inline":false,"md5":"7a936e1a3705e6d0c8c58f3c75f459df","sha1":"571d6bc10712044b4d0ee126d1f58dd2b856bf0a","sha256":"ca1cf9bf3d32832c136d41acde1b6c70931941a7c801c190b2f807a94512ebfd","sha512":"e71bc5adabbafe15d14da2a45b2ba7a5b917c391799d7d6d8484174cd30c6233beda8dfe393dd2cc5473afa1f4c25a287d9829487f11cfde1bfad8193dc1225d","ssdeep":"","tlshash":"b2a00008e282222800e002382080008002208000c880000080000002802000208c0088","size":67,"data":"","first_seen":"2026-03-18T14:48:48.661867Z","last_seen":"2026-06-18T12:43:22.613126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"API Response:map[actor:server1.conn0.watcher14.process7//obj52 class:Object extensible:true frozen:false isError:false ownPropertyLength:5 preview:map[kind:Object ownProperties:map[code:map[configurable:true enumerable:true value:200 writable:true] message:map[configurable:true enumerable:true value:111 writable:true] result:map[configurable:true enumerable:true value:111 writable:true] success:map[configurable:true enumerable:true value:true writable:true] timestamp:map[configurable:true enumerable:true value:1.781786583056e+12 writable:true]] ownPropertiesLength:5] sealed:false type:object]","filename":"https://abg1818s.com/abg/common.js","line_number":0,"column_number":0},{"level":"log","text":"API Response:map[actor:server1.conn0.watcher14.process7//obj53 class:Object extensible:true frozen:false isError:false ownPropertyLength:5 preview:map[kind:Object ownProperties:map[code:map[configurable:true enumerable:true value:200 writable:true] message:map[configurable:true enumerable:true value:https://api.abg1818s.com/ld/sys/common/static/temp/logob_1781196172765_1781196267772.png writable:true] result:map[configurable:true enumerable:true value:https://api.abg1818s.com/ld/sys/common/static/temp/logob_1781196172765_1781196267772.png writable:true] success:map[configurable:true enumerable:true value:true writable:true] timestamp:map[configurable:true enumerable:true value:1.781786583067e+12 writable:true]] ownPropertiesLength:5] sealed:false type:object]","filename":"https://abg1818s.com/abg/common.js","line_number":0,"column_number":0},{"level":"log","text":"API Response:map[actor:server1.conn0.watcher14.process7//obj54 class:Object extensible:true frozen:false isError:false ownPropertyLength:5 preview:map[kind:Object ownProperties:map[code:map[configurable:true enumerable:true value:200 writable:true] message:map[configurable:true enumerable:true value:https://api.abg1818s.com/ld/sys/common/static/temp/logob_1781196172765_1781196267772.png writable:true] result:map[configurable:true enumerable:true value:https://api.abg1818s.com/ld/sys/common/static/temp/logob_1781196172765_1781196267772.png writable:true] success:map[configurable:true enumerable:true value:true writable:true] timestamp:map[configurable:true enumerable:true value:1.781786583068e+12 writable:true]] ownPropertiesLength:5] sealed:false type:object]","filename":"https://abg1818s.com/abg/common.js","line_number":0,"column_number":0},{"level":"log","text":"API Response:map[actor:server1.conn0.watcher14.process7//obj55 class:Object extensible:true frozen:false isError:false ownPropertyLength:5 preview:map[kind:Object ownProperties:map[code:map[configurable:true enumerable:true value:200 writable:true] message:map[configurable:true enumerable:true value:https://www.baidu.com writable:true] result:map[configurable:true enumerable:true value:https://www.baidu.com writable:true] success:map[configurable:true enumerable:true value:true writable:true] timestamp:map[configurable:true enumerable:true value:1.781786583108e+12 writable:true]] ownPropertiesLength:5] sealed:false type:object]","filename":"https://abg1818s.com/abg/common.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/3.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.181Z","timestamp":1781786566181,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/3.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195594-90b14\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818.com/static/image/beijing-1.jpg","fqdn":"abg1818.com","domain":"abg1818.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.205Z","timestamp":1781786566205,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/image/beijing-1.jpg HTTP/1.1\r\nHost: abg1818.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Storage-Access: none\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/jquery.min.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.809Z","timestamp":1781786564809,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/jquery.min.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 13:59:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10614c-14914\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84244,"size_decoded":33527,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32061)","md5":"6631a779321bc03f4a5281d3ff526254","sha1":"5be8bf17be5085d803dfcbe59f8d6e584b516679","sha256":"797e79e220fdb3c48f6df26b879543102479491611940c8acc81a905da5c6858","sha512":"ae9633aee19d0e53648a7fb1be53752d48d58fde56e927e30022ee1b0130846a7a22b0e1ff2f732cc025827a90bbbe9d2680e1a37bec3414183454cd3e25269c","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9y:7NMnJiz6oAQKP5a98HrJ","tlshash":"c283d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-18T12:43:22.516007Z","times_seen":1755,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/s1.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.849Z","timestamp":1781786564849,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/s1.