Report - abbaspc.net/winx-dvd-ripper-platinum-crack

Report Overview

Submitted URL
abbaspc.net/winx-dvd-ripper-platinum-crack
IP
104.26.15.242
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-02 01:13:52
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
pixel.wp.com	2545	2017-01-30T06:31:40Z	2023-03-13T05:11:03Z	504 B	239 B	192.0.76.3
i0.wp.com	3021	2013-09-17T08:14:42Z	2023-03-13T05:09:43Z	1.4 kB	48 kB	192.0.77.2
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.33.182.41
abbaspc.net	54516	2019-01-30T13:39:44Z	2023-03-12T04:40:00Z	9.5 kB	175 kB	104.26.15.242
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	606 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
stats.wp.com	2711	2017-01-30T06:06:59Z	2023-03-13T05:11:02Z	355 B	356 B	192.0.76.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	abbaspc.net/winx-dvd-ripper-platinum-crack	Malware
2023-02-02	medium	abbaspc.net/wp-content/fonts/open-sans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff	Malware
2023-02-02	medium	abbaspc.net/wp-content/themes/hitmag-pro/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2023-02-02	medium	abbaspc.net/wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyLPYZvgw.woff	Malware
2023-02-02	medium	abbaspc.net/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPHw3q5d0.woff	Malware
2023-02-02	medium	abbaspc.net/wp-content/fonts/lato/S6uyw4BMUTPHjx4wWCWtFCc.woff	Malware
2023-02-02	medium	abbaspc.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675296000	Malware
2023-02-02	medium	abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2	Malware
2023-02-02	medium	abbaspc.net/winx-dvd-ripper-platinum-crack	Malware
2023-02-02	medium	abbaspc.net/wp-content/cache/min/1/wp-content/themes/hitmag-pro/js/custom-sticky-menu.js?ver=1674735529	Malware
2023-02-02	medium	abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1	Malware
2023-02-02	medium	abbaspc.net/wp-content/cache/min/1/c/6.1.1/wp-includes/js/comment-reply.min.js?ver=1674735530	Malware
2023-02-02	medium	abbaspc.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.45-1675107559	Malware
2023-02-02	medium	abbaspc.net/wp-content/themes/hitmag-pro/js/jquery.sticky.min.js?ver=6.1.1	Malware
2023-02-02	medium	abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529	2.4 kB	2023-03-07	2023-05-26
Pretty URL abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529 IP 172.67.69.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:00 Last Seen2023-05-26 14:30:49 Times Seen4 Hash e3af0c386c3c91494a15fe0973cd0673 e43e5e162d7614534ccc86ae0fd31f52d2fed235 21e4f7bea1efaaeeee27b49c676553182987dfbb6c4187a929e3db3beb8c8833 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	9.7 kB	2023-03-13	2024-03-13
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:50:29 Last Seen2024-03-13 06:18:42 Times Seen31 Hash 36e937cc1bb9ebcc1e22ed33d2299591 c46428a41ce342b78e30294414aac971b75672df ef5704f1189833a61c423bb694b0e9ac858ec3285ec23b3397f439835ea3c3c3 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	193 B	2023-03-13	2023-03-13
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:23 Last Seen2023-03-13 14:35:23 Times Seen1 Hash b1d79a5a2019a0abd87c0ee1b5fa2a46 bbc23f96f72ff89e5f9801adca08bcd21d761454 1ca8d2e2ccf2f861cb5db419889e079b362e10834345475223a366941ffeba93 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	1.8 kB	2023-03-07	2024-05-07
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:48 Last Seen2024-05-07 10:20:43 Times Seen15104 Hash d8c8affb8db50a19f545450d49ec3509 c3b2998aff813284ea71334180093b95f53d5d5d 7cf5deb705b1e36e7c8cbdb9e8eacdb50432bc5551e3f068b647992ad7e4e784 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	1.4 kB	2023-03-13	2023-03-13
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:23 Last Seen2023-03-13 14:35:23 Times Seen1 Hash 1522716b99309a45f941cc0216164844 274caf635f757f23ffc4f236302aa1a5a7660d6c 5c43cefaf0809345738dbc79980d6f9fb8b97627e27e9bf92f8ca458bbb51f28 Loading...

	abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1674735529	9.0 kB	2023-03-07	2023-12-21
Pretty URL abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1674735529 IP 172.67.69.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2023-12-21 16:56:50 Times Seen52 Hash 5943ec69a79f692cc35be8cdefa51fba 6a8092fa91bb2c6858691ad62ff0e3329c286af6 9bdafa53c9b11a8106484bd5dd89d73940e6aecff3156e9c2255e539c94551d1 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	476 B	2023-03-07	2024-05-07
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-07 10:20:43 Times Seen15766 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	93 B	2023-03-07	2024-05-05
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-05-05 04:49:20 Times Seen2169 Hash c03c9cc1e344405e735bf829da247217 bc97ee9e7b1b2bfcab8c829f606123c3a3e8e43b 4ea908eff28d9dddcfa4076dc80b085635e0135606fbdca7695b8e346c3ed0ff Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	1.2 kB	2023-03-07	2024-05-07
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-05-07 10:20:43 Times Seen1921 Hash 54c76949376f478f54c57e967eaebc1b 2f63cb8b3b29b65452a31ed0710ee99986a2a73f c4ffc4c8c721af22615995bfc01a1c144763c14f7aead0f28cad9c164a7e639b Loading...

	abbaspc.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	8.3 kB	2023-03-07	2024-05-07
Pretty URL abbaspc.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-05-07 10:58:28 Times Seen3093 Hash b00219cb958052cb557115d55f0c8d48 3c55bbf5a8082db61decff924aaf787f4337df86 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Loading...

	stats.wp.com/e-202305.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202305.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	115 B	2023-03-07	2023-12-04
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:17:59 Last Seen2023-12-04 19:22:43 Times Seen10 Hash 36c1fa07c8f44924ec462182aecf7957 17127bd0840faa12923f914e86a6601d72892c17 ab667677f167a10817af13dcdde4f71e2fb1d3c412db2ec5dc9d954300ef5c34 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	130 B	2023-03-07	2024-02-16
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:42 Last Seen2024-02-16 22:34:43 Times Seen57 Hash 22f1cf09290c337529cdab75898caf5b 3c8ab2d86e1741f71b28fee53dd6ff723afea744 53c23c76fc047d031f18e0eac131c5b24221150a71c61730e23cbd1f99b7020f Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	102 B	2023-03-07	2024-05-07
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-07 10:16:33 Times Seen6796 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	abbaspc.net/winx-dvd-ripper-platinum-crack	144 B	2023-03-07	2024-04-26
Pretty URL abbaspc.net/winx-dvd-ripper-platinum-crack IP 104.26.15.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:48 Last Seen2024-04-26 16:08:30 Times Seen1093 Hash 9e60c60d1ac13537d561b60bd92a94de 185933689964a81f1eb8c3858783ad5127b9a6f5 912b0476e0fe39e642fa3ca9c200ef83d008d7a0b2c110cc787c4ef5f16b8ef6 Loading...

	http:blank	600 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:35:23 Last Seen2023-03-13 14:35:23 Times Seen1 Hash f9ea72daf4a4546f56af4879038613a6 304aa33851e733875a47ea066d42f955869485e5 b2f76ea6f7510930df3a63f64a55a3b6fe808779ba667f13a3bb006d4d82bc4a Loading...

HTTP Transactions (43)