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jun 2026 15:00:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1ef023-4123\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16675,"size_decoded":5086,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (537)","md5":"adbcf93913d7c4922d4223a18da504d9","sha1":"3474596c26eb24b70c09218e596acc32e73cca8f","sha256":"39e95c486f1d3d134c84f1ec78f9135a44123d3c613987eba2cbe6398f900dbf","sha512":"520262552ca187e56aeda411183fcd07d4fc3e2609a8678e8387ebc88398bcc79077196c2256fab95bf01ba50b0e1e6ea6b3c3fe6fc9a228f8afbb7c9d41faf5","ssdeep":"192:dm0AFZGPTqQFV+ynFJF57gkKPlRFKPj5s7gbaFqFZyF+jQ+Qr9pQYro96n:YXF+FVNFJFHscbaFqFZyF+jE9pRbn","tlshash":"797283229bd6a40eb417c43437d78b98b37d8003534edeb6baaa7564cf8a19451373ca","first_seen":"2026-06-18T12:43:22.517242Z","last_seen":"2026-06-18T12:43:22.517242Z","times_seen":1,"resource_available":false,"data":null}},"time_used":725,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":725,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/common.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.854Z","timestamp":1781786564854,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/common.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 12 Jun 2026 15:37:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2c27b3-330c\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13068,"size_decoded":2346,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ed50db497c57b5a63e9c3d6af374c8a8","sha1":"dc31dc36ada407bd2342d02e463184ebf8d66671","sha256":"35b1c0f535ea8c34203a7b810137abbce082e4bb6775868404338a73da7c5cef","sha512":"42f03a79fb1502be0eb1e7d95dab13317dc93e18ab9104514b74c60bd69a8bfb1303f49114a7e43c3706dc3cf8f5434da044622b7c120b37e23810cdad6a82bf","ssdeep":"384:5OmgauDHIiV6Guamm28muF84HZ4bY19gH3Cj16lPnJLEYc9RarPmM+NzvNLIMQVT:5OmgauDHIiV6Guamm28mumiHE","tlshash":"2442a2aff9b699100a5b303b1d7f8b593823a00b3904f5047f5c96695f8da3968b27dc","first_seen":"2026-06-18T12:43:22.520514Z","last_seen":"2026-06-18T12:43:22.520514Z","times_seen":1,"resource_available":true,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/header.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.856Z","timestamp":1781786564856,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/header.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 689\r\nlast-modified: Fri, 12 Jun 2026 12:57:29 GMT\r\netag: \"6a2c0239-2b1\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":689,"size_decoded":1040,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2aa7b6960b167476840c59770b21a687","sha1":"c5a28b9fe3cfdeeba7891e8e0aac5dd399219fc1","sha256":"71cadd8533c0a2d7ee77251d3d9d49820907d6f9171f6749d4b27b5a6ea9e93b","sha512":"279b9ec86b83ae1d9e4231919b17aea8dbc052b3d2b5ffc6894154cc0bec3a64ecdb152c9f0ba0d548228682218afd6b1cc6bfe2024bd9c7cfefdecfe983cb3c","ssdeep":"","tlshash":"bc014c48d0fe104291a1a110dabb462e2b37d7079609de00750c19cb6fc3e99ce5fee8","first_seen":"2026-06-18T12:43:22.523912Z","last_seen":"2026-06-18T12:43:22.523912Z","times_seen":1,"resource_available":true,"data":null}},"time_used":970,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":719,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/banner.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.857Z","timestamp":1781786564857,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/banner.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 12 Jun 2026 16:33:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2c34c6-2a8f\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10895,"size_decoded":2970,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"69ee90f6b196a89dd8bca66c148c419c","sha1":"9b6c497a075fa2793eaaa6b0d0cd58d9603ed711","sha256":"27e08767bab61a4de3389605f07dcf95e5672de182ef022df3f7b1f6c94d9b7f","sha512":"fb5fba99f31f05bcd589a3faeb7adf4c8209211d80b02d73c60d39fad33654327b465fb0cc55f24ec3f15d90ef52d6838a740a3b480fa970f971953b09887419","ssdeep":"192:OdLthO94LtRThd8abPv2ZcuAggeV8M46hEoUO6:yoy8QGiZeeM4+Eoi","tlshash":"552250368de311294067b16b5bae407937aa12074e0cfd44b9acb5924fdee2c41777f8","first_seen":"2026-06-18T12:43:22.52771Z","last_seen":"2026-06-18T12:43:22.52771Z","times_seen":1,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":718,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/static/image/topico1.webp","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.176Z","timestamp":1781786566176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /static/image/topico1.webp HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/abg/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 306\r\nlast-modified: Fri, 22 May 2026 14:03:10 GMT\r\netag: \"6a10621e-132\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306,"size_decoded":575,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"316fa97c721a0c65d5f39d9cd29808e6","sha1":"0f8215d54aca521d7c5c590d8be7fa7abc43cf6e","sha256":"30f0e87382996d57d80a321e2e9eb31f73386a0ec52460a112daca78e998e7dc","sha512":"d5fd3a0aafacc8a23b6f67d2aefafd4ab2e3f292c7e7e51bc016915f19d9a908a48558979343558dae41fb638a285afce5992bdb5e020682e301cdf99aa2a69c","ssdeep":"","tlshash":"2de0e706b0f29d0807f430425e15edb5c8495d1de0e621446183487045390ffc3f3456","first_seen":"2026-03-18T14:48:48.63394Z","last_seen":"2026-06-18T12:43:22.5308Z","times_seen":3,"resource_available":false,"data":null}},"time_used":19020,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19020,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/w4.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.193Z","timestamp":1781786566193,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/w4.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195595-5e641\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/saoma.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.812Z","timestamp":1781786564812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/saoma.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\ncontent-length: 157\r\nlast-modified: Fri, 22 May 2026 13:59:48 GMT\r\netag: \"6a106154-9d\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":157,"size_decoded":493,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"b7d9a424bd9826cbfc66567e1e28d8dc","sha1":"e35038c4a6082bae603525a63f446ffc661f5c8f","sha256":"8838d4b5e2b09a573751523504ef2040bb2b9e73c353383e50b2a0b7f41548fb","sha512":"1364e5b5c486a198c56f5cfaab5553d7dcbd3d2ad53abcaf16bf2c07f2eb39831c54a83e481d89e7e0d85c620eee6753ef64de3540369a98cc4d811632a6662f","ssdeep":"","tlshash":"4bc08ca221a8b40dd22ee0a2fc33b6a8933e8007962707dea1880875ad0414067a63c4","first_seen":"2026-03-18T14:48:48.647341Z","last_seen":"2026-06-18T12:43:22.533859Z","times_seen":3,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/index.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.863Z","timestamp":1781786564863,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/index.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 14:02:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1061fe-d56\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3414,"size_decoded":1370,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"53407c2c2e2e4387157cb84e0cdbed73","sha1":"bdbab6b9428113d63637b815a291860483327654","sha256":"cdba28fbb6b0d03e8fb76ca98e506b85cd7442b9d6068b3767fa2a37bf36716a","sha512":"7c3d6426007043fddfcaa7e677124ec62dca596e6127fc82ca4467536c3e75be3f81e838769e3b09d82555c921622ab4d6611922098118a47e940c8133114c6e","ssdeep":"","tlshash":"da61cf6ae0a01f26207b11784afbe91c55aa5113e603ce36f51c59961fccbb8e39ca0d","first_seen":"2026-03-18T14:48:48.637702Z","last_seen":"2026-06-18T12:43:22.535992Z","times_seen":3,"resource_available":true,"data":null}},"time_used":711,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":711,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.abg1818s.com/ld/fe/account/redis?redisKey=indexlogo","fqdn":"api.abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.151Z","timestamp":1781786566151,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.abg1818s.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 14:55:16 GMT","end":"Wed, 09 Sep 2026 14:55:15 GMT"},"fingerprint":{"sha1":"F5:7F:09:A3:50:48:CF:CD:1D:96:19:D8:7A:4B:BF:9A:BF:11:47:2C","sha256":"06:D8:F6:5B:EB:9E:4A:ED:77:70:88:7E:97:2F:8D:1B:41:FD:F9:E9:8C:03:03:7B:0A:D1:48:D5:E5:DB:30:27"}}},"request":{"raw":"GET /ld/fe/account/redis?redisKey=indexlogo HTTP/1.1\r\nHost: api.abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://abg1818s.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:03 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: https://abg1818s.com\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":254,"size_decoded":499,"mime_type":"application/json","magic":"JSON text data","md5":"1fd38a04f78ccdb1a629dcdde39ff7cd","sha1":"6da21523b41320fe0c9a7d743f9ffc46fdfd7588","sha256":"b4a66266b551c4287d16c2f20418a0244bc67751ad12e445f764babfa4ea2e21","sha512":"347b0d4388d93d8ac412898379a3a919f81eaa271931d0e7405ede77b0b0e6c31f25ca0bbd2714dfbc8b81372b0244bc9fcf5c582fc679b927d1de7c54eba372","ssdeep":"","tlshash":"d9d05bd7cb81c85cc67391d4706e381341fd97268eac61078c0775498ca5262126f114","first_seen":"2026-06-18T12:43:22.538433Z","last_seen":"2026-06-18T12:43:22.538433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17013,"timings":{"blocked":-1,"dns":46,"connect":15923,"send":0,"wait":205,"receive":0,"ssl":837},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/prev.webp","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.185Z","timestamp":1781786566185,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/prev.webp HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 376\r\nlast-modified: Fri, 22 May 2026 14:01:56 GMT\r\netag: \"6a1061d4-178\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":376,"size_decoded":645,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"82877a1052596c529a63044128bc6b8d","sha1":"29b9e6aee8bd8fdd4e4238e5ed4bc06c9479a21e","sha256":"d07cf6e68c08cb49a895de1601f09bac5f311bed0c9eb3e4bf701f4c1764ea31","sha512":"319f167ebe9c650a680151158994e91a26a1cdf6c0c603f3a6fbf04d5b52c0169ed98a93f5690ab3b674f8b737e832d9bbbdc7c8718132a9af23344099b4eee3","ssdeep":"","tlshash":"e7e0602290a64073108c80dc8ba9c6d29f6c01a80886af84230f9888a3420db0b7ce2a","first_seen":"2025-03-18T05:53:14.968944Z","last_seen":"2026-06-18T12:43:22.540315Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22583,"receive":3043,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/bootstrap.min.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.811Z","timestamp":1781786564811,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/bootstrap.min.