URL IP Response Size

abbaspc.net/winx-dvd-ripper-platinum-crack

104.26.15.242

301 Moved Permanently

0 B

URL HTTP/1.1
abbaspc.net/winx-dvd-ripper-platinum-crack
IP
104.26.15.242:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /winx-dvd-ripper-platinum-crack HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 01:13:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 02:13:41 GMT
Location: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xzkVHmXWD1lU5lFyDDlOIWHQrv1mPgmpwLbQucK24%2FRnlmda89Upld9%2FreZ1mJ1XHGQHHEHbOxWUrA399ASXitlDOZNAtWgwFM7ITMn3Rp88f7Bg%2BCfiBYPFa3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f10d1bf5ab4fd-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13443
Expires: Thu, 02 Feb 2023 04:57:44 GMT
Date: Thu, 02 Feb 2023 01:13:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6784
Expires: Thu, 02 Feb 2023 03:06:45 GMT
Date: Thu, 02 Feb 2023 01:13:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9998
Expires: Thu, 02 Feb 2023 04:00:19 GMT
Date: Thu, 02 Feb 2023 01:13:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 00:43:26 GMT
content-type: application/json
age: 1815
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MRfR1eR/0R6DKn7v8qA3Y2ODh3f/dmGnmJjLkg5S6SpWWTll4QmWPNFaiv1cX+mLZKDMCWn0VHo=
x-amz-request-id: BQGDY6J059CKNYBV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 00:22:52 GMT
age: 3049
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
037e665d925fc1ff69c52ab408ebde65
44d65c04b80b47f9fd2973b8cfb3f4d146d6e4fd
d143c97bce78bc3bc8d28a275ed23537ff5963f304bdc2db98832890cef4a7f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4691
Cache-Control: max-age=139301
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 01:13:41 GMT
Etag: "63da7917-118"
Expires: Fri, 03 Feb 2023 15:55:22 GMT
Last-Modified: Wed, 01 Feb 2023 14:37:11 GMT
Server: ECS (amb/6B8A)
X-Cache: HIT
Content-Length: 280

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

abbaspc.net/wp-content/fonts/open-sans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff

172.67.69.237

200 OK

15 kB

URL HTTP/2
abbaspc.net/wp-content/fonts/open-sans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 14568, version 1.1\012- data
Size
15 kB (14568 bytes)
Hash
b450cf4acba95e890b284a45403d174c
2b9e5c306370bae1487cd09bab89a89a34e8c63c
337d3642469113b35ad9d28f34de6b707b936a5d3a8b3174f4f514b6ce1006ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/open-sans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: font/woff
content-length: 14568
last-modified: Mon, 22 Aug 2022 05:48:32 GMT
cache-control: max-age=10368000
expires: Thu, 01 Jun 2023 19:48:12 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 19529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4r8cFnk0FI2Igbr4XThl6jofY8LdTUKMAvLGTJwgcVkkM96E9OxmuBnBh8rnZsNVPA24chyvJ%2BG%2FEXr6Vqx9c8ZNUawvTNCJ%2BSKm51xn2sdI9%2BeeQbRiAK6qWST"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d54d8fb511-OSL
X-Firefox-Spdy: h2

abbaspc.net/wp-content/themes/hitmag-pro/fonts/fontawesome-webfont.woff2?v=4.7.0

172.67.69.237

200 OK

77 kB

URL HTTP/2
abbaspc.net/wp-content/themes/hitmag-pro/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/hitmag-pro/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 04 Nov 2021 12:43:33 GMT
cache-control: max-age=10368000
expires: Thu, 01 Jun 2023 19:48:12 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 19529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbRY%2F6FLjfjV%2FTSqXAiV8CmEYXID2P8hs6DCJ6KRnCfIEDsFQ1RHR6qrsm2UbCaooAA1ohv5eW5xbZzOnjOiskXm%2BazaEA1D184LnK%2BvvgbTLaYARSBql%2BD4z%2FD6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d54d8db511-OSL
X-Firefox-Spdy: h2

abbaspc.net/wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyLPYZvgw.woff

172.67.69.237

200 OK

18 kB

URL HTTP/2
abbaspc.net/wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyLPYZvgw.woff
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 18276, version 1.1\012- data
Size
18 kB (18276 bytes)
Hash
e96da62e4373b8276a26e801f6b991c7
a2dc1c292e4958fd23a3bdf21c4adb0cea1c3663
9c1d25d1b29dcd6653becd31f2cb61d35bc08fdceaa3390c9d6ba703213930d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyLPYZvgw.woff HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: font/woff
content-length: 18276
last-modified: Mon, 02 May 2022 05:45:17 GMT
cache-control: max-age=10368000
expires: Thu, 01 Jun 2023 19:48:12 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 19529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rP4uTc6WCym8e9eh%2B4uQcOoxuD752fd9xhAOOXPMeWB5CY6HlPHQLHDAly1%2Fioixb%2Bj4M2X4ik%2FDqU6TRsiX%2BR2SCxUpBon6R2r0%2B8LNNTiaBZTLwfNfHoGsUD6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d54d93b511-OSL
X-Firefox-Spdy: h2