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 13:59:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a106150-90b5\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37045,"size_decoded":11733,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32033)","md5":"5869c96cc8f19086aee625d670d741f9","sha1":"430a443d74830fe9be26efca431f448c1b3740f9","sha256":"53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef","sha512":"8b3b64a1bb2f9e329f02d4cd7479065630184ebaed942ee61a9ff9e1ce34c28c0eecb854458977815cf3704a8697fa8a5d096d2761f032b74b70d51da3e37f45","ssdeep":"768:o2rGy27UwlNqMl95qNmCFejhqs8snmi+CSFXfbx8Gf3Zq7Q:Jg73zhq0GvbJ3ZKQ","tlshash":"b6f28606b23031a147efb1e1525b020e7239696ee906907c78b99af53db9c48717bf3d","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-18T17:04:09.746252Z","times_seen":92213,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/notice.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.859Z","timestamp":1781786564859,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/notice.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 12 Jun 2026 15:37:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2c27ab-34ad\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13485,"size_decoded":3648,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (716)","md5":"66a72a8e6533e97cec2845aed007f25e","sha1":"32536cdeb1fca93f0119cbccfb3ca2c0dedc4f73","sha256":"ab4c0f6d413e244edf5dbd2c14fe6db93ccb7be0ff73d88133ea8685d3d4675b","sha512":"07a0c374e57e70884d71655e1d4ec563a7d52d2a54756a7294dca1c4c291b0d4bf9ddc2383df4a79e3dffc564eafd34f493168af5fe920a84c917c808821b131","ssdeep":"384:TO4EagO7AyUPe0GxFnApRxFH48TyXuxzIh7:TOnap7Ayue0GjApRxRvxzIh7","tlshash":"aa5240399a6321919167f06b1aef15b5333501036c0dbe25bd0c2247afce92d96b2bfd","first_seen":"2026-06-18T12:43:22.54458Z","last_seen":"2026-06-18T12:43:22.54458Z","times_seen":1,"resource_available":true,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":716,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/footerico.webp","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.876Z","timestamp":1781786564876,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/footerico.webp HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1004\r\nlast-modified: Fri, 22 May 2026 14:02:32 GMT\r\netag: \"6a1061f8-3ec\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1004,"size_decoded":1274,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0ff540ce19a58278dae2662bcfd87ba5","sha1":"2ebb8e9b8a473d3a3c27722137587dc91199b475","sha256":"831ec71b3491cb1cccc7b860761213e4510c37b7434d0efd6619c6726a351439","sha512":"30ebfad650a6011b9675df78f403c5935a97eec08560cb720cb050345419d7af1181d01a28cafba121f1e737b26372b215f677ae7131176e90e7209e5ab281e1","ssdeep":"","tlshash":"e21172aecba265141e83e284ca0a6a2c8f3e16cd0d949547dca267d564d9bb83dc6150","first_seen":"2025-03-18T05:53:14.951426Z","last_seen":"2026-06-18T12:43:22.546678Z","times_seen":4,"resource_available":false,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/w3.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.191Z","timestamp":1781786566191,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/w3.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195593-76fcf\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-18T12:42:43.424Z","timestamp":1781786563424,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 12 Jun 2026 15:39:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2c2849-213b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8507,"size_decoded":2926,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"84f1f36be57a1f97db59eed8b8a79174","sha1":"fd850bfd60ba54278ec3ece1a3e2d85b4b65683c","sha256":"386c173f5aa9e846cb90a3e4a862904b2851fcee0f623a1dd80193eb35f97bc9","sha512":"59740cbdab5099e27ab4724f66f46924cc7b8e6f60956af7d512632254992199e0a94f2ffc0ebbb036dc84454ba7283c4c152e8977d34afe4f59cb3556c92fd1","ssdeep":"192:eVQ2RFrFiTKLs5Z9XXTFUYFUAFIZAF0wAEVnl9fB4DB/Ztu:mPF8DFJFJFFF5VnPB4DB/Ztu","tlshash":"ad02620b9cf69002615285e49ab6f76c3da9830bd31acda438fe22b5df87fd90c47548","first_seen":"2026-06-18T12:43:22.548496Z","last_seen":"2026-06-18T12:43:22.548496Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1091,"timings":{"blocked":-1,"dns":70,"connect":254,"send":0,"wait":254,"receive":0,"ssl":513},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/simpleAlert.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.847Z","timestamp":1781786564847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/simpleAlert.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 22 May 2026 13:59:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10615a-56b\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1387,"size_decoded":905,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"572065e6b782d8a4a52d3bc69eb2718b","sha1":"900f4e065ab5eaf1d9de76a61618324f55842f41","sha256":"41cd324057049fc3b6deab4bec80a94da14681e33306efc1d15847e4f7ec727b","sha512":"d2617b0a81b1f49b4421cdd83bcd67f82dc5c0367da406c2126c2400e232b6d8774a9c73766a99e87fa0c887e5a8f0ec932c2c7cf0554b2e4b0513181ffd7852","ssdeep":"","tlshash":"0521e03141b43009f73ff2be75b7fb15262ad1a26a131b9856db3511d38f0a91c2a6ce","first_seen":"2026-03-18T14:48:48.627127Z","last_seen":"2026-06-18T12:43:22.550894Z","times_seen":3,"resource_available":false,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.abg1818s.com/ld/fe/account/redis?redisKey=indexlogo","fqdn":"api.abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.154Z","timestamp":1781786566154,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.abg1818s.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 14:55:16 GMT","end":"Wed, 09 Sep 2026 14:55:15 GMT"},"fingerprint":{"sha1":"F5:7F:09:A3:50:48:CF:CD:1D:96:19:D8:7A:4B:BF:9A:BF:11:47:2C","sha256":"06:D8:F6:5B:EB:9E:4A:ED:77:70:88:7E:97:2F:8D:1B:41:FD:F9:E9:8C:03:03:7B:0A:D1:48:D5:E5:DB:30:27"}}},"request":{"raw":"GET /ld/fe/account/redis?redisKey=indexlogo HTTP/1.1\r\nHost: api.abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://abg1818s.