abbaspc.net/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPHw3q5d0.woff

172.67.69.237

200 OK

18 kB

URL HTTP/2
abbaspc.net/wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPHw3q5d0.woff
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 17628, version 1.1\012- data
Size
18 kB (17628 bytes)
Hash
f699e6734a9356ffa2163b01162200a7
0db98c5bb65cda6170272f40074dd2174f07373e
38bcc2ae6b389940149d7f4d3c1599217606926b6a9fc788896f805c5136430f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/lato/S6u9w4BMUTPHh6UVSwiPHw3q5d0.woff HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: font/woff
content-length: 17628
last-modified: Mon, 02 May 2022 05:45:17 GMT
cache-control: max-age=10368000
expires: Thu, 01 Jun 2023 19:48:12 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 19529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i32zuSRdnTQtaIJw0qL0Kaiy9CvpF92HRiaTk8OdS9dNVvvuF8LyGwgLIQI3FfJ4M%2BIRe%2B97iVw9VJm0qgc21h4gXEbouKKLl4JUBQiAs5emKHQt8zw%2Bwqf0OC8X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d54d91b511-OSL
X-Firefox-Spdy: h2

abbaspc.net/wp-content/fonts/lato/S6uyw4BMUTPHjx4wWCWtFCc.woff

172.67.69.237

200 OK

17 kB

URL HTTP/2
abbaspc.net/wp-content/fonts/lato/S6uyw4BMUTPHjx4wWCWtFCc.woff
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 17448, version 1.1\012- data
Size
17 kB (17448 bytes)
Hash
9c39d31ff5dedb4c6f87dec79e6706d2
ced0e8877b5abfa0b82ee96a1b85c96af0095f28
fe81ff1d1f54d169840e0b9d0341af70c599f21d475be78320bb1f415555a00b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/fonts/lato/S6uyw4BMUTPHjx4wWCWtFCc.woff HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: font/woff
content-length: 17448
last-modified: Mon, 02 May 2022 05:45:17 GMT
cache-control: max-age=10368000
expires: Thu, 01 Jun 2023 19:48:12 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 19529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGBEQuc%2FVqJntipGWR3P%2B1qtmxbFenwo0h8K%2Fe1iewcsjglnzC5S84vpnmUd%2B0zlHh6v9zwDRHg%2BdPhHU7sl6caAX0Pg0RshK4RtMR4n%2FZRQpnM7cHNHxTJ2ZTNy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d54d90b511-OSL
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&blog=160615302&post=12035&tz=5&srv=abbaspc.net&j=1%3A11.7.1&host=abbaspc.net&ref=&fcp=707&rand=0.2646936342988384

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=160615302&post=12035&tz=5&srv=abbaspc.net&j=1%3A11.7.1&host=abbaspc.net&ref=&fcp=707&rand=0.2646936342988384
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=160615302&post=12035&tz=5&srv=abbaspc.net&j=1%3A11.7.1&host=abbaspc.net&ref=&fcp=707&rand=0.2646936342988384 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 00:49:05 GMT
age: 1477
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

i0.wp.com/abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=192%2C192&ssl=1

192.0.77.2

200 OK

3.5 kB

URL HTTP/2
i0.wp.com/abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=192%2C192&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3492 bytes)
Hash
d2978881beafa397f65778c908bf444f
c0ca3f3e23ae1115d1ad9ec0f3f2829b580f9e61
de8672b0e603221bd1ac82f0b789b6243b2b5bafd6f321fa9c13d5aeca361f12

HTTP Headers

GET /abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: image/webp
content-length: 3492
last-modified: Wed, 27 Apr 2022 09:22:14 GMT
expires: Fri, 26 Apr 2024 21:22:14 GMT
cache-control: public, max-age=63115200
link: <https://abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1108ef191c5aab90"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=32%2C32&ssl=1