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:03 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: https://abg1818s.com\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":254,"size_decoded":499,"mime_type":"application/json","magic":"JSON text data","md5":"bb42146f94ccc0fb7ecd19e79440c3ef","sha1":"96682d5731d10ca86f87ae3df3ed3aff44a5f13b","sha256":"32aaff480729937680e02b2456ab023560fef2d34ff9d4173450f48290563a4d","sha512":"8259859df79687fe562aaba763cf949ec70d6036bc2eac68e5c8ed762b4d4f3b2acd94fdcd41eac63abdd5602a21a904b57429f50ddbf295f6fddf69009fef74","ssdeep":"","tlshash":"a0d05bd7cb81c85cc67391d4b06e381341fd97268eac61078c0775498c75262126f114","first_seen":"2026-06-18T12:43:22.552973Z","last_seen":"2026-06-18T12:43:22.552973Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17200,"timings":{"blocked":-1,"dns":45,"connect":15924,"send":0,"wait":392,"receive":0,"ssl":837},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.abg1818s.com/ld/fe/account/redis?redisKey=notice","fqdn":"api.abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.160Z","timestamp":1781786566160,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.abg1818s.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 14:55:16 GMT","end":"Wed, 09 Sep 2026 14:55:15 GMT"},"fingerprint":{"sha1":"F5:7F:09:A3:50:48:CF:CD:1D:96:19:D8:7A:4B:BF:9A:BF:11:47:2C","sha256":"06:D8:F6:5B:EB:9E:4A:ED:77:70:88:7E:97:2F:8D:1B:41:FD:F9:E9:8C:03:03:7B:0A:D1:48:D5:E5:DB:30:27"}}},"request":{"raw":"GET /ld/fe/account/redis?redisKey=notice HTTP/1.1\r\nHost: api.abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://abg1818s.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:03 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: https://abg1818s.com\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84,"size_decoded":438,"mime_type":"application/json","magic":"JSON text data","md5":"b448430ce93ea415abb6ac427da05926","sha1":"06f738f6b41aa4a21c0e3a43bd47f490a101c8c8","sha256":"4e79d6c634c92d10961bb000707e61ceaeb87e89d7a5172eb2649923c5e7224e","sha512":"219863233ae1edd1900535db3c2750dc7f76fd9183ca866bf2b407b3dc8456f4f9dbbc030c967c96d1f8d0287a629bde682e4c0dcb06d5f22c0d504f93a89ce3","ssdeep":"","tlshash":"faa024101f005cf5f103f14171355cc410dc104345c003c5c44d07dccdd0001300711f","first_seen":"2026-06-18T12:43:22.555196Z","last_seen":"2026-06-18T12:43:22.555196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16995,"timings":{"blocked":-1,"dns":39,"connect":15920,"send":0,"wait":206,"receive":0,"ssl":828},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/simpleAlert.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.852Z","timestamp":1781786564852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/simpleAlert.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 14:00:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a106166-a45\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2629,"size_decoded":1311,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"b08f61c64e6918defef4474b00a56b10","sha1":"7005bbfd042c7b0dbaaa5da40ddffb35b69a53fa","sha256":"e8c8791e5f0613fa38ac887b664ddcd2f19fda14ce7ae8a75d45a0f87076ee6c","sha512":"65f307d88c0edc314e2fc0578c30c71415a8d5d21ee8a243c4afd1c7d190e24e8fe280050041d3478d6137405d3012eab1809fcf1e713813e26a1158c9d5d999","ssdeep":"","tlshash":"d5518028d0723d515f7f33794b2fd065fe9500239045a38039aeb98e4fb9540659aefe","first_seen":"2025-03-18T05:53:15.036992Z","last_seen":"2026-06-18T12:43:22.557125Z","times_seen":4,"resource_available":true,"data":null}},"time_used":722,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":722,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/jquery.layerModel.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.867Z","timestamp":1781786564867,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/jquery.layerModel.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 14:02:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a106206-42a2\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17058,"size_decoded":5479,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"5e98f2b0ece71a09d40b4f3bf2444e85","sha1":"042f063abf0ed806de7ae7b1146a08aa10a5e120","sha256":"2bfa66b667aab148c8a4fd3f580b3996df34716e8e6ad6778cc9ccc165be6274","sha512":"4a4901f4e3871a521ec486042d156ecb3198f0c206e63b3ca3ad6171a4bffeac76c933ab258a80d76d3a3f16526f213972b52ea33428ebb77b1e541e9cf99b21","ssdeep":"192:7Fnj4IulLkf3ENumP5tZtfeCy05t/H0oG+IFDuj7vr6yCWjT:Bj30w2ztDJ07HUjuyV","tlshash":"2572509965636cbd2832a3bdcd2941dcd322b017432ada257c9c711d6fbcc6012e5bee","first_seen":"2025-03-18T05:53:15.005695Z","last_seen":"2026-06-18T12:43:22.559478Z","times_seen":4,"resource_available":true,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":708,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/1.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.177Z","timestamp":1781786566177,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/1.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195594-41111\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":266513,"size_decoded":266511,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1900x255, components 3","md5":"19e4966d124003c429b400d50ef033ea","sha1":"3983e7416e93e62b3419df06ed4d64990f9adf4b","sha256":"1f90b5c31fac7d34d3fe7b8afeab172170626fc93c3a04bad33f26220cc80d0c","sha512":"8eef67b648604c3e9d14d27b179c9bdf6e98e7b801259c1b8e08456663e2e7a63a38ed293b7f792579d86acf234b73728c10bac1fc8a40ccdf04bf3501a1efd8","ssdeep":"6144:mqpoDimkXu4TtxaAHzJUPAFvQYcc/YLdXwNksXDA4sc:mKdmkXrZH+xYccjkCDQc","tlshash":"194423f531a11649c2eaf28968b32584c512d93a798ecc6bf8ac3036c60bf4b7d5c31d","first_seen":"2026-06-18T12:43:22.561802Z","last_seen":"2026-06-18T12:43:22.561802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/2.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.179Z","timestamp":1781786566179,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/2.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 11:44:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a197c0b-4d53e\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/tracking.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.807Z","timestamp":1781786564807,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/tracking.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 11 Jun 2026 16:22:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a2ae0e3-15f46\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89926,"size_decoded":34094,"mime_type":"application/javascript","magic":"data","md5":"393aa96c14b43d4605e5ab1e545a1daf","sha1":"dfea8d9b3112fd1c466f74b2411247a80c92b606","sha256":"d4a67e102a8578c4da972a63dc7c9ba47365ee9a6439e5d08a0b22f5020f6980","sha512":"54f465e5104dbefc6d381eb13a1f79a2069cd21abd7b63f669c93beb33ee4c30e8b059428b67d1759499ec4575de87b1fd5531b05ca9a9b2148946c3b2796501","ssdeep":"1536:KPIcQrW/+cEXDegrrNS3ENo4NEijG2EVsWs6cTInJ:KAcQXXCgrrNSUNqVUT2","tlshash":"3b9339dab381b03053f795a7607fa21ab739191834098424f13cdda9395b987e1b3f6e","first_seen":"2026-06-18T12:43:22.563807Z","last_seen":"2026-06-18T12:43:22.563807Z","times_seen":1,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.abg1818s.com/ld/fe/account/redis?redisKey=indexkefu","fqdn":"api.abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.161Z","timestamp":1781786566161,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.abg1818s.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 14:55:16 GMT","end":"Wed, 09 Sep 2026 14:55:15 GMT"},"fingerprint":{"sha1":"F5:7F:09:A3:50:48:CF:CD:1D:96:19:D8:7A:4B:BF:9A:BF:11:47:2C","sha256":"06:D8:F6:5B:EB:9E:4A:ED:77:70:88:7E:97:2F:8D:1B:41:FD:F9:E9:8C:03:03:7B:0A:D1:48:D5:E5:DB:30:27"}}},"request":{"raw":"GET /ld/fe/account/redis?redisKey=indexkefu HTTP/1.1\r\nHost: api.abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://abg1818s.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:03 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: https://abg1818s.com\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120,"size_decoded":454,"mime_type":"application/json","magic":"JSON text data","md5":"56aa4f9d491b71534b5d2736ae937417","sha1":"8fc6204632f74fe45d4b35124050be01357f40c9","sha256":"1d8688ab44294d0ce8dab3394b2dfdc8fc2425281f82c2a27a85650bd7b35685","sha512":"bc9ce89aaf835dfe0c50d16faa61b8ddfbaa31214e0d15daa73a9e856567017753f9ff43a4cca4327285fa435cab3ec4e0668fa18896ccdcaabd798c2f0044a8","ssdeep":"","tlshash":"90b09b5707409529534256c1743a7d4455ee154f8a415cd6d4090d280520156201515d","first_seen":"2026-06-18T12:43:22.565705Z","last_seen":"2026-06-18T12:43:22.565705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17193,"timings":{"blocked":-1,"dns":38,"connect":15933,"send":0,"wait":352,"receive":0,"ssl":869},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/4.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.183Z","timestamp":1781786566183,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/4.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195595-56919\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/5.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.184Z","timestamp":1781786566184,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/5.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195595-54647\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/next.webp","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.187Z","timestamp":1781786566187,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/next.webp HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/webp\r\ncontent-length: 374\r\nlast-modified: Fri, 22 May 2026 14:02:00 GMT\r\netag: \"6a1061d8-176\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":374,"size_decoded":643,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"40262016a33a9606fbac55fa633272a1","sha1":"e74b18625cadd29ef76d3ddf2171f1e9ebdda033","sha256":"d0ad69bc3a5d435de29b4fc78959396fe38916d93ee36d9e97d98a34bd9732cb","sha512":"b850b6de2af9a0829b874e2900d60eeff10047293bba47960ead8adbe9c48f36f74a0dd66cdf700b2faf14eaf63550109a6fe82c9b65d5add24e30385696460d","ssdeep":"","tlshash":"0fe0686a02257d3758ba7ae2342a6ec3d2d980003043b8846bcad8aec151c8b1a1191e","first_seen":"2025-03-18T05:53:14.972853Z","last_seen":"2026-06-18T12:43:22.567163Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22581,"receive":3043,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/w2.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.189Z","timestamp":1781786566189,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/w2.