192.0.77.2

200 OK

582 B

URL HTTP/2
i0.wp.com/abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=32%2C32&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
582 B (582 bytes)
Hash
1897d463e318ee329c39e28f2fbb223f
5cf46460b756583debc85f2ba82e5874f8179013
3717fdda3011341d7f5333bc6342c074471e18f7e27b70da9fde95d6eaf9f27c

HTTP Headers

GET /abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: image/webp
content-length: 582
last-modified: Tue, 06 Apr 2021 14:05:39 GMT
expires: Fri, 07 Apr 2023 02:05:39 GMT
cache-control: public, max-age=63115200
link: <https://abbaspc.net/wp-content/uploads/2019/04/cropped-icon_AbbasPC.Net_.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4d35752072393cc5"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/abbaspc.net/wp-content/uploads/2019/09/WinX-DVD-Ripper-Platinum-Patch.png?resize=250%2C220&is-pending-load=1

192.0.77.2

200 OK

42 kB

URL HTTP/2
i0.wp.com/abbaspc.net/wp-content/uploads/2019/09/WinX-DVD-Ripper-Platinum-Patch.png?resize=250%2C220&is-pending-load=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
42 kB (41836 bytes)
Hash
b0d21b6b7f91a1bd6b889ecad4daa3e2
316b8b64ae3688d6e0356ee0261686bb5e9f4a67
a99d0393b6f25c2b6f0b93178a32635d86703ecf4500f70914444fe39339d305

HTTP Headers

GET /abbaspc.net/wp-content/uploads/2019/09/WinX-DVD-Ripper-Platinum-Patch.png?resize=250%2C220&is-pending-load=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: image/webp
content-length: 41836
last-modified: Thu, 02 Feb 2023 01:13:42 GMT
expires: Sat, 01 Feb 2025 13:13:42 GMT
cache-control: public, max-age=63115200
link: <http://abbaspc.net/wp-content/uploads/2019/09/WinX-DVD-Ripper-Platinum-Patch.png>; rel="canonical"
x-content-type-options: nosniff
etag: "da435a7f35eaf55e"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14104
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 01:13:42 GMT
Connection: keep-alive

push.services.mozilla.com/

52.33.182.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.33.182.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5hc48Lzw5TejTAxY2FbODQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dG/WLhHCt+F0yuDtDUdeO7BZhJE=

abbaspc.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675296000

172.67.69.237

200 OK

16 kB

URL HTTP/2
abbaspc.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675296000
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (39303), with no line terminators
Size
16 kB (15957 bytes)
Hash
25c7f4e51141e0fbca1a8d13369a1ffa
291fbe6b2676efd9f079e196efd8c200cd9d2e54
89b721bc2adf8170ac43d1a5a27fb6250db6895f7aee0391815ebf47d2d3833f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675296000 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBAF%2FQGjTGyBPRFHbIVOaMc%2B%2F5h%2FrAwpsRR56qBl7EUkDluLvOrhT7bL9C8iGnLft0lJnzVdBGmhc4%2F%2BODRplB81vceuw294RczTGMCzX6Kzkv8al9j%2Fxc0krlLv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d60dd8b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7789
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 01:13:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7789
Expires: Thu, 02 Feb 2023 03:23:32 GMT
Date: Thu, 02 Feb 2023 01:13:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15051 bytes)
Hash
6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 12437
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 10488
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11198 bytes)
Hash
93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: E6YLzYtdv40sBiYxz_GALMjA-Jk2RF9Ghflw68EvB2ty5XDxSQMUjg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:17:09 GMT
age: 10594
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 81825
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2874 bytes)
Hash
a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SESv5V3aaPbGjrzWVKLl6iZuSJPqP-L6xL8KeyxoHawgJfOdgTiEw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 10497
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8296 bytes)
Hash
5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I8d6YKUvs4JH7qeMADQEm5Kl7r7GSvGvjnhxxfXgTclLuRVHeKKjJw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:04:58 GMT
age: 11325
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 13:16:21 GMT
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 16:41:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 462737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0r4G%2FO4j9k3qm9XswDcBoLQb5Yh2ZzjDV4IzV6l7yL03vZx5ByfI1KxK%2F%2FbMXQhC3WwwFtJxmz0GCkki%2BXzns5ovlp6NHFRMjUJw5FYrWVRRk6WqF816TdQ7KNUQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110bad7eb511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/winx-dvd-ripper-platinum-crack

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/winx-dvd-ripper-platinum-crack
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /winx-dvd-ripper-platinum-crack HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:41 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 02 Feb 2023 01:12:54 GMT
cache-control: max-age=0
expires: Thu, 02 Feb 2023 01:13:41 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FO4AQTNeMkve5Est5JqeDwPMaqxouNLzh5kDqgvy8C1n6kBFZbp5IWz6%2BlBht1XRYqRCCYQm65fNv0j2cl0DOVROMWkHuNp4QN7CHmh8w%2B7nOmS6JBQ6oJzBOzI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d38cb6b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/wp-content/themes/hitmag-pro/js/custom-sticky-menu.js?ver=1674735529

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/wp-content/themes/hitmag-pro/js/custom-sticky-menu.js?ver=1674735529
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/min/1/wp-content/themes/hitmag-pro/js/custom-sticky-menu.js?ver=1674735529 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-bgj: minify
expires: Sat, 27 Jan 2024 16:41:33 GMT
last-modified: Thu, 26 Jan 2023 12:18:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 462737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrTntlfFi97OVfQd09yfRLTtbhcx6f%2F9FHVz5GVeIquESsaGEwFQ4XR9erqpcpsG8NcxpdearXa8VPn6uILckm8LZMnulKF0hLGH3BH9N%2BuMPisKI4uBt8AeNrag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110bad78b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1674735530

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1674735530
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1674735530 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-bgj: minify
expires: Fri, 26 Jan 2024 14:57:50 GMT
last-modified: Thu, 26 Jan 2023 12:18:50 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 555360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjI%2Bo%2BzjWKzCxIOT0veHaiEn5ukN0L80hrQ%2FxHm0h3TgowwoZSPgrzkr1pxjZ%2Fd3Vc1tHsp58u9xxib%2BwXGXddi%2FRnOPMRf27lbiaU9yUaP%2F45bMyM66M6zi08v%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110bad81b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 03 Aug 2022 18:31:16 GMT
cache-control: public, max-age=31536000
expires: Fri, 11 Aug 2023 09:10:25 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 15091405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzPcctalLz6owzdhPY8MdKKRJvzJyEgNLkDFeRdsfLv%2FqKGUyJCCDid%2BXNVCZGxaTH2vpPUulTYzniysK18q3iTh3F%2FdPZ7MNh9%2Fda1nhBP%2FcP1%2BL5lBoKTBtXdb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110bad7bb511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1674735529

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1674735529
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1674735529 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-bgj: minify
expires: Fri, 26 Jan 2024 14:57:13 GMT
last-modified: Thu, 26 Jan 2023 12:18:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 555389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCJFHQTC9BdFjR7Ie90kTjjptoUga%2BUTloMhhhc2%2Br%2BREPsC5RerlZEiQsRSudSGVnhtLSogCwW2ZZ01tsmgTQ0otxDRfHY6cnD7fWDFITyScDjedbw5QaMZjonj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d58da6b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/p/jetpack/11.7.1/_inc/build/photon/photon.min.js?ver=1674735529

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/p/jetpack/11.7.1/_inc/build/photon/photon.min.js?ver=1674735529
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/min/1/p/jetpack/11.7.1/_inc/build/photon/photon.min.js?ver=1674735529 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 26 Jan 2023 12:18:49 GMT
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 16:41:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 462737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFFTm%2Bt4jYwR%2FkmqLphHpYqOw20jyiK4QyeSjl2i2SCPiDs106PuWjRXLT88%2B4vKbgDow%2FH8J3Wt55GbTtNi4e36RhYcTZrc4kmiVKpyQBcTI80wHAWuStCA47G%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110b9d71b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/c/6.1.1/wp-includes/js/comment-reply.min.js?ver=1674735530