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195595-5cedf\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/ico1.png","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:48.003Z","timestamp":1781786568003,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /ico1.png HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 23 May 2026 17:56:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a11ea48-6f51\"\r\nexpires: Sat, 18 Jul 2026 12:43:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28497,"size_decoded":27780,"mime_type":"image/png","magic":"PNG image data, 220 x 66, 8-bit/color RGBA, non-interlaced","md5":"8c9a3c084605dc6313aec05c6b4f8b7d","sha1":"21aa8243971d8ac3d4f64a5d4cd35bd885ca1089","sha256":"4bdba113781e021974d9f7377b1691b653202e87eb495132d7431e00687dbdf1","sha512":"52e376d0b2e164e6391465872410ace555072d16a7d2334329b6f908bbcfd12827319b8765ad8182cbe0b9b208b03d3761efab2bcd45e7e2bc07e6779b940f52","ssdeep":"768:/ShEk+hD2uYicNxBdoNlv8/D2parI3YFW5c:thquYxLog/DYAIIF2c","tlshash":"91d2d05126d1d01deca74bbff95057cc37928a9a961a0ea0b6e5dc1ccd11c1b09a2a87","first_seen":"2026-06-18T12:43:22.569078Z","last_seen":"2026-06-18T12:43:22.569078Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20765,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20765,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/kf.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.850Z","timestamp":1781786564850,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/kf.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jun 2026 15:00:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1ef023-bb7\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2999,"size_decoded":1236,"mime_type":"text/css","magic":"ASCII text","md5":"ed50d31944e2431acdce2bc330a093d3","sha1":"3416ccc107106dd9fca7892cac6662cc1420bb4a","sha256":"2f7220ce82c65e6ce9810d6dd45f266af51ac0b2b875f8c0423a622ed346a1aa","sha512":"7819709f5802b6d016bb78b598073f9c5b3bb4cec8286722e8ffa879530ccd7c3cd41052c4a986e5e3cbc76c12e45e70cbf6092340404b1a5805a3685779643f","ssdeep":"","tlshash":"af5199b7849a503fb133c526e5908adf33ad4007d1b2efbfc795789f92620a926225c0","first_seen":"2026-06-18T12:43:22.58409Z","last_seen":"2026-06-18T12:43:22.58409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":724,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/game.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.865Z","timestamp":1781786564865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/game.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 22 May 2026 14:02:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a106202-e2a8\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58024,"size_decoded":12190,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4290), with CRLF line terminators","md5":"e576272c6ba2f2a42fd95fbabcd2b111","sha1":"0e317814242a9b557c1ade9689e70d9ec1d80244","sha256":"2ab38dc4843e2435d0988983709f8e6f60bd78f9e88fb6ad68d790761a12a36e","sha512":"b71a1daa54eca321265b3b07bd47cb3f0d41365e6cd567a29795665b57f4226dfadb6525df00b31c827d3910357fd7fd101cf423f7731136ec4fc32a1991f46a","ssdeep":"768:P1fZRdpWvyJyDHXlNKZmfTthRzRmTthRzRHht/SRxghtdMRchtlFRjBlhthRvLCJ:PznpWvyJyDHXlNKZmk0+fDLteOaSd2","tlshash":"1a43b6e9f8f32256443a229c5e60ea8edfe5503bd752df467a1c0ab52f1c984007376d","first_seen":"2025-03-18T05:53:15.030033Z","last_seen":"2026-06-18T12:43:22.590554Z","times_seen":4,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/uploads/images/w1.jpg","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.188Z","timestamp":1781786566188,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /uploads/images/w1.jpg HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 May 2026 09:00:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a195593-3da94\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T17:23:29.541743Z","times_seen":16519658,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.abg1818s.com/ld/sys/common/static/temp/logob_1781196172765_1781196267772.png","fqdn":"api.abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"66.212.58.185","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:43:03.365Z","timestamp":1781786583365,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.abg1818s.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 14:55:16 GMT","end":"Wed, 09 Sep 2026 14:55:15 GMT"},"fingerprint":{"sha1":"F5:7F:09:A3:50:48:CF:CD:1D:96:19:D8:7A:4B:BF:9A:BF:11:47:2C","sha256":"06:D8:F6:5B:EB:9E:4A:ED:77:70:88:7E:97:2F:8D:1B:41:FD:F9:E9:8C:03:03:7B:0A:D1:48:D5:E5:DB:30:27"}}},"request":{"raw":"GET /ld/sys/common/static/temp/logob_1781196172765_1781196267772.png HTTP/1.1\r\nHost: api.abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:43:03 GMT\r\ncontent-type: application/force-download\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\ncontent-disposition: attachment;fileName=logob_1781196172765_1781196267772.png\r\nx-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7529,"size_decoded":7830,"mime_type":"image/png","magic":"PNG image data, 220 x 66, 8-bit/color RGBA, non-interlaced","md5":"6fdd0cf4bcae1fe4b5195c0c8fba7d58","sha1":"358e550587454d706bad1e6372b9496ad3d40a96","sha256":"972412754ec0dfb746400d08fe06fca25f63972fa4a085e9a26eae2d1474f395","sha512":"aee7d3abc000030bbaf78e2cf55274beabb95000ec1ef8565c9cff8772b143a9d8bb250dd88b9ea44f3984f539f2336e3d4ac633397d8fd41e5a4ba8645eab78","ssdeep":"192:vpAdEYOJAr8c1GE/ed9dw81qiwOaF/tlTS1GCcvUgT7:vCROJyZEEmXqi21lTSgUgH","tlshash":"abf1af42465bd8f223cf0abf9e9fd9aa87b70c133d1034bbe499a5c955dbc481406012","first_seen":"2026-06-18T12:43:22.597278Z","last_seen":"2026-06-18T12:43:22.597278Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"api.abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"api.abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/bootstrap.min.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.805Z","timestamp":1781786564805,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/bootstrap.min.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jun 2026 15:00:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1ef023-1d994\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121236,"size_decoded":24240,"mime_type":"text/css","magic":"ASCII text, with very long lines (65371)","md5":"2bc015463d7246f298abd2dcedd18d11","sha1":"64798d09ba1d87f9db8f1cac9f9145c68eb6e0cd","sha256":"0dae52a13b05bc75a11194f0d5568484d887f4d274defebaa76a63907a13b31d","sha512":"5c5d8df7a2c017e544ce8cad163bfc93d1fa8ddcd15aacbb13add95355c7e5effef0b2c57cf4a9b61247bbb311392dbc3bdc9e8544337ff3fb84f45c6bc93eeb","ssdeep":"768:VyhGxw/Mc/kWlJxtQOIuiHlqCmzI4X8OA7uvKbjccth2Bd8JP7ecQVvH1F1:Rw/TJfIuiHlqCmN8ljbymPbS","tlshash":"03c3c7a0f21031ea7333c55a75d0ed872219a153e66a4fb7f22f25d88f845ca1673f1a","first_seen":"2026-06-18T12:43:22.605818Z","last_seen":"2026-06-18T12:43:22.605818Z","times_seen":1,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/style.css","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.845Z","timestamp":1781786564845,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/style.css HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jun 2026 15:00:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1ef023-d6a5\"\r\nexpires: Fri, 19 Jun 2026 00:42:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54949,"size_decoded":10506,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"6509821a2f2259c3c0db9b243a497e8a","sha1":"34d77e474c30df37b194c0c03246b8f699e8e9c1","sha256":"b51dab24f592612449265d38f68c55f1fff1e360bf3a96926b60cff46738a883","sha512":"74499c9c37730e3c489a01848c4ed560f3d411d2cb7a4d52a10eac398dbe64f025a79e02529b673e1bdf94a2af138094a16cd9561eb17ee37552613e4485d7c4","ssdeep":"1536:FFQZEv2k1XrbtFBvIa3XzqX9ct7s8QAXga:XrbtFBvIa3XzqX9ct7s8QAx","tlshash":"bf332d9b9b63014abc1395b86ffa5b452326d013914ecd7cbf9cb25ccf890d4186ab8d","first_seen":"2026-06-18T12:43:22.608432Z","last_seen":"2026-06-18T12:43:22.608432Z","times_seen":1,"resource_available":false,"data":null}},"time_used":729,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":729,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/abg/service-button.js","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:44.860Z","timestamp":1781786564860,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /abg/service-button.js HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:45 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 853\r\nlast-modified: Fri, 12 Jun 2026 15:39:43 GMT\r\netag: \"6a2c283f-355\"\r\nexpires: Fri, 19 Jun 2026 00:42:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":853,"size_decoded":1204,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a15aa4606f7a4374c7d4c0380b11e76a","sha1":"0c4f0fd7e83d4953b7b63a076bcb2ed3e958d468","sha256":"4ddee80ccaee86d043952bbedd0e7e0870b6d79146d3ff5bfc1b7b659d80121c","sha512":"e712a08911a74e495da5b717b3e885c9243fb57e43d5400646031dd25d93e7bfa11dd3ba74ee6f3247e073d719cb260948e2f91f588185dab2b7fdccf04b65e5","ssdeep":"","tlshash":"0201d0b5d4cf20620217f426619f83493a355113250dbe05ba6c95b75fcdc2c99bb3dd","first_seen":"2026-06-18T12:43:22.610832Z","last_seen":"2026-06-18T12:43:22.610832Z","times_seen":1,"resource_available":true,"data":null}},"time_used":965,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":714,"receive":251,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"abg1818s.com/static/image/logob.png","fqdn":"abg1818s.com","domain":"abg1818s.com","tld":"com"},"ip":{"addr":"168.76.218.1","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abg1818s.com/","date":"2026-06-18T12:42:46.174Z","timestamp":1781786566174,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.abg1818s.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 00:54:50 GMT","end":"Tue, 01 Sep 2026 00:54:49 GMT"},"fingerprint":{"sha1":"22:5C:73:CC:67:A9:04:40:27:66:A1:8A:DF:D9:0F:07:D9:F9:B8:68","sha256":"7F:88:1A:99:20:88:E4:B2:04:70:6A:FE:78:57:03:D8:0F:F0:37:A8:47:EE:DA:B2:5B:C5:A0:D4:91:53:8E:81"}}},"request":{"raw":"GET /static/image/logob.png HTTP/1.1\r\nHost: abg1818s.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://abg1818s.com/abg/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 12:42:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 01 Jun 2026 12:17:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1d786f-1d69\"\r\nexpires: Sat, 18 Jul 2026 12:42:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7529,"size_decoded":7904,"mime_type":"image/png","magic":"PNG image data, 220 x 66, 8-bit/color RGBA, non-interlaced","md5":"6fdd0cf4bcae1fe4b5195c0c8fba7d58","sha1":"358e550587454d706bad1e6372b9496ad3d40a96","sha256":"972412754ec0dfb746400d08fe06fca25f63972fa4a085e9a26eae2d1474f395","sha512":"aee7d3abc000030bbaf78e2cf55274beabb95000ec1ef8565c9cff8772b143a9d8bb250dd88b9ea44f3984f539f2336e3d4ac633397d8fd41e5a4ba8645eab78","ssdeep":"192:vpAdEYOJAr8c1GE/ed9dw81qiwOaF/tlTS1GCcvUgT7:vCROJyZEEmXqi21lTSgUgH","tlshash":"abf1af42465bd8f223cf0abf9e9fd9aa87b70c133d1034bbe499a5c955dbc481406012","first_seen":"2026-06-18T12:43:22.597278Z","last_seen":"2026-06-18T12:43:22.597278Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19022,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19022,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-18","alert":"Phishing Block","trigger":"abg1818s.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"abg1818s.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}