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/c/6.1.1/wp-includes/js/comment-reply.min.js?ver=1674735530
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/min/1/c/6.1.1/wp-includes/js/comment-reply.min.js?ver=1674735530 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 26 Jan 2023 12:18:50 GMT
cache-control: public, max-age=31536000
expires: Fri, 26 Jan 2024 14:57:50 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 555360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWLLYipBqLfKwniYJOQ2WxLqIeKaqbOQIYrkkjNh35ikbujm136rgC2ufitlGLk2gkN6xiJTak3JmAMLWP5EL6FM5jnxQcY4Q8k9M0AhvPHLfL9KlLopWcUD2a%2B%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110b9d74b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.45-1675107559

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.45-1675107559
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.45-1675107559 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 19:39:19 GMT
cache-control: public, max-age=31536000
expires: Wed, 31 Jan 2024 03:50:02 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 150595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZMNP1l0swQb97ccHqr%2F4G5is2C%2B%2Fyg64Y45%2FR92pV1z%2FbvnIBhpYwQX0GVGmoTfzMxpd1TE16KA3xEEx50wjXwCKw36mcO%2F7%2F5fZxIXNycNAMmh6d8sZme2mU1B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110bad7fb511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/themes/hitmag-pro/js/jquery.sticky.min.js?ver=6.1.1

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/themes/hitmag-pro/js/jquery.sticky.min.js?ver=6.1.1
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/hitmag-pro/js/jquery.sticky.min.js?ver=6.1.1 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Nov 2021 12:43:33 GMT
cache-control: public, max-age=31536000
expires: Thu, 16 Nov 2023 03:44:11 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 6704261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqUf8Dqi9a0EZTex4b%2FcclEeOMV9QCsHJdn4ks16oa0oVqRZPemePeEbgBRhtn5B0jzwN9TeJyOS4LGTTgbYJUP60KHmzsbjMPJThHrw0LPVTqQmMpFRcoQh9zfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110b9d76b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1674735528

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1674735528
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/min/1/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1674735528 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 26 Jan 2023 12:18:48 GMT
cache-control: public, max-age=31536000
expires: Fri, 26 Jan 2024 14:57:15 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 555395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttcKGtTXfgUQolN52x0MaNCUjuhVhITG5RNVkbboZEr3GaXGVr0t9WDjubqjEZa9kcOt1797BeasyFmAiHeivQasaEyiUHX71JNkDr%2B2q2UUE%2FPNoG09H3vwDTPU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110b9d70b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/themes/hitmag-pro/js/theme.min.js?ver=6.1.1

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/themes/hitmag-pro/js/theme.min.js?ver=6.1.1
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/hitmag-pro/js/theme.min.js?ver=6.1.1 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Nov 2021 12:43:33 GMT
cache-control: public, max-age=31536000
expires: Thu, 16 Nov 2023 03:44:11 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 6704261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrJRN6MRjgBhpZ4sV6mIh4fFJQHjlilQsiMcVfEJbMEeUqhaUlByGvtElnb67fPc3lEnsgE1dgZRmzpgaCJnM8EsIqcPMoLKPgvNh88lRKXX%2FU6q%2FGIXntL4QsFb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f110b9d75b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529

172.67.69.237

200 OK

0 B

URL HTTP/2
abbaspc.net/wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529
IP
172.67.69.237:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/min/1/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1674735529 HTTP/1.1
Host: abbaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/winx-dvd-ripper-platinum-crack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-bgj: minify
expires: Sat, 27 Jan 2024 16:41:33 GMT
last-modified: Thu, 26 Jan 2023 12:18:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 462729
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxfnnTvWt%2FgjoT37YiO0104I%2B%2F8UUB6vh3wcsjfcZ8V%2BDxaJ3Q1jTNyRIevzxg35LyTqvzZeJh0sHTQJNTUj4pxZ%2Bu1lSFGrPLGCrp1WiqC0WEpCRxx4B4TASe4b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f10d58da7b511-OSL
content-encoding: br
X-Firefox-Spdy: h2

stats.wp.com/e-202305.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/e-202305.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e-202305.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abbaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 01:13:42 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Wed, 24 Jan 2024 05:54:37 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML